An organization has recently deployed ISE with Trustsec capable Cisco switches and would like to
allow differentiated network access based on user groups. Which solution is most suitable for
achieving these goals?
A.
Cyber Threat Defense for user group control by leveraging Netflow exported from the Cisco
switches and identity information from ISE
B.
MACsec in Multiple-Host Mode in order to encrypt traffic at each hop of the network
infrastructure
C.
Identity-based ACLs preconfigured on the Cisco switches with user identities provided by ISE
D.
Cisco Security Group Access Policies to control access based on SGTs assigned to different
user groups
Explanation: