Cisco Implementing and Configuring Cisco Identity Services Engine (SISE) v4.0 (300-715 SISE) 300-715 Question # 3 Topic 1 Discussion

300-715 Exam Topic 1 Question 3 Discussion:

Question #: 3

Topic #: 1

Which two default endpoint identity groups does Cisco ISE create? (Choose two )

block list

endpoint

profiled

allow list

unknown

Get Premium 300-715 Questions

Explanation

https://www.cisco.com/c/en/us/td/docs/security/ise/2-1/admin_guide/b_ise_admin_guide_21/b_ise_admin_guide_20_chapter_010100.html

Default Endpoint Identity Groups Created for EndpointsCisco ISE creates the following five endpoint identity groups by default: Blacklist, GuestEndpoints, Profiled, RegisteredDevices, and Unknown. In addition, it creates two more identity groups, such as Cisco-IP-Phone and Workstation, which are associated to the Profiled (parent) identity group. A parent group is the default identity group that exists in the system.

Cisco ISE creates the following endpoint identity groups:

Blacklist—This endpoint identity group includes endpoints that are statically assigned to this group in Cisco ISE and endpoints that are block listed in the device registration portal. An authorization profile can be defined in Cisco ISE to permit, or deny network access to endpoints in this group.

GuestEndpoints—This endpoint identity group includes endpoints that are used by guest users.

Profiled—This endpoint identity group includes endpoints that match endpoint profiling policies except Cisco IP phones and workstations in Cisco ISE.

RegisteredDevices—This endpoint identity group includes endpoints, which are registered devices that are added by an employee through the devices registration portal. The profiling service continues to profile these devices normally when they are assigned to this group. Endpoints are statically assigned to this group in Cisco ISE, and the profiling service cannot reassign them to any other identity group. These devices will appear like any other endpoint in the endpoints list. You can edit, delete, and block these devices that you added through the device registration portal from the endpoints list in the Endpoints page in Cisco ISE. Devices that you have blocked in the device registration portal are assigned to the Blacklist endpoint identity group, and an authorization profile that exists in Cisco ISE redirects blocked devices to a URL, which displays “Unauthorised Network Access”, a default portal page to the blocked devices.

Unknown—This endpoint identity group includes endpoints that do not match any profile in Cisco ISE.

In addition to the above system created endpoint identity groups, Cisco ISE creates the following endpoint identity groups, which are associated to the Profiled identity group:

Cisco-IP-Phone—An identity group that contains all the profiled Cisco IP phones on your network.

Workstation—An identity group that contains all the profiled workstations on your network.

Actual exam question for Cisco 300-715 exam by Zane4481 at Aug 3, 2025, 5:51:51 AM

Contribute your Thoughts:

Chosen Answer: A B C D E
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.

Cisco Implementing and Configuring Cisco Identity Services Engine (SISE) v4.0 (300-715 SISE) 300-715 Question # 3 Topic 1 Discussion

Cisco Implementing and Configuring Cisco Identity Services Engine (SISE) v4.0 (300-715 SISE) 300-715 Question # 3 Topic 1 Discussion

Correct Answer:

Options Selected by Other Users:

Contribute your Thoughts:

Cisco Implementing and Configuring Cisco Identity Services Engine (SISE) v4.0 (300-715 SISE) 300-715 Question # 3 Topic 1 Discussion

Cisco Implementing and Configuring Cisco Identity Services Engine (SISE) v4.0 (300-715 SISE) 300-715 Question # 3 Topic 1 Discussion

Correct Answer:

Options Selected by Other Users:

Contribute your Thoughts:

Awaiting moderator approval