CCIE Security Written Exam: Common Tasks Panel Attributes | Cisco ISE Solution

Common Tasks Panel Attributes

Prev Question Next Question

Question

Which three attributes may be configured as part of the Common Tasks panel of an authorization profile in the Cisco ISE solution? (Choose three.)

Answers

Explanations

Click on the arrows to vote for the correct answer

A. B. C. D. E.

ACD.

Cisco Identity Services Engine (ISE) is a comprehensive identity-based network access control and policy enforcement system. The Common Tasks panel of an authorization profile in Cisco ISE allows administrators to configure a set of common attributes to be applied to a user or device session during authorization.

The three attributes that may be configured as part of the Common Tasks panel of an authorization profile in the Cisco ISE solution are:

A. VLAN: This attribute specifies the VLAN that the user or device should be assigned to upon successful authentication and authorization. This can be used to segment network traffic and enforce network policies.

B. Voice VLAN: This attribute is used in voice-over-IP (VoIP) environments to specify the VLAN that should be used for voice traffic. This allows administrators to separate voice traffic from data traffic and apply different policies to each.

C. dACL name: This attribute specifies the name of the downloadable access control list (dACL) that should be applied to the user or device session upon successful authentication and authorization. A dACL is a set of access control rules that is downloaded to a network device and applied to traffic flowing through it. This allows administrators to apply fine-grained access control policies to specific users or devices.

D. Voice domain permission: This attribute is used in VoIP environments to specify whether the user or device is allowed to participate in the voice domain. This allows administrators to restrict access to voice services to authorized users or devices.

E. SGT: Security Group Tag (SGT) is an attribute used in Cisco TrustSec environments to enforce access policies based on a user or device's security group membership. SGTs are assigned to network traffic as it enters the network and are used to enforce policies based on the user or device's group membership. This attribute can be used to dynamically enforce access control policies based on user or device context.

Therefore, the correct answers to the question are A. VLAN, C. dACL name, and E. SGT.