ISE sd access integration Flashcards

1
Q

things you can do in ise with sd access

A

Guest Access
Guest network automation

Host On-boarding
User authentication

Group Based Access Control
SDA Segmentation

Assurance
Client 360

Device Administration
TACACS

Endpoint Analytics
Everything & Everyone on Network

Policy Analytics
Group to Group Interaction with automated policy

Security Ecosystem Integration
Context Sharing

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

ISE policy

A

ISE does policy distribution and a central policy engine and auth authoritity.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

what does ISE stand for

A

Identity Service Engine

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

Ise API ERS

A

used for certificate exchanges and updating ISE with catalyst center with orchestrated group based policies sgts

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

FQDN

A

fully qualified domain name

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

what is pxGrid

A

pgrid is an framework for excange of contextual infromation and policy data between ISE and other network security polatofroms in realtime.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

Key functionalities of ise

A

sharing context info user identities, device details, compliance status, and security group tags (SGTs).

Allowing third-party systems to subscribe to event data (e.g., login/logoff, security alerts) generated by ISE.

Enabling dynamic policy enforcement and automation across the network based on the information shared through pxGrid.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

How can pxGrid be used

A

Threat Detection and Response: Integrating with security platforms like firewalls, endpoint protection systems, and SIEMs to receive context-rich data (e.g., who the user is, where the device is located, compliance status) for faster response to incidents.

Dynamic Segmentation: Sharing contextual data with firewalls, switches, and routers so that dynamic access control policies can be applied based on user or device attributes (e.g., based on user role, location, or compliance posture).

Endpoint Compliance: Sharing endpoint information (e.g., OS version, antivirus status) with third-party systems to ensure compliance before allowing full network access.

Policy Enforcement: Security systems subscribing to pxGrid can trigger automated policies in response to certain events, like quarantining a device, reducing access, or pushing additional authentication requirements.

Firewalls from vendors like Palo Alto Networks or Fortinet, which use pxGrid data to dynamically apply segmentation policies.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

For cisco catalyst center what is ISE

A

a policy server

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

for what credentials doest credentials does catalyst center need

A

cli, snmp , https rw

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

Catalyst Center uses ISE for radius

A
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q
A
How well did you know this?
1
Not at all
2
3
4
5
Perfectly