300-715 · Question #90
300-715 Question #90: Real Exam Question with Answer & Explanation
The correct answer is A: HTTP. {"question_number": 1, "question": "An engineer is using the low-impact mode for a phased deployment of Cisco ISE and is trying to connect to the network prior to authentication. Which access will be denied in this?", "correct_answer": "A. HTTP", "explanation": "Cisco ISE's Low-I
Question
An engineer is using the low-impact mode for a phased deployment of Cisco ISE and is trying to connect to the network prior to authentication. Which access will be denied in this?
Options
- AHTTP
- BDNS
- CEAP
- DDHCP
Explanation
{"question_number": 1, "question": "An engineer is using the low-impact mode for a phased deployment of Cisco ISE and is trying to connect to the network prior to authentication. Which access will be denied in this?", "correct_answer": "A. HTTP", "explanation": "Cisco ISE's Low-Impact Mode is a phased deployment approach that applies a pre-authentication ACL (Access Control List) to switch ports, allowing limited traffic before a device is authenticated. The pre-auth ACL is specifically designed to permit only the traffic necessary to complete authentication and basic network functions. DHCP (D) is permitted so endpoints can obtain an IP address. DNS (B) is permitted so hostnames can be resolved. EAP (C) is permitted because it is the actual authentication protocol that needs to flow to allow the device to authenticate. HTTP (A) is denied in the pre-auth ACL because allowing general web access before authentication would defeat the purpose of access control. Once authenticated, the full ACL or security policy is applied and HTTP access can be granted based on policy.", "generated_by": "claude-sonnet", "llm_judge_score": 4}
Topics
Community Discussion
No community discussion yet for this question.