Cisco Implementing and Configuring Cisco Identity Services Engine - 300-715 Exam Practice Test

Which CLI command must be configured on the switchport to immediately run the MAB process if a non-802 1X capable endpoint connects to the port?

An administrator must deploy the Cisco Secure Client posture agent to employee endpoints that access a wireless network by using URL redirection in Cisco ISE. The compliance module must be downloaded from Cisco and uploaded to the Cisco ISE client provisioning resource. What must be used to upload the compliance module?

Which device acts as an authenticator during the 802.1X authentication process?

An engineer is deploying a new guest WLAN for a company. The company wants this WLAN to use a sponsored guest portal for secure guest access. The wireless LAN controller must direct the guests to a web page on Cisco ISE for authentication. Which type of authentication must be configured for the guest portal in Cisco ISE?

Which two task types are included in the Cisco ISE common tasks support for TACACS+ profiles? (Choose two.)

An engineer is using profiling to determine what access an endpoint must receive. After configuring both Cisco ISE and the network devices for 802.1X and profiling, the endpoints do not profile prior to authentication.
What are two reasons this is happening? (Choose two.)

An administrator must configure Cisco ISE to authenticate a user accessing a Cisco Adaptive Security Appliance firewall using SSH. The solution must meet these requirements:
- The local Cisco ISE database must be used for user authentication
- ASA commands run by users must be validated
The configurations were performed:
- added the Cisco Adaptive Security Appliance firewall
- configured user accounts
- enabled Device Admin Service in Cisco ISE
- configured a TACACS profile
- configured an authorization policy
- configured the Cisco Adaptive Security Appliance firewall for
authentication and authorization
Which two actions must be taken in Cisco ISE? (Choose two.)

A company is deploying new Cisco switches on a local network. The network engineer must configure TACACS+ between the switches and Cisco ISE. What configuration value is mandatory on the switch and Cisco ISE?

A network engineer responsible for the switching environment must provision a new switch to properly propagate security group tags within the TrustSec inline method. Which CLI command must the network engineer enter on the switch to globally enable the tagging of SGTs?

An engineer is configuring web authentication and needs to allow specific protocols to permit DNS traffic. Which type of access list should be used for this configuration?

An administrator needs to allow guest devices to connect to a private network without requiring usernames and passwords.
Which two features must be configured to allow for this? (Choose two.)

What gives Cisco ISE an option to scan endpoints for vulnerabilities?

What are the three default behaviors of Cisco ISE with respect to authentication, when a user connects to a switch that is configured for 802.1X, MAB, and WebAuth? (Choose three)

Which three conditions can be used for posture checking? (Choose three.)

When configuring an authorization policy, an administrator cannot see specific Active Directory groups present in their domain to be used as a policy condition.
However, other groups that are in the same domain are seen. What is causing this issue?