DumpsBox
Home/cisco/Free Cisco 300-715 SISE Actual Exam Questions/Question 8
← Back to Exam

Free Cisco 300-715 SISE Actual Exam Questions - Question 8 Discussion

Question No. 8
An administrator must block access to BYOD endpoints that were onboarded without a certificate
and have been reported as stolen in the Cisco ISE My Devices Portal. Which condition must be used
when configuring an authorization policy that sets DenyAccess permission?
Select one option, then reveal solution.
US
AE
Andrew E.
2026-02-20

C/D? The key here is the device being reported stolen, which aligns with Lost. But I wonder if Reinstate could be involved if they later want to allow access again. Since the question focuses on blocking access, Lost makes more sense as the BYOD state to target in the policy. The Blocklist part definitely fits for denying access. So, C seems like the better match based on stolen device status and being on the blocklist.

0
AE
Andrew E.
2026-02-20

Maybe C, since Lost clearly means stolen devices need blocking.

0
AE
Andrew E.
2026-02-16

C imo, because Lost is the only BYOD state that clearly indicates a device is reported stolen, making it the right condition to deny access in this case. The others don’t reflect stolen status.

0
AE
Andrew E.
2026-02-11

It’s C for sure. Lost means reported stolen, so that matches the scenario perfectly. The other states don’t really reflect a stolen device status.

0
EB
Ethan B.
2026-01-28

C, because Lost directly identifies devices reported stolen, no cert needed.

0
EB
Ethan B.
2026-01-26

It’s C since Lost clearly flags stolen devices regardless of cert status.

0
SW
Sami W.
2026-01-25

The BYOD state Lost clearly flags devices flagged as stolen, so combining that with Blocklist makes sense. The state Pending wouldn’t capture already stolen devices yet, so B seems off.

0
OP
Osama P.
2026-01-23

A/C? The key is the Blocklist group plus a BYOD state indicating the device is no longer trusted. Lost makes sense for stolen devices, but I wonder if Pending could catch those without certificates since they might not have completed full onboarding. Still, Lost seems more precise for reported stolen devices, so I'd go with C over A.

0
OP
Osama P.
2026-01-20

C, since Lost directly matches stolen status regardless of certificate onboarding.

0
PP
Peter P.
2026-01-19

C/D? If the device is reported stolen, Lost seems right, but Reinstate might be needed if they want to reverse the block later. Still, Lost fits the immediate deny better here.

0
ZU
Zain U.
2026-01-18

It’s C, Lost fits stolen status, so denying makes sense here.

0
AT
Ahmed T.
2026-01-16

C, Lost matches stolen devices status for blocking access properly.

0
AT
Ahmed T.
2026-01-15

C imo makes the most sense since stolen devices would be marked Lost, so combining Blocklist with Lost ensures those endpoints get denied access.

0
RB
Rizwan B.
2026-01-15

Option C since stolen devices match Lost BYOD state.

0