Implementing and Configuring Cisco Identity Services Engine (SISE) — Question 337

The security team identified a rogue endpoint with MAC address 00:47:44:40:54:1A attached to the network. Which action must security engineer take within Cisco ISE to effectively restrict network access for this endpoint?

Answer options

• A. Create authentication policy to force reauthentication.
• B. Configure access control list on network switches to block traffic.
• C. Add MAC address to the endpoint quarantine list.
• D. Implement authentication policy to deny access.

Correct answer: D

Explanation

The correct answer is D because implementing an authentication policy to deny access directly restricts the rogue endpoint from connecting to the network. Option A does not prevent access; it only forces reauthentication. Option B, while useful, does not specifically target the rogue endpoint. Option C adds the MAC address to a quarantine list but does not immediately deny access.