The answer is BE. From work experience. Also see link below. Checking EPP version is not an option or parameter for device compliance checks. Registry files and operating system version are parameters you can choose for your compliance checks.
https://www.cisco.com/c/en/us/td/docs/security/ise/3-1/admin_guide/b_ise_admin_3_1/b_ISE_admin_31_compliance.html#id_16997
EPP is antimalware, antispyware, and antivirus, which is listed as well as registry.
OS version is not a compliance check, selecting the OS version identifies which compliance checks are applicable.
Answer is A, B.
AB is correct!
Table 5. OPSWAT API Versions
Posture Condition
Compliance Module Version
OPSWAT
Antivirus
3.x or earlier
Antispyware
3.x or earlier
Antimalware
4.x or later
Disk Encryption
3.x or earlier and 4.x or later
Patch Management
3.x or earlier and 4.x or later
USB
4.x or later
Non-OPSWAT
File
Any version
Application
Any version
Compound
Any version
Registry
Any version
Service
Any version
Operating system is used as a filter for which posture requirements are set for the endpoint but it is not a parameter its self. You can set a minimum Secure Client version or the value/existence of a registry key to as requirement to join.
OS version cannot be used as a posture condition. If you have to allow Windows 11 only, you need an authorization rule and not a rule in a posture policy.
However, EPP version can be verified if it is a supported antimalware software. For example, you can allow FireEye 34.x and 35.x as a posture requirement but not allow older versions.
https://www.cisco.com/c/en/us/td/docs/security/ise/2-4/admin_guide/b_ISE_admin_guide_24/m_client_posture_policies.html#id_38954
Search Operating System and Registry and you'll find both
I'd go with B and E also (only because its a Cisco exam and the others have decent evidence this is the answer Cisco is after. The EPP version is likely not as important as being up to date with definitions. I do like A however (should this be a "choose three answers"), as there would be vulnerabilities in old EPP versions.
Windows registry values, DHCP snooping checks, and DNS integrity checks are not typically used as parameters for device compliance checks, although they may be used as part of a more comprehensive security strategy.
may be - A and B - >
may be this Compliance Module -https://www.cisco.com/c/en/us/td/docs/security/ise/2-4/admin_guide/b_ISE_admin_guide_24/m_client_posture_policies.html#ID1263
From the Compliance Module drop-down list, choose the required compliance module:
4.x or Later: Supports antimalware, disk encryption, patch management, and USB conditions.
3.x or Earlier: Supports antivirus, antispyware, disk encryption, and patch management conditions.
Any Version: Supports file, service, registry, application, and compound conditions.
For more information about compliance module, see Compliance Module.
This section is not available anymore. Please use the main Exam Page.350-701 Exam Questions
Log in to ExamTopics
Sign in:
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.
Upvoting a comment with a selected answer will also increase the vote count towards that answer by one.
So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.
west33637
Highly Voted 2 years, 3 months agodawlims
2 years, 1 month agoJJ123123123
9 months, 1 week agoF0rtyx40
1 year, 9 months agoangry
Highly Voted 2 years, 1 month agoce1997d
Most Recent 3 months agoluismg
7 months, 2 weeks agoLTLnetworker
1 year, 3 months agonep1019
1 year, 9 months agojku2cya
1 year, 9 months agoSegaMasterSystemAdmin
1 year, 11 months agoTuxzinator
2 years, 2 months agoachille5
2 years, 2 months agoTthurston1
1 year agoZ3R0IT
2 years, 4 months agoEmlia1
2 years, 5 months agoRandom000
2 years, 6 months ago