Implementing and Operating Cisco Security Core Technologies (SCOR) — Question 41
What must be configured in Cisco ISE to enforce reauthentication of an endpoint session when an endpoint is deleted from an identity group?
Answer options
- A. SNMP probe
- B. CoA
- C. external identity source
- D. posture assessment
Correct answer: B
Explanation
The correct answer is B, CoA (Change of Authorization), which allows Cisco ISE to enforce policies and prompt for reauthentication when an endpoint's identity group membership changes. The other options—SNMP probe, external identity source, and posture assessment—do not directly facilitate reauthentication based on changes to identity group membership.