A network administrator is configuring Cisco ISE to enforce access control based on user authentication. The company requires that only users who authenticate via Active Directory are allowed access to the corporate wireless network. Which policy should be configured in ISE to accomplish this?
Trap 1: Profiling policy
Profiling policy is used to identify device attributes, not to grant access.
Trap 2: Authentication policy
Authentication policy only determines how users are authenticated, not the resulting access.
Trap 3: Policy set
Policy set is a container that groups authentication and authorization policies; it does not directly enforce access.
- A
Profiling policy
Why wrong: Profiling policy is used to identify device attributes, not to grant access.
- B
Authentication policy
Why wrong: Authentication policy only determines how users are authenticated, not the resulting access.
- C
Authorization policy
Authorization policy defines what access is granted after authentication.
- D
Policy set
Why wrong: Policy set is a container that groups authentication and authorization policies; it does not directly enforce access.