300-420 Question #278: Real Exam Question with Answer & Explanation

Question

What are three ways in which Cisco ISE learns information about devices? (Choose three.)

Options

• Anetwork servers the device has accessed
• Btraffic generated by the device
• CRADIUS attributes
• DRPC mechanism via HTTPS
• ESMTP agents
• Fuser authentication to the ISE

Explanation

Cisco ISE gathers information about connected devices by passively analyzing network traffic, processing various RADIUS attributes received during authentication, and directly from user authentication events to the ISE platform itself.

Common mistakes.

• A. While ISE might infer some context from connections to network servers, it is not a primary or direct mechanism for ISE to learn specific device attributes in the same way as passive traffic analysis or RADIUS.
• D. RPC mechanism via HTTPS is not a standard, primary method for Cisco ISE to profile endpoints; common profiling methods rely on protocols like DHCP, HTTP, DNS, and NetFlow.
• E. SMTP agents are related to email services and are not a native or primary mechanism used by Cisco ISE to discover or profile network endpoints.

Concept tested. Cisco ISE endpoint profiling methods

Reference. https://www.cisco.com/c/en/us/td/docs/security/ise/3-1/admin_guide/b_ise_admin_guide_31/b_ise_admin_guide_31_chapter_01000.html

No community discussion yet for this question.