Exam 300-715 topic 1 question 208 discussion

D If a user reinstates a stolen device, the status reverts to Not Registered. The user must delete that device, and add it back. This starts the onboarding process. https://www.cisco.com/c/en/us/td/docs/security/ise/3-0/admin_guide/b_ISE_admin_3_0/b_ISE_admin_30_byod.html

If a user reinstates a stolen device, the status reverts to not registered. The user must delete that device, and add that it back. https://www.cisco.com/c/en/us/td/docs/security/ise/2-4/admin_guide/reorg/b_byod_2_4.html

I believe 'B' to be correct, this guide uses the "re-instate" option to move the device to a "not registered" state, therefore allowing the re-onboarding to occur for stolen devices that are returned. https://www.cisco.com/c/en/us/td/docs/security/ise/3-1/my_devices/b_mydevices_31.html#reference_82B02EC563A54F14A41787169D24960B

The correct answer is D. Delete the device, and then re-add the device. When a device is marked as stolen in the My Devices Portal of Cisco ISE, it is automatically assigned to the Blocklist endpoint identity group. This group is used to prevent unauthorized devices from accessing the network. In order to resolve this issue and re-onboard the device, the user needs to delete the device from the My Devices Portal. This will remove it from the Blocklist endpoint identity group. Once deleted, the user can then re-add the device and go through the onboarding process again. Options A, B, and C are incorrect because they do not address the issue of being assigned to the Blocklist endpoint identity group. Manually removing the device from this group (option A) would require administrative access and may not be possible for a regular user. Changing the device state from stolen to not registered (option B) or changing the BYOD registration attribute of the device to none (option C) would not remove it from the Blocklist endpoint identity group.

B could be right but the option is using "change" instead of "reinstate" D is the closest option imo. The question uses "must" keyword and it matches the Cisco admin guide "The user must delete that device, and add it back"

Stolen device must be delete and re-add in order to connect to the network. https://community.cisco.com/t5/security-knowledge-base/cisco-ise-byod-prescriptive-deployment-guide/ta-p/3641867

If the device was onboarded by provisioning a profile (no certificate), Cisco ISE assigns the device to the Blacklist endpoint identity group. The device still has network access, unless you create an authorization policy for this situation. For example, IF Endpoint Identity Group is Blacklist AND BYOD_is_Registered THEN DenyAccess. If a user reinstates a stolen device, the status reverts to Not Registered. The user must delete that device, and add it back. This starts the onboarding process.

If a user reinstates a stolen device, the status reverts to Not Registered. The user must delete that device, and add it back. This starts the onboarding process.

checked on cisco official course, the provided answer in correct. beause no certificate is used, reinstate the device (changing it to "not registered") and then recoonnect to the netwotk is good to go.

I think A: " If the device is found, employees can reinstate it (in the My Devices portal) and regain network access without having to register the device again. Depending on whether the device was lost or stolen, additional provisioning may be required before the device can be connected to the network." https://www.cisco.com/c/en/us/td/docs/security/ise/2-0/admin_guide/b_ise_admin_guide_20/m_ise_device_access.html

Very tricky question as if a user reinstates a stolen device, the status reverts to Not Registered. The user must delete that device, and add it back. This starts the onboarding process. So there is no reinstate in the options but since reinstate is the action it will lead to unregistered device. Once reinstating the device it must be deleted and readded. I am still in doubt between B and D