Privilege level for Cisco ISE

Commands Required for the Scan

show running-config
show version
show banner pre-login

Scan User Account Privilege

For a successful Compliance Scan Cisco ISE asset, the minimum privilege required is the Admin role. Regular users without admin access lack the ability to execute the essential "show running-config" command, which is necessary for conducting the scans.

Note: Users need to select "TargetType - Cisco ISE (VM, PC) " while creating authentication record in UI.