Cyber Monday 2024! Hurry Up, Grab the Special Discount - Save 25% - Ends In 00:00:00 Coupon code: SAVE25
Welcome to Pass4Success

- Free Preparation Discussions

Cisco Exam 300-715 Topic 12 Question 92 Discussion

Actual exam question for Cisco's 300-715 exam
Question #: 92
Topic #: 12
[All 300-715 Questions]

An enterprise uses a separate PSN for each of its four remote sites. Recently, a user reported receiving an "EAP-TLS authentication failed" message when moving between remote sites. Which configuration must be applied on Cisco ISE?

Show Suggested Answer Hide Answer
Suggested Answer: B

When using separate PSNs for different sites, the network device must be added to all PSN nodes in the deployment, so that the device can communicate with the appropriate PSN based on the location of the user1. If the device is not added to all PSN nodes, the user may encounter an EAP-TLS authentication failure when moving between sites, as the device may not be able to reach the PSN that issued the certificate2. The other options are not relevant for this scenario, as they do not address the issue of PSN communication.


Contribute your Thoughts:

Kerry
4 months ago
Wait, is the 'EAP-TLS authentication failed' message a hint that the certificate is the issue? I'm going with C on this one.
upvoted 0 times
Gilbert
3 months ago
I agree, let's renew the expired certificate on one of the PSN nodes.
upvoted 0 times
...
Buck
3 months ago
I think the certificate might be the problem too. I'll go with option C.
upvoted 0 times
...
...
Kimbery
4 months ago
A is an interesting option, but using a third-party certificate on the network device might be overkill in this case.
upvoted 0 times
...
Clare
4 months ago
D doesn't make much sense to me. Configuring an authorization profile for the end users doesn't seem relevant to the problem at hand.
upvoted 0 times
Kristel
4 months ago
C) Renew the expired certificate on one of the PSN.
upvoted 0 times
...
Cordelia
4 months ago
B) Add the device to all PSN nodes in the deployment.
upvoted 0 times
...
Lilli
4 months ago
A) Use a third-party certificate on the network device.
upvoted 0 times
...
...
Danica
4 months ago
C seems like the easiest fix, but I'm not sure if that's the correct answer. Renewing the expired certificate on one of the PSN could be the way to go.
upvoted 0 times
Elenore
4 months ago
A) Use a third-party certificate on the network device.
upvoted 0 times
...
Shaquana
4 months ago
B) Add the device to all PSN nodes in the deployment.
upvoted 0 times
...
Lavina
4 months ago
C) Renew the expired certificate on one of the PSN.
upvoted 0 times
...
...
Wilda
5 months ago
I think D) Configure an authorization profile for the end users could also be a valid solution.
upvoted 0 times
...
Billi
5 months ago
But wouldn't renewing the expired certificate on one of the PSN nodes also solve the issue?
upvoted 0 times
...
Miriam
5 months ago
I disagree, I believe the correct answer is B) Add the device to all PSN nodes in the deployment.
upvoted 0 times
...
Galen
5 months ago
Hmm, I think the answer is B. Adding the device to all PSN nodes in the deployment seems like the most logical solution to me.
upvoted 0 times
Franklyn
4 months ago
D) Configure an authorization profile for the end users.
upvoted 0 times
...
Rory
4 months ago
C) Renew the expired certificate on one of the PSN.
upvoted 0 times
...
Tran
5 months ago
B) Add the device to all PSN nodes in the deployment.
upvoted 0 times
...
Fallon
5 months ago
A) Use a third-party certificate on the network device.
upvoted 0 times
...
...
Billi
5 months ago
I think the answer is A) Use a third-party certificate on the network device.
upvoted 0 times
...

Save Cancel
az-700  pass4success  az-104  200-301  200-201  cissp  350-401  350-201  350-501  350-601  350-801  350-901  az-720  az-305  pl-300  

Warning: Cannot modify header information - headers already sent by (output started at /pass.php:70) in /pass.php on line 77