300-715 Question #245: Real Exam Question with Answer & Explanation

The correct answer is D: RSA SecurID. RSA SecurID is an identity store that integrates with Cisco ISE to provide dynamic, single-use access credentials through its two-factor authentication tokens. Each token generates a unique passcode, making it suitable for one-time use.

Policy Enforcement

Question

Which type of identity store allows for creating single-use access credentials in Cisco ISE?

Options

AOpenLDAP
BLocal
CPKI
DRSA SecurID

Explanation

RSA SecurID is an identity store that integrates with Cisco ISE to provide dynamic, single-use access credentials through its two-factor authentication tokens. Each token generates a unique passcode, making it suitable for one-time use.

Common mistakes.

A. OpenLDAP is a directory service used for storing user accounts and attributes, but it does not inherently provide single-use or dynamic credentials.
B. A Local identity store in ISE is for static user accounts and passwords configured directly on the ISE appliance; it does not support single-use credentials in the context of dynamic tokens.
C. PKI (Public Key Infrastructure) uses digital certificates for authentication, which are typically long-lived and not single-use in the same way a dynamic token passcode is.

Concept tested. Cisco ISE external identity stores - RSA SecurID

Reference. https://www.cisco.com/c/en/us/td/docs/security/ise/2-4/admin_guide/b_ise_admin_guide_24/b_ise_admin_guide_24_chapter_0110.html#concept_819A2DFE8117498FB273FB726DF96366

Topics

#Identity Stores#RSA SecurID#Multi-Factor Authentication#One-Time Passwords

Community Discussion

No community discussion yet for this question.

Full 300-715 Practice Browse All 300-715 Questions