350-701 Question #34: Real Exam Question with Answer & Explanation

The correct answer is C: CoA Reauth. To apply new policy without disruption, a CoA Reauth message forces an endpoint to re-authenticate its session with ISE.

Submitted by renata2k· Mar 30, 2026Secure Network Access, Visibility, and Enforcement

Question

An engineer must force an endpoint to re-authenticate an already authenticated session without disrupting the endpoint to apply a new or updated policy from ISE. Which CoA type achieves this goal?

Options

APort Bounce
BCoA Terminate
CCoA Reauth
DCoA Session Query

Explanation

To apply new policy without disruption, a CoA Reauth message forces an endpoint to re-authenticate its session with ISE.

Common mistakes.

A. Port Bounce physically brings the port down and then back up, which disrupts the endpoint's connectivity, contrary to the requirement.
B. CoA Terminate immediately ends the authenticated session, which is a disruptive action.
D. CoA Session Query is used to retrieve information about an existing session, not to force a re-authentication or policy update.

Concept tested. Cisco ISE Change of Authorization (CoA) types

Reference. https://www.cisco.com/c/en/us/td/docs/security/ise/2-3/admin_guide/b_ise_admin_guide_23/b_ise_admin_guide_23_chapter_01000.html#concept_06C47D1C90414B609E83BF305081E57A

Topics

#Cisco ISE#Change of Authorization (CoA)#CoA Reauth#Network Access Control

Community Discussion

No community discussion yet for this question.

Full 350-701 Practice Browse All 350-701 Questions