Big 11.11 Sale 65% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: sale65best

Free Cisco 300-715 Practice Exam with Questions & Answers | Set: 3

Questions 21

What does a fully distributed Cisco ISE deployment include?

Options:
A.

PAN and PSN on the same node while MnTs are on their own dedicated nodes.

B.

PAN and MnT on the same node while PSNs are on their own dedicated nodes.

C.

All Cisco ISE personas on their own dedicated nodes.

D.

All Cisco ISE personas are sharing the same node.

Cisco 300-715 Premium Access
Questions 22

Refer to the exhibit.

300-715 Question 22

An organization recently implemented network device administration using Cisco ISE. Upon testing the ability to access all of the required devices, a user in the Cisco ISE group IT Admins is attempting to login to a device in their organization's finance department but is unable to. What is the problem?

Options:
A.

The IT training rule is taking precedence over the IT Admins rule.

B.

The authorization conditions wrongly allow IT Admins group no access to finance devices.

C.

The finance location is not a condition in the policy set.

D.

The authorization policy doesn't correctly grant them access to the finance devices.

Questions 23

What are two differences of TACACS+ compared to RADIUS? (Choose two.)

Options:
A.

TACACS+ uses a connectionless transport protocol, whereas RADIUS uses a connection-oriented transport protocol.

B.

TACACS+ encrypts the full packet payload, whereas RADIUS only encrypts the password.

C.

TACACS+ only encrypts the password, whereas RADIUS encrypts the full packet payload.

D.

TACACS+ uses a connection-oriented transport protocol, whereas RADIUS uses a connectionless transport protocol.

E.

TACACS+ supports multiple sessions per user, whereas RADIUS supports one session per user.

Questions 24

An administrator has added a new Cisco ISE PSN to their distributed deployment. Which two features must the administrator enable to accept authentication requests and profile the endpoints correctly, and add them to their respective endpoint identity groups? (Choose two )

Options:
A.

Session Services

B.

Endpoint Attribute Filter

C.

Posture Services

D.

Profiling Services

E.

Radius Service

Questions 25

An engineer must configure guest access on Cisco ISE for company visitors. Which step must be taken on the Cisco ISE PSNs before a guest portal is configured?

Options:
A.

Enable profiling services.

B.

Install SSL certificates.

C.

Create a node group.

D.

Enable session services.

Questions 26

Which are two characteristics of TACACS+? (Choose two)

Options:
A.

It uses TCP port 49.

B.

It combines authorization and authentication functions.

C.

It separates authorization and authentication functions.

D.

It encrypts the password only.

E.

It uses UDP port 49.

Questions 27

What is the maximum number of PSN nodes supported in a medium-sized deployment?

Options:
A.

three

B.

five

C.

two

D.

eight

Questions 28

An engineer is unable to use SSH to connect to a switch after adding the required CLI commands to the device to enable TACACS+. The device administration license has been added to Cisco ISE, and the required policies have been created. Which action is needed to enable access to the switch?

Options:
A.

The ip ssh source-interface command needs to be set on the switch

B.

802.1X authentication needs to be configured on the switch.

C.

The RSA keypair used for SSH must be regenerated after enabling TACACS+.

D.

The switch needs to be added as a network device in Cisco ISE and set to use TACACS+.

Questions 29

What are the minimum requirements for deploying the Automatic Failover feature on Administration nodes in a distributed Cisco ISE deployment?

Options:
A.

a primary and secondary PAN and a health check node for the Secondary PAN

B.

a primary and secondary PAN and no health check nodes

C.

a primary and secondary PAN and a pair of health check nodes

D.

a primary and secondary PAN and a health check node for the Primary PAN

Questions 30

A customer wants to set up the Sponsor portal and delegate the authentication flow to a third party for added security while using Kerberos Which database should be used to accomplish this goal?

Options:
A.

RSA Token Server

B.

Active Directory

C.

Local Database

D.

LDAP

Exam Code: 300-715
Certification Provider: Cisco
Exam Name: Implementing and Configuring Cisco Identity Services Engine (SISE) v4.0 (300-715 SISE)
Last Update: Nov 17, 2025
Questions: 299

Cisco Related Exams

How to pass Cisco 300-710 - Securing Networks with Cisco Firepower (300-710 SNCF) Exam
How to pass Cisco 300-720 - Securing Email with Cisco Email Security Appliance (300-720 SESA) Exam
How to pass Cisco 300-725 - Securing the Web with Cisco Web Security Appliance (300-725 SWSA) Exam
How to pass Cisco 300-730 - Implementing Secure Solutions with Virtual Private Networks (SVPN) Exam
How to pass Cisco 300-735 - Automating and Programming Cisco Security Solutions (300-735 SAUTO) Exam
How to pass Cisco 350-701 - Implementing and Operating Cisco Security Core Technologies (SCOR 350-701) Exam
How to pass Cisco 300-740 - Designing and Implementing Secure Cloud Access for Users and Endpoints (SCAZT) Exam
500-220 - Engineering Cisco Meraki Solutions (ECMS) v2.2
CCST-Networking - Cisco Certified Support Technician (CCST) Networking Exam
350-601 - Implementing Cisco Data Center Core Technologies (350-601 DCCOR)
500-651 - Security Architecture for Systems Engineer (SASE)
300-810 - Implementing Cisco Collaboration Applications (CLICA)
700-803 - IoT Connected Safety and Security Account Manager
300-630 - Implementing Cisco Application Centric Infrastructure - Advanced (DCACIA)
500-560 - Cisco Networking: On-Premise and Cloud Solutions
Cisco Free Access
Get Cisco Full Access

Cisco Free Exams
Cisco Free Exams
Examstrack offers free Cisco exam materials and practice tests to aid your Cisco certification journey.