Exam 300-715 topic 1 question 6 discussion

You don't download feed from an internal server. Only from Cisco. I'd select D.

Guys, the answer is C. The question asks - What is a "REQUIREMENT" for Feed Service to work? D - Internet access to the feed service - is NOT a requirement for feed service to work. In an air-gapped environment with no Internet access, the feed service updates can be downloaded out of band and manually installed on ISE. B - ISE needs access to an internal server is NOT a requirement, because feed service updates can be installed from a direct internet connection to the feed service. A - 8080 is not the port that is used to access the profile service (8443) C is the correct answer. For profiling to work you require a Plus license. Under that same licensing scheme, you REQUIRE a base license before you can get a Plus license. So base license is required.

Cisco Profiler Feed Service The Cisco Profiler Feed Service automates the delivery of new endpoint profiles and, just importantly, OUI updates. If the ISE server can't access the internet, it is not automated anymore, and it requires manual intervention.

Correct answer D. We are talking about posture feature and this feature utilized Feed server in order to maintain the most update policies for posture assesment(the most recent version for antivirus. https://content.cisco.com/chapter.sjs?uri=/searchable/chapter/content/en/us/td/docs/security/ise/1-4/admin_guide/b_ise_admin_guide_14/b_ise_admin_guide_14_chapter_0111.html.xml https://www.cisco.com/c/dam/en/us/td/docs/security/ise/feedserver/partner_portal_faq/Feed_Service_Partner_Portal_FAQs.pdf)

poorly worded, need Internet to DL updates, C is wrong because need Advantage or higher

It is option C would like to make more noise on the discussion here. internet access is required to update the feed service but you can run it on a "old version" on a air gaped network until you found a end device that is not on the list, manual update without internet access is also possible. but if you do not have the proper licenses it won't matter if you have internet access, it won't profile

I vote D as there are 2 methods for updating the Profiler & Posture feature. Online via a configured feed service which requires Internet access either direct or through Proxy OR you could download the updates from the software Center onto internal network server behind the FW. The second method does not use the FEED service. Internet Access is required for feed service to work.

It should be answer D; Profile (feed ) service are available online and offline, but via manual upload. I have impression option B refers more to an internal licenses server. The online access uses port 8443 not 8080, Profile service require Plus licenses (or Advantage) not Base(Essential). Again option D looks the most logical. https://content.cisco.com/chapter.sjs?uri=/searchable/chapter/content/en/us/td/docs/security/ise/1-4/admin_guide/b_ise_admin_guide_14/b_ise_admin_guide_14_chapter_0111.html.xml https://www.cisco.com/c/dam/en/us/td/docs/security/ise/feedserver/partner_portal_faq/Feed_Service_Partner_Portal_FAQs.pdf https://www.cisco.com/web/secure/spa/posture-offline.html and also a video how to do it offline: https://www.youtube.com/watch?v=7LnDIFEnHUk

Answer is C. The Cisco ISE Feed Service is a feature of Cisco Identity Services Engine (ISE) that provides up-to-date information about threats and vulnerabilities that can impact network security. The Feed Service continuously updates threat and vulnerability information in the ISE policy engine, allowing administrators to proactively take action to mitigate risks to the network. The Feed Service can be configured to download updates from either a local or Internet-based server.

D for sure, refer to that phrase in the official book "Because ISE must be able to reach Cisco.com for the ISE Profiler Feed Service to function, it is quite possible that you may need to configure ISE to use a proxy server to reach the Internet"

In cases where ISE is air-gapped, it would not have direct access to the internet. In those cases, the admin would need to download the feed update to a PC or internal server, then ISE needs access to an internal server (or PC) to download the feed update. This would be a manual offline update. The Cisco Profiler Feed Service provides two methods to obtain profile and OUI updates: Online Subscription Update Offline Manual Update https://community.cisco.com/t5/security-knowledge-base/ise-profiling-design-guide/ta-p/3739456#toc-hId-1583438341

Could it that what they are referring to as internal is the the Cisco ISE feed service server as per below. https://ise.cisco.com:8443/feedserver/feed/

Com'on

n order for ISE to utilize the feed service it must obtain DHCP and other device identities that have been stored or learned on an internal server. CCNP Official Cert Guide Chptr. 5 and specifically Chptr. 7.

Provided answer is correct In order for ISE to utilize the feed service it must obtain DHCP and other device identities that have been stored or learned on an internal server. CCNP Official Cert Guide Chptr. 5 and specifically Chptr. 7.

Who answers this questions it's DDDDDD lol Feeeeeeddddddd updates for device profiling

Correct is D https://ise.cisco.com:8443/feedserver/feed/serverinfo?ISE_VERSION=2.4.0.357 as example