CCNA: Cisco Certified Network Associate — Question 504

A customer wants to provide wireless access to contractors using a guest portal on Cisco ISE. The portal is also used by employees. A solution is implemented, but contractors receive a certificate error when they attempt to access the portal. Employees can access the portal without any errors. Which change must be implemented to allow the contractors and employees to access the portal?

Answer options

• A. Install an Internal CA signed certificate on the Cisco ISE.
• B. Install a trusted third-party certificate on the Cisco ISE.
• C. Install an internal CA signed certificate on the contractor devices.
• D. Install a trusted third-party certificate on the contractor devices.

Correct answer: B

Explanation

The correct answer is B because installing a trusted third-party certificate on the Cisco ISE ensures that all clients, including contractors, can validate the server's identity and avoid certificate errors. Option A would only provide an internal CA certificate, which may not be recognized by all contractor devices. Options C and D involve changes on contractor devices, which do not address the root cause of the certificate error for all users accessing the portal.