Weekend Sale 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: Board70

300-715 Exam Dumps - Cisco CCNP Security Questions and Answers

Question # 84

An administrator has added a new Cisco ISE PSN to their distributed deployment. Which two features must the administrator enable to accept authentication requests and profile the endpoints correctly, and add them to their respective endpoint identity groups? (Choose two )

Options:

A.

Session Services

B.

Endpoint Attribute Filter

C.

Posture Services

D.

Profiling Services

E.

Radius Service

Buy Now
Question # 85

An engineer is deploying a new Cisco ISE environment for a company. The company wants the deployment to use TACACS+. The engineer verifies that Cisco ISE has a Device Administration license. What must be configured to enable TACACS+ operations?

Options:

A.

Device Administration Work Center

B.

Device Admin service

C.

Device Administration Deployment settings

D.

Device Admin Policy Sets settings

Buy Now
Question # 86

A security administrator is using Cisco ISE to create a BYOD onboarding solution for all employees who use personal devices on the corporate network. The administrator generates a Certificate Signing Request and signs the request using an external Certificate Authority server. Which certificate usage option must be selected when importing the certificate into ISE?

Options:

A.

RADIUS

B.

DLTS

C.

Portal

D.

Admin

Buy Now
Question # 87

An engineer is enabling a newly configured wireless SSID for tablets and needs visibility into which other types of devices are connecting to it. What must be done on the Cisco WLC to provide this information to Cisco ISE9

Options:

A.

enable IP Device Tracking

B.

enable MAC filtering

C.

enable Fast Transition

D.

enable mDNS snooping

Buy Now
Question # 88

What happens when an internal user is configured with an external identity store for authentication, but an engineer uses the Cisco ISE admin portal to select an internal identity store as the identity source?

Options:

A.

Authentication is redirected to the internal identity source.

B.

Authentication is redirected to the external identity source.

C.

Authentication is granted.

D.

Authentication fails.

Buy Now
Question # 89

An administrator replaced a PSN in the distributed Cisco ISE environment. When endpoints authenticate to it, the devices are not getting the right profiles or attributes and as a result, are not hitting the correct policies. This was working correctly on the previous PSN. Which action must be taken to ensure the endpoints get identified?

Options:

A.

Verify that the MnT node is tracking the session.

B.

Verify the shared secret used between the switch and the PSN.

C.

Verify that the profiling service is running on the new PSN.

D.

Verify that the authentication request the PSN is receiving is not malformed.

Buy Now
Question # 90

An engineer is configuring Central Web Authentication in Cisco ISE to provide guest access. When an authentication rule is configured in the Default Policy Set for the Wired_MAB or Wireless_MAB conditions, what must be selected for the "if user not found" setting?

Options:

A.

CONTINUE

B.

REJECT

C.

ACCEPT

D.

DROP

Buy Now
Question # 91

An engineer is implementing Cisco ISE and needs to configure 802.1X. The port settings are configured for port-based authentication. Which command should be used to complete this configuration?

Options:

A.

dot1x pae authenticator

B.

dot1x system-auth-control

C.

authentication port-control auto

D.

aaa authentication dot1x default group radius

Buy Now
Exam Code: 300-715
Exam Name: Implementing and Configuring Cisco Identity Services Engine (SISE) v4.0 (300-715 SISE)
Last Update: Sep 14, 2025
Questions: 295
300-715 pdf

300-715 PDF

$28.5  $94.99
 Add to Cart
300-715 Engine

300-715 Testing Engine

$33  $109.99
 Add to Cart
300-715 PDF + Engine

300-715 PDF + Testing Engine

$43.5  $144.99
 Add to Cart