ExamTopics Logo
Mail Us[email protected]
Menu
Cisco Discussions
exam questions

Exam 300-430 All Questions

View all questions & answers for the 300-430 exam
Go to Exam

Exam 300-430 topic 1 question 257 discussion

Actual exam question from Cisco's 300-430
Question #: 257
Topic #: 1
[All 300-430 Questions]

An engineer configured a single WLAN with WPA2 Enterprise and wants to use Cisco ISE to implement AVC profiles for users in different departments. Each department is placed into its own unique VLAN and is assigned to an AVC profile, after successfully authenticating to the wireless network. Which feature on the Cisco WLC must be enabled?

  • A. Local Profiling
  • B. role-based access control
  • C. AAA Override
  • D. Change of Authorization
Show Suggested Answer Hide Answer
Suggested Answer: C 🗳️
by rrahim at Feb. 15, 2025, 6:29 p.m.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
rrahim
2 months, 2 weeks ago
Selected Answer: C
To implement AVC (Application Visibility and Control) profiles for users in different departments and assign them to unique VLANs after authentication, the AAA Override feature must be enabled on the Cisco Wireless LAN Controller (WLC). Here's why: AAA Override allows the WLC to override the default WLAN settings with attributes (such as VLAN assignments and AVC profiles) received from the AAA server (Cisco ISE) during user authentication. In this scenario: Cisco ISE can assign users to specific VLANs and AVC profiles based on their department or role. The WLC uses the information provided by Cisco ISE to dynamically apply the correct VLAN and AVC profile for each user.
upvoted 1 times
rrahim
2 months, 2 weeks ago
Why the Other Options Are Incorrect: Option A: Local Profiling Local Profiling is used to classify devices based on their behavior or attributes but does not handle VLAN assignments or AVC profiles. Option B: Role-Based Access Control (RBAC) RBAC is used to enforce policies based on user roles but does not directly support dynamic VLAN assignments or AVC profiles. Option D: Change of Authorization (CoA) CoA is used to modify user sessions dynamically (e.g., reauthentication or policy changes) but is not directly related to assigning VLANs or AVC profiles during initial authentication.
upvoted 1 times
...
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel
exam
Someone Bought Contributor Access for:
SY0-701
London, 1 minute ago