New Year Special 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: Board70

CCNP Security 300-715 Dumps PDF

Page: 6 / 8
Question 24

Which interface-level command is needed to turn on 802 1X authentication?

Options:

A.

Dofl1x pae authenticator

B.

dot1x system-auth-control

C.

authentication host-mode single-host

D.

aaa server radius dynamic-author

Question 25

An engineer is configuring web authentication and needs to allow specific protocols to permit DNS traffic. Which type of access list should be used for this configuration?

Options:

A.

reflexive ACL

B.

extended ACL

C.

standard ACL

D.

numbered ACL

Question 26

What is an advantage of using EAP-TLS over EAP-MS-CHAPv2 for client authentication?

Options:

A.

EAP-TLS uses a username and password for authentication to enhance security, while EAP-MS-CHAPv2 does not.

B.

EAP-TLS secures the exchange of credentials, while EAP-MS-CHAPv2 does not.

C.

EAP-TLS uses a device certificate for authentication to enhance security, while EAP-MS-CHAPv2 does not.

D.

EAP-TLS uses multiple forms of authentication, while EAP-MS-CHAPv2 only uses one.

Question 27

What are two benefits of TACACS+ versus RADIUS for device administration? (Choose two )

Options:

A.

TACACS+ supports 802.1X, and RADIUS supports MAB

B.

TACACS+ uses UDP, and RADIUS uses TCP

C.

TACACS+ has command authorization, and RADIUS does not.

D.

TACACS+ provides the service type, and RADIUS does not

E.

TACACS+ encrypts the whole payload, and RADIUS encrypts only the password.

Page: 6 / 8
Exam Code: 300-715
Exam Name: Implementing and Configuring Cisco Identity Services Engine (SISE) v4.0 (300-715 SISE)
Last Update: Dec 23, 2024
Questions: 243
300-715 pdf

300-715 PDF

$28.5  $94.99
300-715 Engine

300-715 Testing Engine

$33  $109.99
300-715 PDF + Engine

300-715 PDF + Testing Engine

$43.5  $144.99