Exam 300-715 All QuestionsBrowse all questions from this exam
Go to Exam
Question 264

An administrator must configure Cisco ISE to authenticate a user accessing a Cisco Adaptive Security Appliance firewall using SSH. The solution must meet these requirements:

• The local Cisco ISE database must be used for user authentication

• ASA commands run by users must be validated

The configurations were performed:

• added the Cisco Adaptive Security Appliance firewall

• configured user accounts

• enabled Device Admin Service in Cisco ISE

• configured a TACACS profile

• configured an authorization policy

• configured the Cisco Adaptive Security Appliance firewall for authentication and authorization

Which two actions must be taken in Cisco ISE? (Choose two.)

    Correct Answer: B, D

    To configure Cisco ISE to authenticate a user accessing a Cisco ASA firewall using SSH and validate ASA commands, two key actions must be taken. First, configure a user identity group to organize the users and facilitate authentication management. Second, configure TACACS command sets to ensure that the ASA commands run by users are validated. This ensures the local Cisco ISE database is used for user authentication and the commands are appropriately authorized.

Discussion
ZoneHackerOptions: BD

For me here, the right answer is B & D.