ISE can be integrated with an MDM to ensure that only registered devices are allowed on the network, and use the MDM to push policies to the device. Devices can go in and out of compliance either due to policy changes on the MDM server, or another reason. Consider a device that has already authenticated on the network, and stays connected, but fails out of compliance.
Which action can you take to ensure that a noncompliant device is checked periodically and re-assessed before allowing access to the network?
A . Enable change of authorization on MDM
B . Fire-AMP consider scan can be used to relay posture information to ISE via Fire AMP cloud
C . The MDM agent periodically sends a packet with compliance info that the wireless controller can be used to limit network access
D . Enable Period compliance checking on ISE
E . Enable Change of authorization on ISE
F . The MDM agent automatically discounts the device from the network when it is noncompliant
Answer: E
Leave a Reply