Implementing and Configuring Cisco Identity Services Engine (SISE) — Question 281

Using the SAML protocol, an administrator must configure the Cisco ISE Sponsor portal to authenticate users with an external Microsoft Active Directory Federation Services server. The configurations were performed:

• created a new SAML identity provider profile in Cisco ISE
• exported the service provider information
• configured all the required Active Directory Federation Services configurations
• imported the Active Directory Federation Services metadata
• configured groups in the new SAML identity provider profile
• added attributes to the new SAML identity provider profile
• configured Advanced Settings in the new SAML identity provider profile

Which two actors must be taken to complete the configuration? (Choose two.)

Answer options

• A. Configure the Sponsor portal HTTPS port for Active Directory Federation Services integration
• B. Configure an identity source sequence in the Sponsor portal
• C. Allow Kerberos single sign-on on the Sponsor portal
• D. Customize the Sponsor portal pages for integration with Active Directory Federation Services
• E. Add SAML identity provider groups in Sponsor Group Members

Correct answer: B, E

Explanation

The correct answers are B and E. Configuring an identity source sequence is necessary to dictate how the portal will authenticate users, while adding SAML identity provider groups ensures that the appropriate groups are included for access control. Options A, C, and D are not required to complete the SAML configuration in this context.