Implementing and Configuring Cisco Identity Services Engine (300-715 SISE) v1.0 (300-715)

Page:    1 / 6   
Total 89 questions

Which protocol must be allowed for a BYOD device to access the BYOD portal?

  • A. HTTPS
  • B. HTTP
  • C. SSH
  • D. SMTP


Answer : A

Which two components are required for creating a Native Supplicant Profile within a BYOD flow? (Choose two.)

  • A. Redirect ACL
  • B. Connection Type
  • C. Operating System
  • D. Windows Settings
  • E. iOS Settings


Answer : CE

If a user reports a device lost or stolen, which portal should be used to prevent the device from accessing the network while still providing information about why the device is blocked?

  • A. Client Provisioning
  • B. BYOD
  • C. Guest
  • D. Block list


Answer : D

Reference:
https://www.cisco.com/c/en/us/td/docs/security/ise/1-3/admin_guide/b_ise_admin_guide_13/b_ise_admin_guide_sample_chapter_010000.html

Which two endpoint compliance statuses are possible? (Choose two.)

  • A. compliant
  • B. valid
  • C. unknown
  • D. known
  • E. invalid


Answer : AC

Which portal is used to customize the settings for a user to log in and download the compliance module?

  • A. Client Provisioning
  • B. Client Endpoint
  • C. Client Profiling
  • D. Client Guest


Answer : A

Which Cisco ISE service allows an engineer to check the compliance of endpoints before connecting to the network?

  • A. qualys
  • B. posture
  • C. personas
  • D. nexpose


Answer : B

Which two ports must be open between Cisco ISE and the client when you configure posture on Cisco ISE? (Choose two.)

  • A. TCP 80
  • B. TCP 8905
  • C. TCP 8443
  • D. TCP 8906
  • E. TCP 443


Answer : BC

Reference:
https://www.cisco.com/c/en/us/td/docs/security/ise/2-0/installation_guide/b_ise_InstallationGuide20/
Cisco_SNS_3400_Series_Appliance_Ports_Reference.html

What are two components of the posture requirement when configuring Cisco ISE posture? (Choose two.)

  • A. Client Provisioning portal
  • B. remediation actions
  • C. updates
  • D. access policy
  • E. conditions


Answer : BE

Which term refers to an endpoint agent that tries to join an 802.1X-enabled network?

  • A. EAP server
  • B. authenticator
  • C. supplicant
  • D. client


Answer : C

Which port does Cisco ISE use for native supplicant provisioning of a Windows laptop?

  • A. TCP 8905
  • B. TCP 8909
  • C. TCP 443
  • D. UDP 1812


Answer : B

Reference:
https://www.cisco.com/c/en/us/td/docs/security/ise/2-1/admin_guide/b_ise_admin_guide_21/b_ise_admin_guide_20_chapter_010101.html

DRAG DROP -
Drag the Cisco ISE node types from the left onto the appropriate purposes on the right.
Select and Place:




Answer :

What must match between Cisco ISE and the network access device to successfully authenticate endpoints?

  • A. shared secret
  • B. profile
  • C. certificate
  • D. SNMP version


Answer : A

Reference:
https://www.cisco.com/en/US/docs/security/ise/1.0/user_guide/ise10_man_network_devices.html

When planning for the deployment of Cisco ISE, an organization's security policy dictates that they must use network access authentication via RADIUS. It also states that the deployment needs to provide an adequate amount of security and visibility for the hosts on the network.
Why should the engineer configure MAB in this situation?

  • A. The Cisco switches only support MAB.
  • B. MAB provides the strongest form of authentication available.
  • C. MAB provides user authentication.
  • D. The devices in the network do not have a supplicant.


Answer : D

Which two task types are included in the Cisco ISE common tasks support for TACACS+ profiles? (Choose two.)

  • A. ASA
  • B. Firepower
  • C. Shell
  • D. WLC
  • E. IOS


Answer : CD

Reference:
https://www.cisco.com/c/en/us/td/docs/security/ise/2--1/admin_guide/b_ise_admin_guide_21/b_ise_admin_guide_20_chapter_0100010.html

What are two benefits of TACACS+ versus RADIUS for device administration? (Choose two.)

  • A. TACACS+ has command authorization, and RADIUS does not.
  • B. TACACS+ uses UDP, and RADIUS uses TCP.
  • C. TACACS+ supports 802.1X, and RADIUS supports MAB.
  • D. TACACS+ provides the service type, and RADIUS does not.
  • E. TACACS+ encrypts the whole payload, and RADIUS encrypts only the password.


Answer : AE

Page:    1 / 6   
Total 89 questions