최신 300-715 무료덤프 - Cisco Implementing and Configuring Cisco Identity Services Engine
Which configuration is required in the Cisco ISE authentication policy to allow Central Web Authentication?
정답: C
설명: (DumpTOP 회원만 볼 수 있음)
An engineer is designing a new distributed deployment for Cisco ISE in the network and is considering failover options for the admin nodes. There is a need to ensure that an admin node is available for configuration of policies at all times. What is the requirement to enable this feature?
정답: A
Refer to the exhibit. An engineer is creating a new TACACS+ command set and cannot use any show commands after logging into the device with this command set authorization.
Which configuration is causing this issue?
Which configuration is causing this issue?
정답: B
Which CLI command must be configured on the switchport to immediately run the MAB process if a non-802 1X capable endpoint connects to the port?
정답: C
Which two probes must be enabled for the ARP cache to function in the Cisco ISE profile service so that a user can reliably bind the IP address and MAC addresses of endpoints? (Choose two.)
정답: A,D
설명: (DumpTOP 회원만 볼 수 있음)
A Cisco ISE administrator is setting up Central Web Authentication to be used for user endpoint authentication. The client cannot reach the guest portal to log in and gain access, but DNS is functioning properly and the guest portal is enabled. What else must be configured to gain access?
정답: A
An engineer must use Cisco ISE profiler services to provide network access to Cisco IP phones that cannot support 802.1X. Cisco ISE is configured to use the access switch device sensor information system-description and platform-type to profile Cisco IP phones and allow access.
Which two protocols must be configured on the switch to complete the configuration? (Choose two.)
Which two protocols must be configured on the switch to complete the configuration? (Choose two.)
정답: B,C
설명: (DumpTOP 회원만 볼 수 있음)
An administrator is configuring TACACS+ on a Cisco switch but cannot authenticate users with Cisco ISE.
The configuration contains the correct key of Cisc039712287. But the switch is not receiving a response from the Cisco ISE instance.
What must be done to validate the AAA configuration and identify the problem with the TACACS+ servers?
The configuration contains the correct key of Cisc039712287. But the switch is not receiving a response from the Cisco ISE instance.
What must be done to validate the AAA configuration and identify the problem with the TACACS+ servers?
정답: C
설명: (DumpTOP 회원만 볼 수 있음)
An administrator must configure Cisco ISE to authenticate a user accessing a Cisco Adaptive Security Appliance firewall using SSH. The solution must meet these requirements:
- The local Cisco ISE database must be used for user authentication
- ASA commands run by users must be validated
The configurations were performed:
- added the Cisco Adaptive Security Appliance firewall
- configured user accounts
- enabled Device Admin Service in Cisco ISE
- configured a TACACS profile
- configured an authorization policy
- configured the Cisco Adaptive Security Appliance firewall for
authentication and authorization
Which two actions must be taken in Cisco ISE? (Choose two.)
- The local Cisco ISE database must be used for user authentication
- ASA commands run by users must be validated
The configurations were performed:
- added the Cisco Adaptive Security Appliance firewall
- configured user accounts
- enabled Device Admin Service in Cisco ISE
- configured a TACACS profile
- configured an authorization policy
- configured the Cisco Adaptive Security Appliance firewall for
authentication and authorization
Which two actions must be taken in Cisco ISE? (Choose two.)
정답: A,E
An engineer is configuring sponsored guest access and needs to limit each sponsored guest to a maximum of two devices. There are other guest services in production that rely on the default guest types. How should this configuration change be made without disrupting the other guest services currently offering three or more guest devices per user?
정답: C
A network engineer received alerts from the monitoring platform that a switch port exists with multiple sessions. RADIUS CoA using Cisco ISE must be used to address the issue. Which RADIUS CoA configuration must be used?
정답: D
An administrator is configuring a Cisco WLC for web authentication.
Which two client profiling methods are enabled by default if the Apply Cisco ISE Default Settings check box has been selected? (Choose two.)
Which two client profiling methods are enabled by default if the Apply Cisco ISE Default Settings check box has been selected? (Choose two.)
정답: C,D
설명: (DumpTOP 회원만 볼 수 있음)
Which profiling probe collects the user-agent string?
정답: B
Drag and Drop Question
Drag the descriptions on the left onto the components of 802.1X on the right.
Drag the descriptions on the left onto the components of 802.1X on the right.
정답:
Explanation:
https://www.cisco.com/c/en/us/td/docs/ios-xml/ios/sec_usr_8021x/configuration/xe-3se/3850/sec- user-8021x-xe-3se-3850-book/config-ieee-802x-pba.html
The security engineer for a company has recently deployed Cisco ISE to perform centralized authentication of all network device logins using TACACSs+ against the local AD domain. Some of the other network engineers are having a hard time remembering to enter their AD account password instead of the local admin password that they have used for years. The security engineer wants to change the password prompt to "Use Local AD Password:" as a way of providing a hint to the network engineers when logging in. Under which page in Cisco ISE would this change be made?
정답: B