An engineer is setting up a WLAN to work with a Cisco ISE as the AAA server. The company policy requires that all users be denied access to any resources until they pass the validation. Which component must be configured to achieve this stipulation?
Preauthentication ACL:
A preauthentication ACL (Access Control List) is used to restrict the resources that a client can access before they successfully authenticate. This ensures that users cannot access any network resources until they have passed the authentication process.
By configuring a preauthentication ACL, the engineer can enforce the company policy of denying access to all resources until the user is validated by the Cisco ISE (Identity Services Engine).
Why the Other Options Are Incorrect:
A. WPA2 passkey:
A WPA2 passkey is used for securing the wireless network with a pre-shared key (PSK). It does not control access to resources before or after authentication.
B. AAA override:
AAA override is used to dynamically assign VLANs or other attributes based on the user's role or identity after authentication. It does not restrict access before authentication.
C. CPU ACL:
A CPU ACL is used to control traffic destined for the CPU of the wireless LAN controller (WLC). It is not used to restrict user access to network resources before authentication.
I think only web auth supports preauth acls. So if its corp then i think AAA overide as 802.1x/eap only allows EAP/auth traffic prio to being authenticated.
A voting comment increases the vote count for the chosen answer by one.
Upvoting a comment with a selected answer will also increase the vote count towards that answer by one.
So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.
Coffee313
Highly Voted 2 years, 5 months agoc9800
Highly Voted 2 years agorrahim
Most Recent 1 week agoAce_Pee
8 months agokthekillerc
2 years, 3 months agoCyrillka
2 years, 5 months ago