Which Actions Occur When a Cisco ISE Server Device Administrator Logs In to a Device?

BE.

When a Cisco ISE server device administrator logs in to a device, two actions occur:

1. The Cisco ISE server queries the internal identity store: This means that the ISE server will check its own internal database to verify the credentials of the device administrator who is trying to log in. The internal identity store could be a database of user accounts that is configured within the ISE itself or it could be an external identity store that has been integrated with ISE.

2. The device queries the Cisco ISE authorization server: After the ISE server has verified the device administrator's credentials, the device will query the ISE authorization server to determine what level of access the administrator should be granted. The authorization server checks the ISE policy rules to determine what access policies should be applied to the administrator and then returns this information to the device.

Therefore, the correct answers are A and C. Option A is correct because the ISE server always queries its own internal identity store to authenticate users who attempt to log in. Option C is correct because once the ISE server has verified the administrator's credentials, the device queries the ISE authorization server to determine what level of access should be granted to the administrator.