Which option would allow you to enforce this policy using only ISE and Active Directory?

Posted by: Pdfprep Category: 400-251 Tags: , ,

All your employees are required to authenticate their devices to the network, be it company owned or employee owned assets, with ISE as the authentication server. The primary identity store used is Microsoft Active directory, with username and password authentication. To ensure the security of your enterprise our security policy dictates that only company owned assets should be able to get access to the enterprise network, while personal assets should have restricted access.

Which option would allow you to enforce this policy using only ISE and Active Directory?
A . Configure an authentication policy that uses the computer credentials in Active Directory to determine whether the device is company owned or personal
B . This would require deployment of a Mobile Device Management (MDM)solution, which can be used to register all devices against the MDM server, and use that to assign appropriate access levels.
Configure an authentication policy that checks against the MAC address database of company assets in ISE end points identity store to determine the level of access depending on the device.
C . Configure an Authorization policy that checks against the mac address database of company assets in ISE endpoint identity store to determine the level of access depending on the device
D . Configure an authorization policy that assigns the device the appropriate profile based on whether the device passes Machine Authentication or no

Answer: E



Leave a Reply

Your email address will not be published.