Cisco Exam 300-430 Topic 5 Question 78 Discussion

Actual exam question for Cisco's 300-430 exam

Question #: 78
Topic #: 5

WPA2 Enterprise with 802.1X is being used for clients to authenticate to a wireless network through a Cisco ISE server. For security reasons, the network engineer wants to ensure that only PEAP authentication is used. The engineer sent instructions to clients on how to configure the supplicants, but the ISE logs still show users authenticating using EAP-FAST. Which action ensures that access to the network is restricted for these users unless the correct authentication mechanism is configured?

AEnable AAA override on the SSID, gather the usernames of these users, and disable the RADIUS accounts until the devices are correctly configured.

BEnable AAA override on the SSID and configure an ACL on the WLC that allows access to users with IP addresses from a specific subnet.

CEnable AAA override on the SSID and configure an access policy in Cisco ISE that denies access to the list of MACs that have used EAP-FAST.

DEnable AAA override on the SSID and configure an access policy in Cisco ISE that allows access only when the EAP authentication method is PEAP.

Show Suggested Answer

Suggested Answer: A

by Lili at Dec 06, 2024, 03:29 AM

Limited Time Offer

25%

14 days ago

I think the answer is D, because it specifically mentions restricting access based on the authentication method.

upvoted 0 times

...