Exam 300-715 topic 1 question 37 discussion

read the manuals CORRECT IS C If an internal user is configured with an external identity store for authentication, while logging in to the ISE Admin portal, the internal user must select the external identity store as the Identity Source. Authentication will fail if Internal Identity Source is selected. https://www.cisco.com/c/en/us/td/docs/security/ise/2-7/admin_guide/b_ise_27_admin_guide/b_ISE_admin_27_overview.html

Answer should be C " authentication Fails "

The answer is C. The authentication fails.

This question has two answers in the real exam.

C is correct, auth would fail and the reason in live log would be user not found in applicable identity store

C is correct

Auth fails if no other ID store is in sequence. Answer must be C.

So this is about admin group.

https://www.cisco.com/c/en/us/td/docs/security/ise/2-3/admin_guide/b_ise_admin_guide_23/b_ise_admin_guide_23_chapter_011010.html#reference_FF8CD097D1B1441C9F9C2301E3C222E3 Note If an internal user is configured with an external identity store for authentication, while logging in to the ISE Admin portal, the internal user must select the external identity store as the Identity Source. Authentication will fail if Internal Identity Source is selected.

Provided answer D looks more logical. However everything should be based on configured priority, we can force ISE to use internal or external identiry stores or more logically to choose based on order to say which store use first. if we consider that part hasn't be changed and the same user or group is entered locally, then authentication will go via the external identity store etc. If admin just decided to enable an internal identity store without taking care to creating the same user with the same password, then is answer C.

D is correct answer here

Correct is "C"

Authentication fails as there is no password set in ISE for an external user

The answer is C If an internal user is configured with an external identity store for authentication, while logging in to the ISE Admin portal, the internal user must select the external identity store as the Identity Source. Authentication will fail if Internal Identity Source is selected. https://www.cisco.com/c/en/us/td/docs/security/ise/2-7/admin_guide/b_ise_27_admin_guide/b_ISE_admin_27_overview.html

Correct answer is C.

Answer should be B. Internal Identity Sources Cisco ISE has an internal user database that you can use to store user information. Users in the internal user database are called internal users. Cisco ISE also has an internal endpoint database that stores information about all the devices and endpoints that connect to it. External Identity Sources Cisco ISE allows you to configure the external identity source that contains user information. Cisco ISE connects to an external identity source to obtain user information for authentication. External identity sources also include certificate information for the Cisco ISE server and certificate authentication profiles. Cisco ISE uses authentication protocols to communicate with external identity sources.

i think the authentication process fails.