2024年最新の保証された成功できる300-715問題集でCiscoのPDF問題
格別な練習Implementing and Configuring Cisco Identity Services Engine問題集で最速合格させます
質問 # 87
In which scenario does Cisco ISE allocate an Advanced license?
- A. high availability Administrator nodes
- B. dynamic device profiling
- C. endpoint authorization using SGA enforcement
- D. guest services with dACL enforcement
正解:C
質問 # 88
An engineer is working with a distributed deployment of Cisco ISE and needs to configure various network probes to collect a set of attributes from the used to accomplish this task?
- A. policy service
- B. monitoring
- C. pxGrid
- D. primary policy administrator
正解:B
質問 # 89
A network administrator must use Cisco ISE to check whether endpoints have the correct version of antivirus installed Which action must be taken to allow this capability?
- A. Create a Cisco AnyConnect Network Visibility Module configuration profile to send the antivirus information of the endpoints to Cisco ISE.
- B. Configure a native supplicant profile to be used for checking the antivirus version
- C. Create a Cisco AnyConnect configuration within Cisco ISE for the Compliance Module and associated configuration files
- D. Configure Cisco ISE to push the HostScan package to the endpoints to check for the antivirus version.
正解:B
解説:
https://www.cisco.com/c/en/us/td/docs/security/ise/1-2/user_guide/ise_client_prov.html About Anyconnect Network Visibility Module
https://www.cisco.com/c/en/us/td/docs/security/vpn_client/anyconnect/anyconnect45/administration/guide/b_AnyConnect_Administrator_Guide_4-5/nvm.html
質問 # 90
Which two actions occur when a Cisco ISE server device administrator logs in to a device? (Choose two)
- A. The device queries the internal identity store
- B. The device queries the external identity store
- C. The Cisco ISE server queries the internal identity store
- D. The Cisco ISE server queries the external identity store.
- E. The device queries the Cisco ISE authorization server
正解:A、D
質問 # 91
Drag and drop the description from the left onto the protocol on the right that is used to carry out system authentication, authentication, and accounting.
正解:
解説:
質問 # 92
Which two ports must be open between Cisco ISE and the client when you configure posture on Cisco ISE? (Choose two).
- A. DTCP80
- B. TCP 443
- C. TCP 8906
- D. TCP 8443
- E. TCP 8905
正解:A、E
質問 # 93
An engineer tests Cisco ISE posture services on the network and must configure the compliance module to automatically download and install on endpoints Which action accomplishes this task for VPN users?
- A. Push the compliance module from Cisco FTD prior to attempting posture.
- B. Use a compound posture condition to check for the compliance module and download if needed.
- C. Create a Cisco AnyConnect configuration and Client Provisioning policy within Cisco ISE.
- D. Configure the compliance module to be downloaded from within the posture policy.
正解:C
質問 # 94
A network engineer has been tasked with enabling a switch to support standard web authentication for Cisco ISE. This must include the ability to provision for URL redirection on authentication Which two commands must be entered to meet this requirement? (Choose two)
- A. Ip http secure-authentication
- B. Ip http authentication
- C. Ip http redirection
- D. Ip http server
- E. Ip http secure-server
正解:B、E
質問 # 95
An administrator for a small network is configuring Cisco ISE to provide dynamic network access to users. Management needs Cisco ISE to not automatically trigger a CoA whenever a profile change is detected. Instead, the administrator needs to verify the new profile and manually trigger a CoA.
What must be configuring in the profiler to accomplish this goal?
- A. Port Bounce
- B. Reauth
- C. No CoA
- D. Session Query
正解:C
解説:
https://ciscocustomer.lookbookhq.com/iseguidedjourney/ISE-profiling-policies
質問 # 96
Which term refers to an endpoint agent that tries to join an 802.1X-enabled network?
- A. client
- B. EAP server
- C. authenticator
- D. supplicant
正解:D
解説:
Section: Endpoint Compliance
質問 # 97
An administrator is configuring a Cisco ISE posture agent in the client provisioning policy and needs to ensure that the posture policies that interact with clients are monitored, and end users are required to comply with network usage rules Which two resources must be added in Cisco ISE to accomplish this goal? (Choose two)
- A. Cisco ISE NAC
- B. PEAP
- C. AnyConnect
- D. Supplicant
- E. Posture Agent
正解:C、E
解説:
Explanation
https://www.cisco.com/c/en/us/td/docs/security/vpn_client/anyconnect/anyconnect40/administration/guide/b_An
https://www.cisco.com/c/en/us/td/docs/security/ise/2-4/admin_guide/b_ISE_admin_guide_24/m_configure_clien
質問 # 98
What sends the redirect ACL that is configured in the authorization profile back to the Cisco WLC?
- A. Class attribute
- B. Cisco-av-pair
- C. Event
- D. State attribute
正解:B
質問 # 99
Which two fields are available when creating an endpoint on the context visibility page of Cisco IS? (Choose two )
- A. Identity Group Assignment
- B. Endpoint Family
- C. IP Address
- D. Policy Assignment
- E. Security Group Tag
正解:A、D
質問 # 100
What service can be enabled on the Cisco ISE node to identity the types of devices connecting to a network?
- A. MAB
- B. posture
- C. central web authentication
- D. profiling
正解:B
質問 # 101
A new employee just connected their workstation to a Cisco IP phone. The network administrator wants to ensure that the Cisco IP phone remains online when the user disconnects their Workstation from the corporate network Which CoA configuration meets this requirement?
- A. Disconnect
- B. Port Bounce
- C. Reauth
- D. NoCoA
正解:D
質問 # 102
An organization wants to enable web-based guest access for both employees and visitors The goal is to use a single portal for both user types Which two authentication methods should be used to meet this requirement? (Choose two )
- A. LOCAL
- B. MAC based
- C. LDAP
- D. 802 1X
- E. Certificate-based
正解:A、B
質問 # 103
Drag the steps to configure a Cisco ISE node as a primary administration node from the left into the correct order on the night.
正解:
解説:
質問 # 104
An administrator is trying to collect metadata information about the traffic going across the network to gam added visibility into the hosts. This Information will be used to create profiling policies for devices us mg Cisco ISE so that network access policies can be used What must be done to accomplish this task?
- A. Configure the RADIUS profiling probe within Cisco ISE
- B. Configure SNMP to be used with the Cisco ISE appliance
- C. Configure NetFlow to be sent to me Cisco ISE appliance.
- D. Configure the DHCP probe within Cisco ISE
正解:C
質問 # 105
An engineer is designing a BYOD environment utilizing Cisco ISE for devices that do not support native supplicants Which portal must the security engineer configure to accomplish this task?
- A. BYOD
- B. Client provisioning
- C. My devices
- D. MDM
正解:C
解説:
https://www.cisco.com/c/en/us/td/docs/security/ise/2-2/admin_guide/b_ise_admin_guide_22/b_ise_admin_guide_22_chapter_01111.html
質問 # 106
An engineer deploys Cisco ISE and must configure Active Directory to then use information from Active Directory in an authorization policy. Which two components must be configured, in addition to Active Directory groups, to achieve this goat? (Choose two )
- A. Library Condition for External Identity. External Groups
- B. LDAP External Identity Sources
- C. Identity Source Sequences
- D. Active Directory External Identity Sources
正解:A、D
解説:
E Library Condition for Identity Group: User Identity Group
質問 # 107
......
300-715試験問題集と保証された成功率:https://jp.fast2test.com/300-715-premium-file.html
最高品質のCisco 300-715試験問題:https://drive.google.com/open?id=1x0Ce0kXOoBNVYasSALfw9a43GewLsqr7