Implementing and Operating Cisco Security Core Technologies (SCOR) — Question 623

What are two ways a network administrator transparently identifies users using Active Directory on the Cisco WSA? (Choose two.)

Answer options

• A. Create an LDAP authentication realm and disable transparent user identification.
• B. Create NTLM or Kerberos authentication realm and enable transparent user identification.
• C. Deploy a separate Active Directory agent such as Cisco Context Directory Agent.
• D. The eDirectory client must be installed on each client workstation.
• E. Deploy a separate eDirectory server; the client IP address is recorded in this server.

Correct answer: B, C

Explanation

The correct methods involve creating an NTLM or Kerberos authentication realm and enabling transparent user identification, which allows for seamless user identification without requiring manual login. Deploying a separate Active Directory agent, such as the Cisco Context Directory Agent, also aids in user identification. The other options either disable necessary features or pertain to different systems that are not relevant to the Cisco WSA's Active Directory integration.