Implementing and Configuring Cisco Identity Services Engine (SISE) — Question 78

When configuring an authorization policy, an administrator cannot see specific Active Directory groups present in their domain to be used as a policy condition.
However, other groups that are in the same domain are seen.
What is causing this issue?

Answer options

• A. Cisco ISE's connection to the AD join point is failing.
• B. Cisco ISE only sees the built-in groups, not user created ones.
• C. The groups are not added to Cisco ISE under the AD join point.
• D. The groups are present but need to be manually typed as conditions.

Correct answer: C

Explanation

The correct answer is C because if the groups are not added to Cisco ISE under the AD join point, they will not be visible for policy conditions. Option A is incorrect as it suggests a connectivity issue, which is not indicated. Option B is false since Cisco ISE can recognize user-created groups if properly configured. Option D misrepresents the situation as the groups should appear automatically if they are added correctly.