Free Demo Questions

Test Online Free Cisco 300-715 Exam Questions and Answers

Practice a live sample before buying full access. This page keeps the free 300-715 question set organized by page so visitors and search engines can reach the canonical -questions.html URL directly.

Updated Sep 05, 2025 42 Questions 3 Pages

Get 300-715 Full Access

Question 31 Selectable Answer

An engineer is configuring posture assessment for their network access control and needs to use an agent that supports using service conditions as conditions for the assessment. The agent should be run as a background process to avoid user interruption but when it is run. the user can see it .
What is the problem?

A. The engineer is using the "Anyconnect” posture agent but should be using the "Stealth Anyconnect posture agent
B. The posture module was deployed using the headend instead of installing it with SCCM
C. The user was in need of remediation so the agent appeared m the notifications
D. The proper permissions were no! given to the temporal agent to conduct the assessment

Answer:

Question 32 Selectable Answer

An administrator is configuring cisco ISE lo authenticate users logging into network devices using TACACS+ The administrator is not seeing any oí the authentication in the TACACS+ live logs .
Which action ensures the users are able to log into the network devices?

A. Enable the device administration service in the Administration persona
B. Enable the session services in the administration persona
C. Enable the service sessions in the PSN persona.
D. Enable the device administration service in the PSN persona.

Answer:
Explanation:
https://www.cisco.com/c/en/us/td/docs/security/ise/2-4/admin_guide/b_ISE_admin_guide_24/m_ise_tacacs_device_admin.html

Question 33 Selectable Answer

Users in an organization report issues about having to remember multiple usernames and passwords. The network administrator wants the existing Cisco ISE deployment to utilize an external identity source to alleviate this issue .
Which two requirements must be met to implement this change? (Choose two.)

A. Enable IPC access over port 80.
B. Ensure that the NAT address is properly configured
C. Establish access to one Global Catalog server.
D. Provide domain administrator access to Active Directory.
E. Configure a secure LDAP connection.

Answer:

Question 34 Selectable Answer

Refer to the exhibit.

In which scenario does this switch configuration apply?

A. when allowing a hub with multiple clients connected
B. when passing IP phone authentication
C. when allowing multiple IP phones to be connected
D. when preventing users with hypervisor

Answer:
Explanation:
https://www.linkedin.com/pulse/mac-authentication-bypass-priyanka-kumari#:~:text=Multi%2Dauthentication%20host%20mode%3A%20You,allows%20multiple %20source%20MAC%20addresses.

Question 35 Selectable Answer

An engineer is configuring sponsored guest access and needs to limit each sponsored guest to a maximum of two devices. There are other guest services in production that rely on the default guest types .
How should this configuration change be made without disrupting the other guest services currently offering three or more guest devices per user?

A. Create an ISE identity group to add users to and limit the number of logins via the group configuration.
B. Create a new guest type and set the maximum number of devices sponsored guests can register
C. Create an LDAP login for each guest and tag that in the guest portal for authentication.
D. Create a new sponsor group and adjust the settings to limit the devices for each guest.

Answer:

Question 36 Selectable Answer

Refer to the exhibit.
Which two configurations are needed on a catalyst switch for it to be added as a network access device in a Cisco ISE that is being used for 802 1X authentications? (Choose two)

A. Option A
B. Option B
C. Option C
D. Option D
E. Option E

Answer:

Question 37 Written Answer

DRAG DROP
Drag the steps to configure a Cisco ISE node as a primary administration node from the left into the correct order on the night.

Answer:

Explanation:
https://www.cisco.com/c/en/us/td/docs/security/ise/2-4/admin_guide/b_ise_admin_guide_24/b_ise_admin_guide_24_new_chapter_011.html
Step 1
Choose Administration > System > Deployment.
The Register button will be disabled initially. To enable this button, you must configure a Primary PAN.
Step 2
Check the check box next to the current node, and click Edit.
Step 3
Click Make Primary to configure your Primary PAN.
Step 4
Enter data on the General Settings tab.
Step 5
Click Save to save the node configuration.

Question 38 Selectable Answer

An administrator is configuring sponsored guest access using Cisco ISE Access must be restricted to the sponsor portal to ensure that only necessary employees can issue sponsored accounts and employees must be classified to do so.
What must be done to accomplish this task?

A. Configure an identity-based access list in Cisco ISE to restrict the users allowed to login
B. Edit the sponsor portal to only accept members from the selected groups
C. Modify the sponsor groups assigned to reflect the desired user groups
D. Create an authorization rule using the Guest Flow condition to authorize the administrators

Answer:

Question 39 Selectable Answer

An engineer has been tasked with standing up a new guest portal for customers that are waiting in the lobby. There is a requirement to allow guests to use their social media logins to access the guest network to appeal to more customers.
What must be done to accomplish this task?

A. Create a sponsor portal to allow guests to create accounts using their social media logins.
B. Create a sponsored guest portal and enable social media in the external identity sources.
C. Create a self-registered guest portal and enable the feature for social media logins
D. Create a hotspot portal and enable social media login for network access

Answer:

Question 40 Selectable Answer

An engineer is using the low-impact mode for a phased deployment of Cisco ISE and is trying to connect to the network prior to authentication .
Which access will be denied in this?

A. HTTP
B. DNS
C. EAP
D. DHCP

Answer:

Question 41 Selectable Answer

MacOS users are complaining about having to read through wordy instructions when remediating their workstations to gam access to the network.
Which alternate method should be used to tell users how to remediate?

A. URL link
B. message text
C. executable
D. file distribution

Answer:
Explanation:
https://www.sciencedirect.com/topics/computer-science/remediation-action

Question 42 Selectable Answer

If a user reports a device lost or stolen, which portal should be used to prevent the device from accessing the network while still providing information about why the device is blocked?

A. Client Provisioning
B. Guest
C. BYOD
D. Blacklist

Answer:
Explanation:
https://www.cisco.com/c/en/us/td/docs/solutions/Enterprise/Borderless_Networks/Unified_Access/BYOD_Design_Guide/Managing_Lost_or_Stolen_Device.html#90273
The Blacklist identity group is system generated and maintained by ISE to prevent access to lost or stolen devices.
In this design guide, two authorization profiles are used to enforce the permissions for wireless and wired devices within the Blacklist:
✑ Blackhole WiFi Access
✑ Blackhole Wired Access

Current Exam

300-715

Cisco
Implementing and Configuring Cisco Identity Services Engine (SISE)

View Full 300-715 Package