ExamTopics Logo
Mail Us[email protected]
Menu
Cisco Discussions
exam questions

Exam 300-715 All Questions

View all questions & answers for the 300-715 exam
Go to Exam

Exam 300-715 topic 1 question 219 discussion

Actual exam question from Cisco's 300-715
Question #: 219
Topic #: 1
[All 300-715 Questions]

The IT manager wants to provide different levels of access to network devices when users authenticate using TACACS+. The company needs specific commands to be allowed based on the Active Directory group membership of the different roles within the IT department. The solution must minimize the number of objects created in Cisco ISE. What must be created to accomplish this task?

  • A. one shell profile and one command set
  • B. multiple shell profiles and one command set
  • C. one shell profile and multiple command sets
  • D. multiple shell profiles and multiple command sets
Show Suggested Answer Hide Answer
Suggested Answer: C 🗳️
by rhylos at May 27, 2023, 4:35 a.m.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
XBfoundX
Highly Voted 1 year, 2 months ago
The last words of the questions are asking for minimize the object as mush as possible, I will go for C because I will give to the IT Departement one shell profile with privilage set to 15, and then I will create different commands set that will specify the commands that the IT Group can do based on who they are
upvoted 10 times
NikoTomas
1 year ago
exactly!
upvoted 2 times
...
...
johntan1980
Highly Voted 1 year, 6 months ago
Selected Answer: C
It mentioned "The solution must minimize the number of objects created in Cisco ISE"
upvoted 5 times
...
KnightHeart
Most Recent 3 months, 2 weeks ago
Selected Answer: C
This question ask before?
upvoted 1 times
...
G0909
9 months, 2 weeks ago
Selected Answer: D
Key here is want to provide different level of access, thus multiple shell profile. If you have specific roles within your organization that require different levels of access, you can create additional shell profiles in Cisco ISE and assign them based on user attributes or group memberships.
upvoted 1 times
Korndal
6 months, 1 week ago
Nope!. you are missing ". The solution must minimize the number of objects created in Cisco ISE" So you can solve this with 1 shell profile giving level 15 access and then command sets to handle who can do what
upvoted 1 times
Rashford10
1 week ago
There is no way to achieve the required task without creating multiple shell profiles. C - minimizes the number of objects but does not complete the required task. D - addresses the task with the minimum number of objects required to satisfy the task. ie different levels of access + specific commands
upvoted 1 times
...
...
...
HercJ
1 year ago
Selected Answer: C
it is C, with one shell you can set various command sets.
upvoted 4 times
...
IETF1
1 year, 3 months ago
C: You can create 1 shell profile per device type with multiple command sets mapped to AD group. (requirement is to reduce objects D is incorrect in that case)
upvoted 5 times
...
CCNP21
1 year, 7 months ago
Selected Answer: D
Multiple shell profiles and multiple command sets.
upvoted 1 times
...
johndelorien
1 year, 8 months ago
Selected Answer: D
as refference: see Q#152 there it is mentioned that the access level has to be the same - but there the answer is "create multiple shell profiles and multiple command sets" seems they mixed the answers...
upvoted 5 times
...
rhylos
1 year, 9 months ago
Selected Answer: D
Since we need Different Commands based on Different AD Groups, we will need Multiple shell profiles and Multiple command sets
upvoted 2 times
IETF1
1 year, 3 months ago
shell profiles are device type based, you can use same shell profile with different command set with different AD group condition.
upvoted 3 times
...
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel
exam
Someone Bought Contributor Access for:
SY0-701
London, 1 minute ago