Exam 300-715 topic 1 question 65 discussion

The question states that both devices are configured, so we can assume that A is correct as the device might have not be profiled yet. E seems more correct answer from the list.

Correct A abd E. This is a well known IBNSv1.0 behavior, the switch will not share device-sensor/profiling info with ISE, if it does not get a RADIUS-ACCEPT from ISE. Work around: Change the default authorization policy to permit access + dACL, the acl could be deny any any, or allow dhcp + deny any any.

agree with XBfoundX

A & C A) Closed Mode is restricting communication – NAD’s Device Sensor and ISE Probes can’t obtain any profiling data from endpoint prior to authentication. C) SNMP Probe - ISE uses SMTP Probe to retrieve CPD obtained data from NAD's Device Sensor. The 802.1X closed port accepts only EAP, CDP and STP packets. So CDP is the way how NAD can get profiling information about connected host prior to its authentication and SNMP is the way how ISE retrieves it .

For me the answer are A and B. E does not have much sense, the probe are configured so that the PSNs can get infos based on the protocol that you activate, in this case is saying that the switch is collecting the attribute but the probes are not sending them?.... That not make much sense cause we have to answers we need to understand that for sure closed mode is restricting the collection of the attributes prior to authentication, and cause there is closed mode activated the http probe is not functioning well cause the NAD device can't send the http user agent field to ISE for profiling the endpoint. This is my idea, let me know if for u it's fine

The correct answers: Closed mode is restricting the collection of the attributes prior to authentication. When closed mode is enabled, Cisco ISE will only collect attributes from endpoints that have successfully authenticated. This can prevent Cisco ISE from collecting attributes from endpoints that are not yet authenticated, such as during the initial 802.1X handshake. The SNMP probe is not enabled. The SNMP probe is used by Cisco ISE to collect attributes from endpoints. If the SNMP probe is not enabled, Cisco ISE will not be able to collect any attributes from endpoints. The other options are incorrect

A & B seem to be most likely;

I think it is A and E.

The question states that both the switch and ISE are configured for profiling, which implies that probes are enabled and the switch is configured properly. This, in theory, rules out C and D. E just looks wrong to me as the probes collect rather than send. If closed mode is enabled, both A and B could then be true and would not be a result of profiling not being configured properly.