300-715 · Question #146
300-715 Question #146: Real Exam Question with Answer & Explanation
The correct answer is A: The AD join point is no longer connected.. {"question_number": 3, "correct_answer": "A", "explanation": "Cisco ISE uses an Active Directory (AD) join point to query AD for group membership information used in authorization policies. After a power failure and reboot, the ISE node may lose its connection or binding to the A
Question
A network administrator is configuring authorization policies on Cisco ISE. There is a requirement to use AD group assignments to control access to network resources. After a recent power failure and Cisco ISE rebooting itself, the AD group assignments no longer work. What is the cause of this issue?
Options
- AThe AD join point is no longer connected.
- BThe AD DNS response is slow.
- CThe certificate checks are not being conducted.
- DThe network devices ports are shut down.
Explanation
{"question_number": 3, "correct_answer": "A", "explanation": "Cisco ISE uses an Active Directory (AD) join point to query AD for group membership information used in authorization policies. After a power failure and reboot, the ISE node may lose its connection or binding to the AD join point-this can happen if the machine account ticket expires or if the join is disrupted. When the join point is disconnected, ISE cannot resolve AD group assignments, causing authorization policies based on those groups to fail. The administrator would need to verify and re-establish the AD join from Administration > Identity Management > External Identity Sources > Active Directory.", "generated_by": "claude-sonnet", "llm_judge_score": 4}
Topics
Community Discussion
No community discussion yet for this question.