Implementing and Configuring Cisco Identity Services Engine (SISE) — Question 44

A laptop was stolen and a network engineer added it to the block list endpoint identity group.
What must be done on a new Cisco ISE deployment to redirect the laptop and restrict access?

Answer options

• A. Select DROP under If Auth fail within the authentication policy.
• B. Ensure that access to port 8444 is allowed within the ACL.
• C. Ensure that access to port 8443 is allowed within the ACL.
• D. Select DenyAccess within the authentication policy.

Correct answer: B

Explanation

The correct answer is B because allowing access to port 8444 is necessary for the redirection process to work correctly in Cisco ISE. The other options either do not pertain to the necessary configuration for redirecting the laptop or do not support the intended block action effectively.