Which two actions can an end user take to manage a lost or stolen device in Cisco ISE? (Choose two.)
A. Activate Cisco ISE Endpoint Protection Services to quarantine the device
B. Add the MAC addresses of the device to a list of blacklisted devices
C. Force the device to be locked with a PIN
D. Request revocation of the digital certificate of the device
E. Reinstate a device that the user previously marked as lost or stolen
B,C ?
refers https://www.cisco.com/c/en/us/td/docs/solutions/Enterprise/Borderless_Networks/Unified_Access/BYOD_Design_Guide/Managing_Lost_or_Stolen_Device.pdf
A, B, D are the actions that the administrator does, C, E are the actions that end-user takes.
https://www.cisco.com/c/en/us/td/docs/solutions/Enterprise/Borderless_Networks/Unified_Access/BYOD_Design_Guide/Managing_Lost_or_Stolen_Device.html
Administrators:
• Add the endpoint to the Blacklist Identity Group.
• If the endpoint is connected, force it off the network using the Show Live Sessions screen.
• Enforce a PIN lock through the Endpoints screen in ISE.
• Initiate a remote device wipe through the Endpoints screen in ISE.
• Quarantine the endpoint using the ISE’s Endpoint Protection Services feature (employees are not
able to reinstate endpoints quarantined by the administrator).
• Revoke the device’s digital certificate.
• Disable the RSA SecurID token..
Employees and administrators have different capabilities to block lost or stolen devices:
Employees:
From the My Devices Portal:
•Report devices as lost.
•Enforce a PIN lock through the MDM.
•Initiate a remote device wipe through the MDM.
•Reinstate a device to regain access with put having to register the device again.