nerdexam
Exams300-715Questions#410
CiscoCisco

300-715 · Question #410

300-715 Question #410: Real Exam Question with Answer & Explanation

The correct answer is D: Configure the SAML identity provider in authentication method for the secondary guest portal.. After importing IdP metadata into ISE, the SAML identity provider must be explicitly set as the authentication method on each guest portal that will use it.

Web Auth and Guest Services

Question

An administrator must change the authentication method from local accounts to SAMIL for wireless guest users in a Cisco ISE deployment. Using the SAML protocol, the guest portal must be configured to authenticate employees with an external identity provider server. These configurations were performed: - created a secondary self-registered guest portal for SAML integration - created a primary guest portal for wireless guest users - configured all the required settings on the SAML identity provider server - imported IdP metadata to the Cisco ISE SAML identity provider profile Which two actions must be taken? (Choose two.)

Options

  • ACreate employee accounts in the Sponsor portal.
  • BCreate a SAML identity provider in ISE.
  • CConfigure the Sponsor portal
  • DConfigure the SAML identity provider in authentication method for the secondary guest portal.
  • EConfigure the SAML identity provider in authentication method for the primary guest portal.

Explanation

After importing IdP metadata into ISE, the SAML identity provider must be explicitly set as the authentication method on each guest portal that will use it.

Common mistakes.

  • A. Creating employee accounts in the Sponsor portal is unnecessary because SAML offloads authentication entirely to the external identity provider, eliminating the need for locally managed guest accounts.
  • B. Creating a SAML identity provider in ISE is already completed - importing the IdP metadata into the ISE SAML identity provider profile constitutes creating and configuring that provider.
  • C. Configuring the Sponsor portal is not required for SAML authentication; the Sponsor portal handles guest account sponsorship and lifecycle management, not authentication method assignment.

Concept tested. Cisco ISE SAML identity provider guest portal authentication binding

Reference. https://www.cisco.com/c/en/us/td/docs/security/ise/3-3/admin_guide/b_ise_admin_3_3/b_ISE_admin_33_guestaccess.html

Topics

#SAML#Cisco ISE#Guest Portal#Identity Provider

Community Discussion

No community discussion yet for this question.

Sign up to join the discussion
Full 300-715 PracticeBrowse All 300-715 Questions