Implementing and Configuring Cisco Identity Services Engine (SISE) — Question 205

An administrator must enable scanning for specific endpoints when they attempt to access the network. The scanning must be triggered as a result of successful authentication. Which action accomplishes this task?

Answer options

• A. Modify the authorization policy to send init_endpoint_scan as a result to the authenticator.
• B. Create an authorization profile with scanning enabled and add it to the authorization policy that the endpoints will hit.
• C. Add an entry in the authentication conditions to allow only scanned endpoints access, then redirect everything else to the portal to initiate the scan.
• D. Configure the endpoint scanning probe to profile the endpoint correctly and assign it a risk score.

Correct answer: B

Explanation

The correct answer, B, is right because creating an authorization profile with scanning enabled and attaching it to the policy ensures that scanning occurs post-authentication. Option A does not directly enable scanning for endpoints; it merely modifies the policy. Option C restricts access to only scanned endpoints but does not trigger a scan upon authentication. Option D focuses on profiling and risk scoring, which is not the same as enabling scanning.