Implementing and Configuring Cisco Identity Services Engine (SISE) — Question 33

What should be considered when configuring certificates for BYOD?

Answer options

• A. The SAN field is populated with the end user name.
• B. The CN field is populated with the endpoint host name.
• C. An endpoint certificate is mandatory for the Cisco ISE BYOD.
• D. An Android endpoint uses EST, whereas other operating systems use SCEP for enrollment.

Correct answer: B

Explanation

Option B is correct because the Common Name (CN) field should contain the hostname of the endpoint for proper identification. Option A is incorrect as the Subject Alternative Name (SAN) field is typically used for alternative identifiers, not just the user's name. Option C is misleading since while endpoint certificates are important, not all configurations require one for Cisco ISE BYOD. Option D incorrectly states the enrollment methods for Android and other operating systems; EST is not exclusive to Android.