Cisco (300-715-SISE) Exam Questions And Answers page 15
A network administrator changed a Cisco ISE deployment from pilot to production and noticed that the JVM memory utilization increased significantly. The administrator suspects this is due to replication between the nodes.
What must be configured to minimize performance degradation?
What must be configured to minimize performance degradation?
Review the profiling policies for any misconfiguration.
Ensure that Cisco ISE is updated with the latest profiler feed update.
Change the reauthentication interval.
Identity Services Engine (ISE) Architecture and Deployment
ISE Endpoint Compliance Services
What does the dot1x system-auth-control command do?
globally enables 802.1x
causes a network access switch not to track 802.1x sessions
enables 802.1x on a network access device interface
causes a network access switch to track 802.1x sessions
Identity Services Engine (ISE) Architecture and Deployment
ISE Authentication and Authorization Policies
Which ports are commonly used by network devices for CoA?
Multiple Choice
Which two ports do network devices typically use for CoA? (Choose two.)
19005
443
3799
8080
1700
Identity Services Engine (ISE) Architecture and Deployment
ISE Authentication and Authorization Policies
A network administrator must use Cisco ISE to check whether endpoints have the correct version of antivirus installed.
Which action must be taken to allow this capability?
Which action must be taken to allow this capability?
Create a Cisco AnyConnect Network Visibility Module configuration profile to send the antivirus information of the endpoints to Cisco ISE.
Configure Cisco ISE to push the HostScan package to the endpoints to check for the antivirus version.
Configure a native supplicant profile to be used for checking the antivirus version.
Create a Cisco AnyConnect configuration within Cisco ISE for the Compliance Module and associated configuration files.
Identity Services Engine (ISE) Architecture and Deployment
ISE Endpoint Compliance Services
What does a fully distributed Cisco ISE deployment include?
PAN and MnT on the same node while PSNs are on their own dedicated nodes.
All Cisco ISE personas are sharing the same node.
All Cisco ISE personas on their own dedicated nodes.
PAN and PSN on the same node while MnTs are on their own dedicated nodes.
Identity Services Engine (ISE) Architecture and Deployment
ISE Guest Services
Drag and drop the description from the left onto the protocol on the right that is used to carry out system authentication, authorization, and accounting.
Identity Services Engine (ISE) Architecture and Deployment
ISE Authentication and Authorization Policies
How is policy services node redundancy achieved in a deployment?
by creating a node group
by deploying both primary and secondary node
by enabling VIP
by utilizing RADIUS server list on the NAD
Identity Services Engine (ISE) Architecture and Deployment
ISE Endpoint Compliance Services
What scenario does this switch configuration apply to?
Single Choice
Refer to the exhibit.
In which scenario does this switch configuration apply?
when allowing a hub with multiple clients connected
when allowing multiple IP phones to be connected
when preventing users with hypervisor
when bypassing IP phone authentication
Identity Services Engine (ISE) Architecture and Deployment
ISE Guest Services
What gives Cisco ISE an option to scan endpoints for vulnerabilities?
authentication policy
authorization profile
authentication profile
authorization policy
Identity Services Engine (ISE) Architecture and Deployment
ISE Endpoint Compliance Services
Which two fields are available when creating an endpoint on the context visibility page of Cisco ISE? (Choose two.)
Security Group Tag
Endpoint Family
Policy Assignment
Identity Group Assignment
IP Address
Identity Services Engine (ISE) Architecture and Deployment
ISE Endpoint Compliance Services
Comments