ExamTopics Logo
Mail Us[email protected]
Menu
Cisco Discussions
exam questions

Exam 350-701 All Questions

View all questions & answers for the 350-701 exam
Go to Exam

Exam 350-701 topic 1 question 132 discussion

Actual exam question from Cisco's 350-701
Question #: 132
Topic #: 1
[All 350-701 Questions]

An administrator configures new authorization policies within Cisco ISE and has difficulty profiling the devices. Attributes for the new Cisco IP phones that are profiled based on the RADIUS authentication are seen; however, the attributes for CDP or DHCP are not. What should the administrator do to address this issue?

  • A. Configure a service template within the switch to standardize the port configurations so that the correct information is sent to Cisco ISE.
  • B. Configure the ip dhcp snooping trust command on the DHCP interfaces to get the information to Cisco ISE.
  • C. Configure the authentication port-control auto feature within Cisco ISE to identify the devices that are trying to connect.
  • D. Configure the device sensor feature within the switch to send the appropriate protocol information.
Show Suggested Answer Hide Answer
Suggested Answer: D 🗳️
by klu16 at Aug. 21, 2021, 10:09 a.m.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
klu16
Highly Voted 3 years, 11 months ago
I would choose D... Device sensor is a feature of access devices. It allows to collect information about connected endpoints. Mostly, information collected by Device Sensor can come from the following protocols: Cisco Discovery Protocol (CDP) Link Layer Discovery Protocol (LLDP) Dynamic Host Configuration Protocol (DHCP)
upvoted 20 times
andrewj511
3 years, 10 months ago
https://www.cisco.com/c/en/us/support/docs/security/identity-services-engine/200292-Configure-Device-Sensor-for-ISE-Profilin.html
upvoted 7 times
...
...
sy0_061
Most Recent 1 week, 4 days ago
Selected Answer: D
D - Device sensor is configured to send DHCP, CDP, and LLDP info to ISE. Since this is a Cisco phone, CDP and DHCP are the relevant here. The CDP, LLDP, and DHCP attributes are grouped together first. Then, the 'device-sensor' command is used to export those groupings to ISE.
upvoted 1 times
...
Premium_Pils
11 months, 3 weeks ago
Selected Answer: D
D - As others pointed out
upvoted 2 times
...
Korndal
1 year ago
Selected Answer: D
Answer is D. Other answer that should have been there, would be that den ip helper-address hasn't been configured to point to ISE, and therefor ISE does not get copies of the dhcp requests of the clients
upvoted 1 times
...
4pelos
1 year, 4 months ago
Correct answer D. Checked with securitytut
upvoted 1 times
...
nekkrokvlt
1 year, 10 months ago
It is D. Device sensor sends cdp / lldp attributes as radius accounting data for profiling
upvoted 2 times
...
gc999
2 years, 1 month ago
Selected Answer: D
I eventually choose "D" after reading this https://www.cisco.com/c/en/us/td/docs/switches/lan/catalyst3750/software/release/15-0_1_se/device_sensor/guide/sensor_guide.html
upvoted 3 times
...
Jessie45785
2 years, 3 months ago
Selected Answer: A
D - cannot be correct cause device sensor is configured on ISE, NOT on the switch https://www.cisco.com/c/en/us/support/docs/security/identity-services-engine/200292-Configure-Device-Sensor-for-ISE-Profilin.html#anc6 A- service templates can be locally configured on the switch: https://www.cisco.com/c/en/us/support/docs/security/identity-services-engine/200292-Configure-Device-Sensor-for-ISE-Profilin.html#anc6
upvoted 4 times
Jessie45785
2 years, 3 months ago
it was really late D- IS CORRECT: switch#show device-sensor cache interface g1/0/13 Device: 20bb.c0de.06ae on port GigabitEthernet1/0/13 -------------------------------------------------- Proto Type:Name Len Value LLDP 6:system-description 40 0C 26 43 69 73 63 6F 20 49 50 20 50 68 6F 6E 65 20 38 39 34 31 2C 20 56 33 2C 20 53 43 43 50 20 39 2D 33 2D 34 2D 31 37 CDP 6:platform-type 24 00 06 00 18 43 69 73 63 6F 20 49 50 20 50 68 6F 6E 65 20 38 39 34 31 20 CDP 28:secondport-status-type 7 00 1C 00 07 00 02 00
upvoted 4 times
...
...
sis_net_sec
2 years, 9 months ago
D is correct Device sensor is a feature of access devices. It allows to collect information about connected endpoints. Mostly, information collected by Device Sensor can come from the following protocols: + Cisco Discovery Protocol (CDP) + Link Layer Discovery Protocol (LLDP) + Dynamic Host Configuration Protocol (DHCP) Reference: https://www.cisco.com/c/en/us/support/docs/security/identity-services-engine/200292- ConfigureDevice-Sensor-for-ISE-Profilin.html
upvoted 2 times
...
JGW
3 years, 4 months ago
Selected Answer: D
D is correct, use link provided by andrewj511 and coentror. Answer C is incorrect, as that command needs to be executed on the switch and not on the ISE server
upvoted 1 times
...
jaciro11
3 years, 4 months ago
Selected Answer: D
Configure the device sensor feature within the switch to send the appropriate protocol information
upvoted 1 times
...
efongvan
3 years, 7 months ago
I will go with D.
upvoted 1 times
...
coentror
3 years, 8 months ago
It is D https://www.cisco.com/c/en/us/support/docs/security/identity-services-engine/200292-Configure-Device-Sensor-for-ISE-Profilin.html
upvoted 4 times
...
testtaker13
3 years, 9 months ago
Seems D is the correct one
upvoted 4 times
...
Sarbi
3 years, 11 months ago
I will go with D.
upvoted 4 times
...
Sarbi
3 years, 11 months ago
Ans is A.
upvoted 2 times
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel