ExamTopics Logo
Mail Us[email protected]
Menu
Cisco Discussions
exam questions

Exam 300-715 All Questions

View all questions & answers for the 300-715 exam
Go to Exam

Exam 300-715 topic 1 question 232 discussion

Actual exam question from Cisco's 300-715
Question #: 232
Topic #: 1
[All 300-715 Questions]

A client connects to a network and the authenticator device learns the MAC address 04:49:23:86:34:AB of this client. After the MAC address is learned, the 802.1 x authentication process begins on this port. Which ISE deployment mode restricts all traffic initially, applies a rule for access control if 802.1x authentication is successful, and can be configured to grant only limited access if 802.1 x authentication is unsuccessful?

  • A. open mode
  • B. monitor mode
  • C. closed mode
  • D. low-impact mode
Show Suggested Answer Hide Answer
Suggested Answer: C 🗳️
by spidaman at Nov. 5, 2023, 4:18 a.m.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
ce1997d
3 months, 2 weeks ago
Selected Answer: D
Monitor Mode has open access even before and after authentication. Low impact mode has open access before but is controlled by an ACL until the device authenticates to have a new ACL applied. Closed denies all non-eap traffic until authentication is successful.
upvoted 1 times
Cachaman
3 months ago
correct answer is C The key here is: Which ISE deployment mode restricts all traffic initially (Close mode). Initially, monitor and low-impact mode do not restrict all traffic
upvoted 1 times
...
...
TiberiuszSun
8 months ago
Selected Answer: C
IEEE 802.1x Deployment Modes -> High-Security Mode (Closed) - NO access for unauthorized supplicants.
upvoted 2 times
...
ZoneHacker
11 months, 3 weeks ago
Selected Answer: C
C. closed mode Here's why closed mode is the correct choice: Closed Mode: In this mode, the switch port initially restricts all traffic (except EAP and potentially DHCP and CDP/LLDP) until the client successfully completes 802.1X authentication. After successful authentication, access control rules defined in Cisco ISE are applied based on policies configured in the authorization profile. If 802.1X authentication fails, the port can be configured to grant limited access or no access at all, depending on the specific configuration. https://community.cisco.com/t5/security-knowledge-base/ise-secure-wired-access-prescriptive-deployment-guide/ta-p/3641515
upvoted 3 times
...
spidaman
1 year, 7 months ago
Selected Answer: D
https://community.cisco.com/t5/security-knowledge-base/ise-secure-wired-access-prescriptive-deployment-guide/ta-p/3641515#toc-hId--83743573:~:text=or%20VLAN%20authorizations.-,Pre%2DAuthentication%20and%20Post%2DAuthentication%20Access%20Control%20with%20Low%20Impact,-After%20gaining%20enough
upvoted 3 times
leostor
1 year, 7 months ago
Low-Impact doesn't deny all traffic. It allows PXE traffic for example
upvoted 5 times
...
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel