ExamTopics Logo
Mail Us[email protected]
Menu
Cisco Discussions
exam questions

Exam 350-701 All Questions

View all questions & answers for the 350-701 exam
Go to Exam

Exam 350-701 topic 1 question 698 discussion

Actual exam question from Cisco's 350-701
Question #: 698
Topic #: 1
[All 350-701 Questions]

How does a Cisco Secure Web Appliance integrated with LDAP handle the permissions of a currently logged in Active Directory group member when the Active Directory administrator changes the permissions of the user's group mid session?

  • A. If the Cisco Secure Client Mobility Client is configured on the endpoint to provide Active Directory updates, the Cisco Secure Web Appliance changes the user's permissions immediately when alerted by the client.
  • B. If the Cisco Secure Web Appliance is configured to receive real-time updates from the Active Directory user agent, it changes the user's permissions immediately when the agent sends the update.
  • C. The Cisco Secure Web Appliance terminates the current session and prompts the user to re-authenticate in order to update the effective permissions.
  • D. The Cisco Secure Web Appliance continues to operate using the permissions that were in effect when the user logged in for the duration of the user's session.
Show Suggested Answer Hide Answer
Suggested Answer: D 🗳️
by GongRoca at Oct. 19, 2024, 9:06 p.m.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
Nian
1 month, 3 weeks ago
Selected Answer: B
Answer is B: If WSA is configured for real-time LDAP lookups, it will re-check LDAP permissions on every request, applying the updated group policies immediately. (Dynamic Authorization Updates) HOWEVER - If LDAP session caching is enabled, permission changes may take effect only after session expiration or a manual cache refresh (leading to D being correct answer) No information about session cache - so assuming not enabled.
upvoted 1 times
...
GongRoca
6 months, 3 weeks ago
Answer is correcto, the integration with LDAP validate the credentials at session's begening and need to end the session or re-authenticate to request new credentials.
upvoted 2 times
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel
exam
Someone Bought Contributor Access for:
SY0-701
London, 1 minute ago