Cyber Monday 2024! Hurry Up, Grab the Special Discount - Save 25% - Ends In 00:00:00 Coupon code: SAVE25
Welcome to Pass4Success

- Free Preparation Discussions

Cisco Exam 300-715 Topic 5 Question 86 Discussion

Actual exam question for Cisco's 300-715 exam
Question #: 86
Topic #: 5
[All 300-715 Questions]

A network security administrator needs a web authentication configuration when a guest user connects to the network with a wireless connection using these steps:

. An initial MAB request is sent to the Cisco ISE node.

. Cisco ISE responds with a URL redirection authorization profile if the user's MAC address is unknown in the endpoint identity store.

. The URL redirection presents the user with an AUP acceptance page when the user attempts to go to any URL.

Which authentication must the administrator configure on Cisco ISE?

Show Suggested Answer Hide Answer
Suggested Answer: D

Central Web Authentication (CWA) is a feature that allows the network access device (NAD) to redirect the web traffic of a guest user to a web portal hosted by Cisco ISE1. The NAD acts as a proxy between the guest user and the ISE node, and performs the authentication and authorization based on the RADIUS attributes returned by ISE1. To configure CWA on ISE, the administrator must create an authorization profile that contains the URL redirection attribute and assign it to the guest user1. The other options are not correct because they do not use CWA. Device registration WebAuth is a feature that allows users to register their devices on ISE before they can access the network2. WLC with local WebAuth is a feature that allows the wireless LAN controller (WLC) to host the web portal and authenticate the guest user locally3. Wired NAD with local WebAuth is a feature that allows the switch to host the web portal and authenticate the guest user locally


Contribute your Thoughts:

Barabara
6 months ago
Hmm, I suppose that makes sense. I'll go with D) too.
upvoted 0 times
...
Lanie
7 months ago
I agree and The central WebAuth makes sense for redirection.
upvoted 0 times
...
Essie
7 months ago
Maybe, but D) seems to fit with the URL redirection and AUP acceptance.
upvoted 0 times
...
Barabara
7 months ago
I think it's A) device registration WebAuth. It mentions the MAC address.
upvoted 0 times
...
Rolland
7 months ago
Yeah, definitely! I'm leaning towards D) NAD with central WebAuth.
upvoted 0 times
...
Essie
7 months ago
The question seems a bit tricky, don't you think?
upvoted 0 times
...

Save Cancel
az-700  pass4success  az-104  200-301  200-201  cissp  350-401  350-201  350-501  350-601  350-801  350-901  az-720  az-305  pl-300  

Warning: Cannot modify header information - headers already sent by (output started at /pass.php:70) in /pass.php on line 77