Which use case validates a change of authorization?
Click on the arrows to vote for the correct answer
A. B. C. D.C.
https://www.cisco.com/c/en/us/td/docs/security/ise/1-2/user_guide/ise_user_guide/ise_prof_pol.htmlThe use case that validates a change of authorization is when an authenticated, wired EAP-capable endpoint is discovered.
Explanation: Change of Authorization (CoA) is a feature that enables dynamic policy enforcement based on network conditions and user activity. It allows a device to be re-authenticated and reauthorized dynamically while it is connected to the network, based on the changes in the endpoint or user status. The most common use case for CoA is to revoke or modify user access when a policy violation occurs or when an authenticated user needs to be moved to a different access level.
Option A, where an endpoint is disconnected from the network, does not require CoA because the endpoint is already disconnected.
Option B, where endpoints are created through device registration for guests, also does not require CoA.
Option C, where an endpoint profiling policy is changed for authorization policy, might require a re-authorization, but it does not necessarily require CoA.
Option D is the correct answer because it involves an authenticated endpoint that is capable of Extensible Authentication Protocol (EAP) on a wired network. If the endpoint is discovered to be non-compliant with security policies or if its access level needs to be changed, CoA is required to enforce the new policy.