Cyber Monday 2024! Hurry Up, Grab the Special Discount - Save 25% - Ends In 00:00:00 Coupon code: SAVE25
Welcome to Pass4Success

- Free Preparation Discussions
Mail Us support@pass4success.com
Location PL
Mob_nav_barsMENU

Cisco Exam 300-715 Topic 2 Question 101 Discussion

Actual exam question for Cisco's 300-715 exam
Question #: 101
Topic #: 2
[All 300-715 Questions]

The security team identified a rogue endpoint with MAC address 00:46:91:02:28:4A attached to the network. Which action must security engineer take within Cisco ISE to effectively

restrict network access for this endpoint?

Show Suggested Answer Hide Answer
Suggested Answer: C

Cisco ISE provides a feature called Adaptive Network Control (ANC) that allows administrators to apply policies to endpoints based on their behavior or status1. One of the ANC policies is Quarantine, which restricts network access for an endpoint by assigning it to a limited-access VLAN or applying an access control list (ACL) on the switch port2. To use the Quarantine policy, the administrator must add the MAC address of the rogue endpoint to the endpoint quarantine list in ISE2. This will trigger a change of authorization (CoA) for the endpoint and apply the Quarantine policy. The other options are not effective for restricting network access for a rogue endpoint, as they do not use the ANC feature of ISE.


by Effie at Oct 21, 2024, 10:14 AM

Limited Time Offer

25%

Off

Get Premium 300-715 Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

Submit Cancel
Harley
17 days ago
Hmm, I'm sensing a theme here. Looks like the security team needs to get their ducks in a row and implement a more robust endpoint management strategy. Maybe they should consider investing in a crystal ball as well.
upvoted 0 times
Leonor
6 days ago
A) Configure access control list on network switches to block traffic.
upvoted 0 times
...
...
Elbert
26 days ago
C) Quarantining the endpoint is the way to go. It's like putting a naughty kid in timeout - they won't be causing any more trouble until they learn their lesson!
upvoted 0 times
Hayley
7 days ago
B) Create authentication policy to force reauthentication.
upvoted 0 times
...
James
11 days ago
C) Quarantining the endpoint is the way to go. It's like putting a naughty kid in timeout - they won't be causing any more trouble until they learn their lesson!
upvoted 0 times
...
Roosevelt
15 days ago
A) Configure access control list on network switches to block traffic.
upvoted 0 times
...
...
Barbra
1 months ago
B) Forcing reauthentication might give the user a chance to reconnect, but it doesn't necessarily solve the rogue endpoint problem. A more proactive approach is needed.
upvoted 0 times
...
Moon
1 months ago
D) Implementing an authentication policy to deny access is a more comprehensive solution that can prevent similar issues in the future. Quarantining the endpoint is a temporary fix.
upvoted 0 times
Lettie
1 days ago
D) Implement authentication policy to deny access.
upvoted 0 times
...
Sanda
16 days ago
B) Create authentication policy to force reauthentication.
upvoted 0 times
...
Fatima
25 days ago
A) Configure access control list on network switches to block traffic.
upvoted 0 times
...
Alba
26 days ago
D) Implement authentication policy to deny access.
upvoted 0 times
...
Noel
28 days ago
B) Create authentication policy to force reauthentication.
upvoted 0 times
...
Millie
29 days ago
A) Configure access control list on network switches to block traffic.
upvoted 0 times
...
...
Jennifer
2 months ago
I agree with Darell, adding the MAC address to the quarantine list would be the most effective action to restrict network access for the rogue endpoint.
upvoted 0 times
...
Kimbery
2 months ago
C) Adding the MAC address to the endpoint quarantine list seems like the most effective way to restrict network access for the rogue endpoint. It's a targeted approach that directly addresses the issue.
upvoted 0 times
Amira
25 days ago
B) Create authentication policy to force reauthentication.
upvoted 0 times
...
Emilio
1 months ago
C) Adding the MAC address to the endpoint quarantine list seems like the most effective way to restrict network access for the rogue endpoint. It's a targeted approach that directly addresses the issue.
upvoted 0 times
...
Launa
1 months ago
A) Configure access control list on network switches to block traffic.
upvoted 0 times
...
...
Darell
2 months ago
I think the security engineer should add the MAC address to the endpoint quarantine list.
upvoted 0 times
...

Save Cancel
az-700  pass4success  az-104  200-301  200-201  cissp  350-401  350-201  350-501  350-601  350-801  350-901  az-720  az-305  pl-300  

Warning: Cannot modify header information - headers already sent by (output started at /pass.php:70) in /pass.php on line 77