The security team identified a rogue endpoint with MAC address 00:47:44:40:54:1A attached to the network. Which action must security engineer take within Cisco ISE to effectively restrict network access for this endpoint?
A.
Create authentication policy to force reauthentication.
B.
Configure access control list on network switches to block traffic.
C.
Add MAC address to the endpoint quarantine list.
D.
Implement authentication policy to deny access.
But the most accurate and effective action within Cisco ISE would be:
Update the authorization policy to deny access for that MAC address or its identity group.
However, since that's not explicitly listed, and considering the intent of the question, the best available answer is:
✅ C. Add MAC address to the endpoint quarantine list
… provided that a corresponding authorization policy exists (or will be created) to restrict access based on that label.
The term “quarantine” in ISE is a little misleading. Quarantine is just an internal label that can be assigned to endpoints. What ISE does with an endpoint that has been labeled with “quarantine” varies depending on how a corresponding security policy is configured.
Therefore the answer would be D.
upvoted 2 times
...
This section is not available anymore. Please use the main Exam Page.300-715 Exam Questions
Log in to ExamTopics
Sign in:
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.
Upvoting a comment with a selected answer will also increase the vote count towards that answer by one.
So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.
Nobal
4 hours, 11 minutes agoc67983d
1 day, 13 hours ago817042b
1 month, 4 weeks agoone_1996
9 months, 4 weeks agowowako
1 year, 2 months ago