ExamTopics Logo
Mail Us[email protected]
Menu
Cisco Discussions
exam questions

Exam 300-715 All Questions

View all questions & answers for the 300-715 exam
Go to Exam

Exam 300-715 topic 1 question 131 discussion

Actual exam question from Cisco's 300-715
Question #: 131
Topic #: 1
[All 300-715 Questions]

An organization is implementing Cisco ISE posture services and must ensure that a host-based firewall is in place on every Windows and Mac computer that attempts to access the network. They have multiple vendors' firewall applications for their devices, so the engineers creating the policies are unable to use a specific application check in order to validate the posture for this.
What should be done to enable this type of posture check?

  • A. Enable the default application condition to identify the applications installed and validate the firewall app.
  • B. Enable the default firewall condition to check for any vendor firewall application.
  • C. Use a compound condition to look for the Windows or Mac native firewall applications.
  • D. Use the file registry condition to ensure that the firewall is installed and running appropriately.
Show Suggested Answer Hide Answer
Suggested Answer: B 🗳️
by IlPerdan0 at Jan. 4, 2023, 12:02 p.m.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
IETF1
7 months, 2 weeks ago
B: the question already mentioned "They have multiple vendors' firewall applications for their devices" which means its not talking about native firewall. C is not correct answer. ISE comes with default preconfigured condition to check any firewall installed, you have to just enable it in policy.
upvoted 2 times
...
denverfly
1 year ago
Selected Answer: C
The correct answer is Use a compound condition to look for the Windows or Mac native firewall applications. A compound condition is a type of condition that allows you to combine multiple conditions into a single check. In this case, the organization could create a compound condition that checks for the presence of either the Windows or Mac native firewall application. This would allow them to ensure that all devices attempting to access the network have a host-based firewall installed, regardless of the vendor.
upvoted 1 times
...
IlPerdan0
1 year, 5 months ago
Selected Answer: B
I think B is correct. "The Firewall condition checks if a specific Firewall product is enabled on an endpoint. The list of supported Firewall products is based on the OPSWAT support charts. You can enforce policies during initial posture and Periodic Reassessment (PRA). Cisco ISE provides default Firewall conditions for Windows and macOS" https://community.cisco.com/t5/security-knowledge-base/ise-posture-prescriptive-deployment-guide/ta-p/3680273#toc-hId-1256947692
upvoted 2 times
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel