Deal of The Day! Hurry Up, Grab the Special Discount - Save 25% - Ends In 00:00:00 Coupon code: SAVE25
Welcome to Pass4Success

- Free Preparation Discussions
Mail Us support@pass4success.com
Location US
Mob_nav_barsMENU

Cisco Exam 300-715 Topic 7 Question 80 Discussion

Actual exam question for Cisco's 300-715 exam
Question #: 80
Topic #: 7
[All 300-715 Questions]

A network security administrator needs a web authentication configuration when a guest user connects to the network with a wireless connection using these steps:

. An initial MAB request is sent to the Cisco ISE node.

. Cisco ISE responds with a URL redirection authorization profile if the user's MAC address is unknown in the endpoint identity store.

. The URL redirection presents the user with an AUP acceptance page when the user attempts to go to any URL.

Which authentication must the administrator configure on Cisco ISE?

Show Suggested Answer Hide Answer
Suggested Answer: D

Central Web Authentication (CWA) is a feature that allows the network access device (NAD) to redirect the web traffic of a guest user to a web portal hosted by Cisco ISE1. The NAD acts as a proxy between the guest user and the ISE node, and performs the authentication and authorization based on the RADIUS attributes returned by ISE1. To configure CWA on ISE, the administrator must create an authorization profile that contains the URL redirection attribute and assign it to the guest user1. The other options are not correct because they do not use CWA. Device registration WebAuth is a feature that allows users to register their devices on ISE before they can access the network2. WLC with local WebAuth is a feature that allows the wireless LAN controller (WLC) to host the web portal and authenticate the guest user locally3. Wired NAD with local WebAuth is a feature that allows the switch to host the web portal and authenticate the guest user locally


by Deonna at Jan 28, 2024, 09:49 PM

Limited Time Offer

25%

Off

Get Premium 300-715 Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

Submit Cancel
Luisa
19 days ago
Totally, the central WebAuth makes the most sense here. Although, I have to say, the wording of these questions can be a real head-scratcher sometimes. Just when you think you've got it figured out, they throw in a curveball!
upvoted 0 times
...
Yen
20 days ago
Yeah, that's a solid explanation. I was initially leaning towards B) WLC with local WebAuth, but the fact that the user is being redirected to an AUP page points more towards a central WebAuth setup on the Cisco ISE node.
upvoted 0 times
Glory
2 days ago
Yes, it seems like the most appropriate solution for the network security administrator.
upvoted 0 times
...
Santos
3 days ago
So, we're all in agreement then? D) NAD with central WebAuth is the way to go.
upvoted 0 times
...
Lajuana
4 days ago
Definitely, that way you can control the AUP acceptance process more effectively.
upvoted 0 times
...
Janey
5 days ago
It seems like a better option for managing guest user access to the network.
upvoted 0 times
...
Twana
6 days ago
Agreed, having a centralized location for authentication would ensure consistency.
upvoted 0 times
...
Ernie
7 days ago
I think you're right, D) NAD with central WebAuth makes more sense.
upvoted 0 times
...
...
Benton
21 days ago
I agree with that assessment. The key details here are the initial MAB request and the URL redirection, which suggest a centralized web authentication approach rather than a local WebAuth configuration on the WLC or NAD.
upvoted 0 times
...
Mozell
22 days ago
Hmm, this question seems to be testing our understanding of the different web authentication configurations in Cisco ISE. I think the answer is D) NAD with central WebAuth, as the scenario describes the user being redirected to a URL where they can accept an AUP, which is a typical behavior of a central WebAuth setup.
upvoted 0 times
...

Save Cancel