최신 300-715 무료덤프 - Cisco Implementing and Configuring Cisco Identity Services Engine

문제1

A security engineer configures a Cisco Catalyst switch to use Cisco TrustSec. The engineer must define the PAC key to authenticate the switch to Cisco IISE. Drag and drop the commands from the left into sequence on the right. Not all options are used.

정답:

문제2

Which two default guest portals are available with Cisco ISE? (Choose two.)

A. WIFI-access

B. central web authentication

C. visitor

D. sponsored

E. self-registered

정답: D,E

문제3

Drag the steps to configure a Cisco ISE node as a primary administration node from the left into the correct order on the night.

정답:

문제4

An engineer wants to use certificate authentication for endpoints that connect to a wired network integrated with Cisco ISE. The engineer needs to define the certificate field used as the principal username. Which component would be needed to complete the configuration?

A. Authentication profile

B. Authorization rule

C. Authentication policy

D. Authorization profile

정답: A

문제5

Which two endpoint compliance statuses are possible? (Choose two.)

A. invalid

B. compliant

C. valid

D. known

E. unknown

정답: B,E

문제6

What is the difference between how RADIUS and TACACS+ handle encryption?

A. RADIUS encrypts the entire packet, whereas TACACS+ only encrypts the password field.

B. RADIUS encrypts the entire packet, whereas TACACS+ encrypts only the username and password fields.

C. RADIUS encrypts only the username and password fields, whereas TACACS+ encrypts the entire packet.

D. RADIUS only encrypts the password field, whereas TACACS+ encrypts the payload of the packet.

정답: D

문제7

A network administrator changed a Cisco ISE deployment from pilot to production and noticed that the JVM memory utilization increased significantly. The administrator suspects this is due to replication between the nodes What must be configured to minimize performance degradation?

A. Enable the endpoint attribute filter

B. Change the reauthenticate interval.

C. Ensure that Cisco ISE is updated with the latest profiler feed update

D. Review the profiling policies for any misconfiguration

정답: A

설명: (DumpTOP 회원만 볼 수 있음)

문제8

Refer to the exhibit

Refer to the exhibit. In which scenario does this switch configuration apply?

A. when preventing users with hypervisor

B. when passing IP phone authentication

C. when allowing a hub with multiple clients connected

D. when allowing multiple IP phones to be connected

정답: C

설명: (DumpTOP 회원만 볼 수 있음)

문제9

What are two differences of TACACS+ compared to RADIUS? (Choose two.)

A. TACACS+ uses a connection-oriented transport protocol, whereas RADIUS uses a connectionless transport protocol.

B. TACACS+ encrypts the full packet payload, whereas RADIUS only encrypts the password.

C. TACACS+ uses a connectionless transport protocol, whereas RADIUS uses a connection-oriented transport protocol.

D. TACACS+ supports multiple sessions per user, whereas RADIUS supports one session per user.

E. TACACS+ only encrypts the password, whereas RADIUS encrypts the full packet payload.

정답: A,B

문제10

What are two differences between the RADIUS and TACACS+ protocols'? (Choose two.)

A. RADIUS enables encryption of all the packets, whereas with TACACS+. only the password is encrypted.

B. RADIUS combines authentication and authorization, whereas TACACS+ does not

C. RADIUS is a Cisco proprietary protocol, whereas TACACS+ is an open standard protocol

D. TACACS+uses TCP port 49. whereas RADIUS uses UDP ports 1812 and 1813.

E. RADIUS offers multiprotocol support, whereas TACACS+ does not

정답: B,D

문제11

On which port does Cisco ISE present the Admin certificate for posture and client provisioning?

A. TCP/8080

B. TCP/8999

C. TCP/8000

D. TCP/8905

정답: B

문제12

An engineer deploys Cisco ISE and must configure Active Directory to then use information from Active Directory in an authorization policy. Which two components must be configured, in addition to Active Directory groups, to achieve this goat? (Choose two )

A. LDAP External Identity Sources

B. Active Directory External Identity Sources

C. Library Condition for External Identity. External Groups

D. Identity Source Sequences

정답: B,C

설명: (DumpTOP 회원만 볼 수 있음)

문제13

Drag and drop the configuration steps from the left into the sequence on the right to install two Cisco ISE nodes in a distributed deployment.

정답:

문제14

An administrator is trying to collect metadata information about the traffic going across the network to gam added visibility into the hosts. This Information will be used to create profiling policies for devices us mg Cisco ISE so that network access policies can be used What must be done to accomplish this task?

A. Configure SNMP to be used with the Cisco ISE appliance

B. Configure the RADIUS profiling probe within Cisco ISE

C. Configure NetFlow to be sent to me Cisco ISE appliance.

D. Configure the DHCP probe within Cisco ISE

정답: D

문제15

An administrator is configuring a switch port for use with 802 1X What must be done so that the port will allow voice and multiple data endpoints?

A. Use the command authentication host-mode multi-domain on the port

B. Configure the port with the authentication host-mode multi-auth command

C. Connect a hub to the switch port to allow multiple devices access after authentication

D. Connect the data devices to the port, then attach the phone behind them.

정답: B

문제16

Which platform does a Windows-based device download the Network Assistant Manager from?

A. native OS

B. Cisco ISE

C. Cisco Catalyst Switch

D. Microsoft app store

정답: B

문제17

An engineer is configuring 802.1X and is testing out their policy sets. After authentication, some endpoints are given an access-reject message but are still allowed onto the network. What is causing this issue to occur?

A. The authorization results for the endpoints include the Trusted security group tag.

B. The switch port is configured with authentication open.

C. The switch port is configured with authentication event server dead action authorize vlan.

D. The authorization results for the endpoints include a dACL allowing access.

정답: B

문제18

A network security administrator wants to integrate Cisco ISE with Active Directory. Which configuration action must the security administrator take to accomplish the task?

A. Search Active Directory to see if admin user account exists.

B. Join Cisco ISE to the Active Directory domain.

C. Remove Cisco ISE user account from the domain.

D. Remove the ISE machine account from the domain.

정답: B

문제19

What is a difference between TACACS+ and RADIUS in regards to encryption?

A. TACACS+ encrypts the entire packet, whereas RADIUS encrypts only the password.

B. TACACS+ encrypts the password, whereas RADIUS sends the entire packet in clear text.

C. TACACS+ encrypts only the password, whereas RADIUS encrypts the username and password.

D. TACACS+ encrypts the username and password, whereas RADIUS encrypts only the password.

정답: A

최신 300-715 무료덤프 - Cisco Implementing and Configuring Cisco Identity Services Engine

우리와 연락하기

유용한 링크

최신 업데이트