Which option is not a valid description of guest access configuration settings?

The option stating that if guest accounts are purged, associated endpoints and logs are removed reflects an incorrect understanding of guest access configuration settings in Cisco Identity Services Engine (ISE). In ISE, purging guest accounts primarily focuses on cleaning up user accounts that are no longer required. While it is true that removing guest accounts can lead to the cleaning up of some associated data, the retention of logs and endpoint data typically depends on the organization’s policies or settings regarding log retention and data management. Therefore, not all associated endpoints and logs are necessarily removed automatically upon purging guest accounts.

The other options accurately represent valid configurations within ISE for guest access. Custom fields allow administrators the flexibility to collect additional information that suits their organizational needs. A password policy can indeed be configured to enhance the security of guest access, defining parameters such as password complexity and expiration. Additionally, classifying guests into types like Contractor or Social Login reflects the common use-cases for accessing resources, providing a more structured approach to managing different categories of guest users.