Implementing and Configuring Cisco Identity Services Engine (SISE) — Question 278

An engineer must onboard secure Windows 11 laptops of directors on the BYOD portal by using Cisco ISE. Corporate security policies require the Cisco ISE internal CA to use an ECC certificate rather than the standard RSA certificate. What must be configured in Cisco ISE?

Answer options

• A. key type of ECC on the Cisco ISE EAP authentication certificate template
• B. key type of ECC in the Cisco ISE system certificates
• C. Windows 11 laptop with an ECC certificate as the minimal requirement
• D. key type of ECC in the Cisco ISE internal CA settings

Correct answer: A

Explanation

The correct answer is A because the EAP authentication certificate template specifically needs to be set to use ECC to comply with the corporate security policy. Options B and D refer to system certificates and internal CA settings, which do not directly address the requirement for the EAP authentication template. Option C is irrelevant as it discusses a requirement for the laptops rather than the configuration of Cisco ISE.