ExamTopics Logo
Mail Us[email protected]
Menu
Cisco Discussions
exam questions

Exam 300-715 All Questions

View all questions & answers for the 300-715 exam
Go to Exam

Exam 300-715 topic 1 question 169 discussion

Actual exam question from Cisco's 300-715
Question #: 169
Topic #: 1
[All 300-715 Questions]


Refer to the exhibit. An administrator is manually adding a device to a Cisco ISE identity group to ensure that it is able to access the network when needed without authentication. Upon testing, the administrator notices that the device never hits the correct authorization policy line using the condition EndPoints-LogicalProfile
EQUALS static_list. Why is this occurring?

  • A. The dynamic logical profile is overriding the statically assigned profile.
  • B. The logical profile is being statically assigned instead of the identity group.
  • C. The identity group is being assigned instead of the logical profile.
  • D. The device is changing identity groups after profiling instead of remaining static.
Show Suggested Answer Hide Answer
Suggested Answer: B 🗳️
by iceise at Nov. 5, 2022, 10:51 a.m.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
iceise
Highly Voted 2 years, 4 months ago
Selected Answer: B
In Question condition EndPoints-LogicalProfile EQUALS static_list Should be Internal Endpoint Identity Group: EQUALS static_list,
upvoted 7 times
Cnoteone
2 years ago
In the scenario screenshot the 'Static Assignment' is NOT checked off.
upvoted 4 times
...
...
Cachaman
Most Recent 4 days, 1 hour ago
Selected Answer: C
Correct C Static Assignment = Logical Profiles Static "GROUP" Assignment = Identity Groups
upvoted 1 times
...
ce1997d
3 weeks, 4 days ago
Selected Answer: C
Policy Assignment is a logical profile used by profiling. Identity Groups add the device to the local directory.
upvoted 1 times
...
53f2a10
4 months ago
Selected Answer: C
C) is correct in my opinion. The setting shown sets the Identity Group and not the Logical Profile.
upvoted 2 times
...
NullNull88
1 year ago
Static Assignment should be checked and the Policy should be selected. The only answer that half makes any sense based on the screenshot is C
upvoted 2 times
...
NikoTomas
1 year ago
CORRECT is C) "The identity group is being assigned instead of the logical profile". 1. reason (pure logical): Both B) and C) answers are formulated as "group is being ASSIGNED", which of course means assigned to ENDPOINT, not to Authorization Policy (how could it be?). And screenshot in the question shows, that identity group really "is being assigned instead of the logical profile", which is answer C). 2. reason (eBook SISE): “Even though ENDPOINT IDENTITY GROUPS were useful in very early versions of ISE, their use for profiling has been deprecated in favor of using actual endpoint profiles or logical profiles directly in the authorization policy. ... Today, ENDPOINT IDENTITY GROUPS are used for a different purpose. They are used for a MAC Address Management (MAM) model, where you can create a STATIC LIST of MAC addresses to be authorized specifically (for example, a list of all Apple iPads that are owned by the company so they can be differentiated from personally owned iPads).”
upvoted 2 times
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel
exam
Someone Bought Contributor Access for:
SY0-701
London, 1 minute ago