Implementing and Configuring Cisco Identity Services Engine (SISE) — Question 49

An organization wants to standardize the 802.1X configuration on their switches and remove static ACLs on the switch ports while allowing Cisco ISE to communicate to the switch what access to provide.
What must be configured to accomplish this task?

Answer options

• A. dynamic access list within the authorization profile
• B. extended access-list on the switch for the client
• C. security group tag within the authorization policy
• D. port security on the switch based on the client's information

Correct answer: A

Explanation

The correct answer is A because a dynamic access list within the authorization profile allows for flexible, real-time access control based on the authentication results from Cisco ISE. Options B, C, and D do not fulfill the requirement of dynamically configuring access based on ISE communications; static ACLs and port security do not adapt to the dynamic needs of the network.