Implementing and Configuring Cisco Identity Services Engine (SISE) — Question 190

An administrator is configuring MAB and needs to create profiling policies to support devices that do not match the built-in profiles. Which two steps must the administrator take in order to use these new profiles in authorization policies? (Choose two.)

Answer options

• A. Edit the authorization policy to give the profiles as a result of the authentication and authorization results
• B. Use the profiling policies as the matching conditions in each authorization policy
• C. Modify the endpoint identity group to feed the profiling policies into and match the parent group in the policy
• D. Configure the profiling policy to make a matching identity group and use the group in the authorization policy
• E. Feed the profiling policies into a logical profile and use the logical profile in the authorization policy

Correct answer: D, E

Explanation

The correct answers are D and E because setting up the profiling policy to establish a matching identity group and using that group in the authorization policy ensures proper alignment with devices that do not match built-in profiles. Additionally, feeding the profiling policies into a logical profile allows for better organization and application within the authorization policy. The other options do not directly address the requirement to create and utilize new profiles effectively.