nerdexam
Cisco

350-701 · Question #82

What two mechanisms are used to redirect users to a web portal to authenticate to ISE for guest services? (Choose two.)

The correct answer is B. central web auth E. local web auth. To redirect users to a web portal for guest authentication with Cisco ISE, the two primary mechanisms are Central Web Authentication (CWA) and Local Web Authentication (LWA). These methods direct the client's web browser to an ISE portal for credential entry and policy enforcemen

Submitted by kevin_r· Mar 30, 2026Secure Network Access, Visibility, and Enforcement

Question

What two mechanisms are used to redirect users to a web portal to authenticate to ISE for guest services? (Choose two.)

Exhibit

350-701 question #82 exhibit

Options

  • ATACACS+
  • Bcentral web auth
  • Csingle sign-on
  • Dmultiple factor auth
  • Elocal web auth

How the community answered

(22 responses)
  • B
    91% (20)
  • C
    5% (1)
  • D
    5% (1)

Why each option

To redirect users to a web portal for guest authentication with Cisco ISE, the two primary mechanisms are Central Web Authentication (CWA) and Local Web Authentication (LWA). These methods direct the client's web browser to an ISE portal for credential entry and policy enforcement.

ATACACS+

TACACS+ is used for device administration authentication and authorization, not for redirecting end-users to a web portal for guest services.

Bcentral web authCorrect

Central Web Authentication (CWA) is a common mechanism where the client is redirected by the network device (e.g., switch or WLC) to a web portal hosted on Cisco ISE itself for authentication, after which ISE provides the authorization decision.

Csingle sign-on

Single sign-on (SSO) is an authentication scheme, but it's not a *redirection mechanism* for initial web portal access.

Dmultiple factor auth

Multifactor authentication (MFA) is an authentication method, not a mechanism for redirecting users to a web portal.

Elocal web authCorrect

Local Web Authentication (LWA) is another method where the client is redirected by the network device to a web portal that is hosted on the network device (e.g., WLC or router) itself, which then proxies the authentication request to ISE or a local database.

Concept tested: Cisco ISE web authentication redirection

Source: https://www.cisco.com/c/en/us/td/docs/security/ise/2-1/ise_admin_guide/b_ise_admin_guide_21/b_ise_admin_guide_21_chapter_010000.html

Topics

#Cisco ISE#guest services#central web auth#local web auth

Community Discussion

No community discussion yet for this question.

Full 350-701 Practice