Exam 300-715 topic 1 question 107 discussion

They are surely talking about the EndPoints here, called station id was for the WLC (NAD). In this case, since they mentioned all the endpoints are same type and make, it makes more sense to go with option D.

The correct answer is B. In the ISE profiling policies, when selecting MAC as a condition, you have only two options: MAC Address and OUI. OUI (Organizationally Unique Identifier) represents the vendor name. If you need to create a profiling policy based on a specific Block ID within the MAC address, you must use the MAC Address attribute (MAC_MACAddress_CONTAINS). https://community.cisco.com/t5/network-access-control/cisco-ise-profiling-oui-lookup/td-p/5130686 What is perplexing me is how ISE performs an OUI check. For example, we have 5 HP printers, 3 show their OUI as "Hewlett Packard" and the other two show as "unknown". When we check the mac addresses of the unknown devices on an OUI check, they show as "Hewlett Packard" just as the devices that ISE recognises as "Hewlett Packard". We have other, similar instances of this behaviour.

I would go for D

STUPID Question. you can use both B and D. D is the most accurate though. You can use the Mac OUI in question B because it uses the value "Contains". You can also just add the Mac OUI as a vendor attribute in Question D.... But D is most precise for this question

I would go with D for this question as it would match several devices. The single device is just an example, wouldn't want to create profiles for each MAC address. Rather match the Block

Honestly I wil go for D option, even if they specify the mac address at the end of the question. It makes more sense because if they want to put several devices to be profiled if you a these vendors used in your company you are gonna use the OUI of these vendors. What you can do for better profiling is that if you have a certain series of devices that have the mac address 0000:1111:abc insted of the "global policy" configured 0000:1111 because these devices are more important you can use the contain and you can give an higher certainity factor and assign another vlan for example. In this case I will go for D is a best practice to use OUI if you can for profile devices.

The Block ID is the first six characters of a MAC address. So, I prefer to choose D

"The organization has several endpoints that are the same device type, and all have the SAME Block ID in their MAC address" This is the most important part of the question, the organization needs to configure a condition that match the same Block ID, Block ID is the first six characters of a Mac Address (OUI) so the best answer should be D, the MAC Address provided at the end of the question is only an example, but you need to configure a policy that should be scalable, also B is a valid Response, ma MAC Contains is not specific as MAC OUI, if it was MAC STARTS WITH the question would be very tricky, in this case i will go with D.

I vote for C, please see iseise link.

The correct answer is - MAC_MACAddress_CONTAINS_<MAC ADDRESS>. The MAC_MACAddress_CONTAINS_<MAC ADDRESS> condition is used to match endpoints based on their MAC address. In this case, the administrator needs to match endpoints with a MAC address of 01:41:14:65:50:AB. The <MAC ADDRESS> placeholder can be replaced with the actual MAC address of the endpoint. The other options are not correct. CDP_cdpCacheDeviceID_CONTAINS_<MAC ADDRESS> is used to match endpoints based on their CDP device ID. Radius_Called_Station-ID_STARTSWITH_<MAC ADDRESS> is used to match endpoints based on their RADIUS Called Station ID. MAC_OUI_STARTSWITH_<MAC ADDRESS> is used to match endpoints based on their MAC OUI.

I am a little mixed on this one. D: Seems to be the better answer to future proof the profile when new devices are onboarded onto the NAD's. B: The question mentions that they all have the same Block ID in their MAC address. Because they specifically mention the Block ID statement, I will go for B

C is wrong. Called statian id is the NAD. Calling station id is the endpoint. In question ACME AI Connector endpoint for network access with MAC address 01:41:14:65:50:AB, so only 1 endpoint. B says contains and that is for 1 endpoint D says startwith and that you use when you want to refer to a block macadress starting with.

there is no "called-station-id" attribute name in RADIUS type.