Which two values are compared by the binary comparison function in authentication that is based on Active Directory?

– by 1

Which two values are compared by the binary comparison function in authentication that is based on Active Directory?
A. user-presented certificate and a certificate stored in Active Directory
B. MS-CHAPv2 provided machine credentials and credentials stored in Active Directory
C. user-presented password hash and a hash stored in Active Directory
D. subject alternative name and the common name

cisco-exams

One thought on “Which two values are compared by the binary comparison function in authentication that is based on Active Directory?

  1. Cisco ISE has introduced two new enhancements in certificate authentication profile:

    Any subject or alternative name attributes in the certificate (for Active Directory only) option—You can use this option to use Active Directory UPN as the username for logs and try all subject names and alternative names in a certificate to look up a user. This option is available only if you choose Active Directory as the identity source.

    Only to resolve identity ambiguity option—You can use this options to resolve identity issues in EAP-TLS authentications. You can have multiple identities from TLS certificates. If the usernames are ambiguous, for example, if there are two “jdoe” from an acquisition, and if the client certificates are present in Active Directory, Cisco ISE can use binary comparison to rule out the ambiguity.

    1
    Reply

Leave a Reply

Your email address will not be published. Required fields are marked *


The reCAPTCHA verification period has expired. Please reload the page.