Cyber Monday 2024! Hurry Up, Grab the Special Discount - Save 25% - Ends In 00:00:00 Coupon code: SAVE25
Welcome to Pass4Success

- Free Preparation Discussions

Cisco Exam 300-715 Topic 2 Question 88 Discussion

Actual exam question for Cisco's 300-715 exam
Question #: 88
Topic #: 2
[All 300-715 Questions]

A network security administrator needs a web authentication configuration when a guest user connects to the network with a wireless connection using these steps:

. An initial MAB request is sent to the Cisco ISE node.

. Cisco ISE responds with a URL redirection authorization profile if the user's MAC address is unknown in the endpoint identity store.

. The URL redirection presents the user with an AUP acceptance page when the user attempts to go to any URL.

Which authentication must the administrator configure on Cisco ISE?

Show Suggested Answer Hide Answer
Suggested Answer: D

Central Web Authentication (CWA) is a feature that allows the network access device (NAD) to redirect the web traffic of a guest user to a web portal hosted by Cisco ISE1. The NAD acts as a proxy between the guest user and the ISE node, and performs the authentication and authorization based on the RADIUS attributes returned by ISE1. To configure CWA on ISE, the administrator must create an authorization profile that contains the URL redirection attribute and assign it to the guest user1. The other options are not correct because they do not use CWA. Device registration WebAuth is a feature that allows users to register their devices on ISE before they can access the network2. WLC with local WebAuth is a feature that allows the wireless LAN controller (WLC) to host the web portal and authenticate the guest user locally3. Wired NAD with local WebAuth is a feature that allows the switch to host the web portal and authenticate the guest user locally


Contribute your Thoughts:

Norah
6 months ago
Option D, all the way. Central WebAuth is the way to go, unless you want to be the one troubleshooting a bunch of local WebAuth setups. No thanks, I'll leave that to the experts!
upvoted 0 times
...
Kaycee
6 months ago
D. NAD with central WebAuth is the obvious choice. Gotta love that Cisco ISE, always saving the day! Except when it's down, then we're all just sitting around scratching our heads.
upvoted 0 times
Lemuel
5 months ago
A: Let's hope it never goes down then. We need it to keep our network secure.
upvoted 0 times
...
Clay
5 months ago
B: I agree, Cisco ISE is a lifesaver. But yeah, when it's down, it's a nightmare.
upvoted 0 times
...
Nikita
6 months ago
A: NAD with central WebAuth is definitely the way to go. Cisco ISE makes it so much easier.
upvoted 0 times
...
...
Phung
6 months ago
Haha, option A. device registration WebAuth, really? What is this, 1990? Let's get with the times, people!
upvoted 0 times
Larae
5 months ago
I agree with Larae. Let's not dismiss it right away.
upvoted 0 times
...
Tegan
6 months ago
Tegan, calm down. Maybe there's a reason why it's still being used.
upvoted 0 times
...
Van
6 months ago
Haha, option A. device registration WebAuth, really? What is this, 1990?
upvoted 0 times
...
...
Noah
6 months ago
I think B. WLC with local WebAuth is the way to go. Who needs that fancy-shmancy Cisco ISE node when you can just handle it all locally, am I right?
upvoted 0 times
...
Alaine
6 months ago
Option D. NAD with central WebAuth is the correct authentication configuration. This allows the network access device to redirect the user to the Cisco ISE node for web authentication.
upvoted 0 times
Dong
5 months ago
That makes sense, thanks for clarifying!
upvoted 0 times
...
Dong
5 months ago
Option D. NAD with central WebAuth is the correct authentication configuration.
upvoted 0 times
...
Jerilyn
6 months ago
Good to know. Thanks for the clarification.
upvoted 0 times
...
Kanisha
6 months ago
Yes, NAD with central WebAuth allows for the necessary redirection to Cisco ISE.
upvoted 0 times
...
Maurine
6 months ago
I think option D is the correct one.
upvoted 0 times
...
Nakita
6 months ago
Yes, that's correct. It allows the user to be redirected to Cisco ISE for web authentication.
upvoted 0 times
...
Shawnda
6 months ago
I think the administrator should configure NAD with central WebAuth.
upvoted 0 times
...
...

Save Cancel
az-700  pass4success  az-104  200-301  200-201  cissp  350-401  350-201  350-501  350-601  350-801  350-901  az-720  az-305  pl-300  

Warning: Cannot modify header information - headers already sent by (output started at /pass.php:70) in /pass.php on line 77