300-715 Free Practice Test

When planning for the deployment of Cisco ISE, an organization's security policy dictates that they must use network access authentication via RADIUS. It also states that the deployment provide an adequate amount of security and visibility for the hosts on the network. Why should the engineer configure MAB in this situation?

1. A. The Cisco switches only support MAB.
2. B. MAB provides the strongest form of authentication available.
3. C. The devices in the network do not have a supplicant.
4. D. MAB provides user authentication.

Correct Answer: C

A policy is being created in order to provide device administration access to the switches on a network. There is a requirement to ensure that if the session is not actively being used, after 10 minutes, it will be disconnected. Which task must be configured in order to meet this requirement?

1. A. session timeout
2. B. idle time
3. C. monitor
4. D. set attribute as

Correct Answer: A
https://www.cisco.com/c/en/us/td/docs/security/ise/2-4/admin_guide/b_ISE_admin_guide_24/m_admin_ac

In which two ways can users and endpoints be classified for TrustSec? (Choose Two.)

1. A. VLAN
2. B. SXP
3. C. dynamic
4. D. QoS
5. E. SGACL

Correct Answer: AE

A security administrator is using Cisco ISE to create a BYOD onboarding solution for all employees who use personal devices on the corporate network. The administrator generates a Certificate Signing Request and signs the request using an external Certificate Authority server. Which certificate usage option must be selected when importing the certificate into ISE?

1. A. RADIUS
2. B. DLTS
3. C. Portal
4. D. Admin

Correct Answer: C

Which two features should be used on Cisco ISE to enable the TACACS+ feature? (Choose two )

1. A. External TACACS Servers
2. B. Device Admin Service
3. C. Device Administration License
4. D. Server Sequence
5. E. Command Sets

Correct Answer: BC