+ Reply to Thread
Results 1 to 16 of 16
  1. Senior Member Vask3n's Avatar
    Join Date
    Oct 2005
    Posts
    499

    Certifications
    ASA Specialist, CCNA Security, CCNA R/S , CCENT, JNCIA, A+, Security+, CST
    #1

    Default Passed SISAS!!!!

    Hey guys, I ended up retaking this test after failing it about two weeks ago because it really fired me up and gave me the extra boost to get through this. Basically after the first attempt I felt comfortable with ISE and the theoretical material but was thrown some very specific questions that I needed to go back on and perfect. You can't really predict what is on these and sometimes even if you know the material you might be asked something that you either did not implement or have not seen (I don't mean big features like probes or posture but more subtle stuff that might facilitate the deployment of those for example), and basically I used my weaknesses from the first attempt to hone in on that specific material.

    And of course I also discovered that there was some stuff that I did not know or had not explored deeply enough the first time around but given there's no OCG I found myself digging sometimes too deeply on topics.

    For what it's worth, apparently MACsec and SGA were my weak areas on both attempts.

    Walking away from this exam I basically discovered how much I like 802.1x and how relevant this exam was to the real world. In fact the documentation for a lot of these features is scarce which made it interesting to research. 802.1x is not just installing an appliance and flipping a switch, it's a paradigm shift for your network infrastructure.

    My sources were the official Cisco documentation on the ISE site including the ISE User Guide (all ~700 pages of it) and some ISE videos I found from Cisco that I referenced elsewhere. I used the ipExpert video series which kind of grew on me and I'll be using it again for SITCS. I'd like to give that one a shot before the end of the year.
    Reply With Quote Quote  

  2. SS -->
  3. Senior Member cyberguypr's Avatar
    Join Date
    May 2007
    Location
    Chicago, IL
    Posts
    5,771

    Certifications
    GCFE, GCED, GCIH, CISSP, CCSP, and others that should never be mentioned
    #2
    Congrats!
    Reply With Quote Quote  

  4. Senior Member Vask3n's Avatar
    Join Date
    Oct 2005
    Posts
    499

    Certifications
    ASA Specialist, CCNA Security, CCNA R/S , CCENT, JNCIA, A+, Security+, CST
    #3
    Quote Originally Posted by cyberguypr View Post
    Congrats!
    Thanks!!
    Reply With Quote Quote  

  5. ROFL-Copter pilot snadam's Avatar
    Join Date
    Dec 2006
    Location
    AZ
    Posts
    2,235

    Certifications
    JNCIP-SEC, JNCIS-SEC, JNCIA-JunOS, CCNA, CCENT, MCSE 2003, MCSA 2003, MCP, Network+, Security+
    #4
    congrats on the pass! Looking forward to seeing your progress!
    Reply With Quote Quote  

  6. Junior Member Registered Member
    Join Date
    Jul 2014
    Posts
    1
    #5
    Was there any simulations or labs on the SISAS that required you to type CLI commands on a switch or such? Or was it pretty much all GUI-based ISE questions where you had to navigate through it and change/examine configurations?
    Reply With Quote Quote  

  7. Senior Member Vask3n's Avatar
    Join Date
    Oct 2005
    Posts
    499

    Certifications
    ASA Specialist, CCNA Security, CCNA R/S , CCENT, JNCIA, A+, Security+, CST
    #6
    Quote Originally Posted by Red90 View Post
    Was there any simulations or labs on the SISAS that required you to type CLI commands on a switch or such? Or was it pretty much all GUI-based ISE questions where you had to navigate through it and change/examine configurations?
    For this test you should be familiar with both the ISE command line and GUI configuration. Speaking of GUIs, make sure that you are familiar with not just the ISE GUI but let's say, any other devices that you might deploy along with ISE in a dot1x deployment. In other words, look at 1.3.h of the Exam topics:

    1.3.h Network access devices
    Reply With Quote Quote  

  8. Senior Member Vask3n's Avatar
    Join Date
    Oct 2005
    Posts
    499

    Certifications
    ASA Specialist, CCNA Security, CCNA R/S , CCENT, JNCIA, A+, Security+, CST
    #7
    Quote Originally Posted by snadam View Post
    congrats on the pass! Looking forward to seeing your progress!
    Many thanks, looking forward to sharing more as I prepare for SITCS
    Reply With Quote Quote  

  9. ABL - Always Be Labbin' Iristheangel's Avatar
    Join Date
    Dec 2009
    Location
    Pasadena, CA
    Posts
    3,668

    Certifications
    CISSP, CCIE DC, CCNP R&S/DC, CCDP, CCNA:RS/S/V/DC, CCDA, BCVRE, BCEFP, BCNE, CEH, CHFI, MCSE:S, MCDST, A/S/L/P/N+, some useless Citrix and CIW certs
    #8
    Congrats!
    BS, MS, and CCIE #50931
    Blog: www.network-node.com
    Bonus TE Fun: Nerd Photos
    Reply With Quote Quote  

  10. Senior Member Vask3n's Avatar
    Join Date
    Oct 2005
    Posts
    499

    Certifications
    ASA Specialist, CCNA Security, CCNA R/S , CCENT, JNCIA, A+, Security+, CST
    #9
    Quote Originally Posted by Iristheangel View Post
    Congrats!
    Many thanks, by the way iris I just saw your ISE lab in another post, pretty epic.
    Reply With Quote Quote  

  11. lrb
    lrb is offline
    Senior Member
    Join Date
    Aug 2010
    Location
    Australia
    Posts
    522

    Certifications
    CCIEx2 #45527 (RS,SP)
    #10
    Awesome work dude!
    Reply With Quote Quote  

  12. Senior Member JustFred's Avatar
    Join Date
    Feb 2012
    Location
    DeepSpace 9
    Posts
    646
    #11
    Nice. well done.
    Reply With Quote Quote  

  13. Senior Member Vask3n's Avatar
    Join Date
    Oct 2005
    Posts
    499

    Certifications
    ASA Specialist, CCNA Security, CCNA R/S , CCENT, JNCIA, A+, Security+, CST
    #12
    Quote Originally Posted by lrb View Post
    Awesome work dude!

    Quote Originally Posted by JustFred View Post
    Nice. well done.

    Thanks guys, on the road to SITCS now. Will be posting about it soon
    Reply With Quote Quote  

  14. Junior Member Registered Member
    Join Date
    Feb 2016
    Posts
    1
    #13
    Feb 2016

    Hi, I’ve passed 300-208 SISAS exam. It was my second try. Prepare for this questions which I haven’t seen in any cert dump / VCE file:

    ==========
    QUESTIONS:
    ==========
    1. After how many days will ISE purge expired guest user accounts.
    Possible answers: 1 day, 10 days, 15 days, …

    2. After what time will ISE purge authentication session without receiving RADIUS Accounting Stop message.
    Possible answers: 1 day, x days, y days…

    3. ISE 2.0 TACACS – Screenshot with TACACS Shell Profile with configured default privilege level 9 and maximum privilege level 10. Question is what commands is user allowed to execute.
    Possible options: Configure t, privilege 10, show run, exit,…

    4. ISE 2.0. TACACS – Screenshot with TACACS Command Set with entries with wildcards used:
    1. permit ping .*
    2. permit conf t
    3. permit s*w .*
    4. deny xxx
    5. deny always yyy

    Question is what commands is user allowed to execute.
    Possible options: Show ip int brief, show ver, configure term, ping 10.20.0.1, …

    5. BYOD – what components are needed in client provisioning.
    I don’t remember possible answers, I think there was Wizard, Agent, Supplicant profile, etc…

    6. ISE 1.3 Client Certificates: What 2 options are awailable to take with certificate.
    Possible options: Export, Delete, Revoke, Unrevoke, …

    7. ISE 1.3 Sponsor portal: What actions are available for sponsor to take with user accounts.
    I don’t remember possible answers.

    8. ISE 2.0 – what URL will ISE use to redirect user to CWA portal.
    Possible options (Check all possible portal URLs in ISE Authorization profile. The difference is in “action=” cwa / mdm / cpp / nsp / cwa&type=drw):
    For a Hotspot Guest portal:
    https://iport/guestportal/gate...n=cwa&type=drw

    For a Mobile Device Management (MDM) portal:
    https://iport/mdmportal/gatewa...lID&action=mdm

    10. What is the main attribute which is used by ISE to distinguish MAB from Dot1x auth.
    Possible options: RADIUS Service-Type 6 (Call-Check), Service-Type 8 (Framed IP), Service-Type 25 (Class), … As I remember, there are only Service Type number codes (6, 8, 25, …) no names – so learn this numbers also.

    11. Redirect ACL & Downloadable ACL on Catalyst SW. There were options with different access lists permitting and/or denying access to ISE IP and/or remetiation server IP. Question was what access list combination (redirect ACL + dACL) is correct for redirect to portal & remediation server.

    12. How many bits have TrustSec SGT:
    Possible options: 16, 32, etc…

    13. MacSec 802.1AE – Questions regarding keying – Connectivity Association Key (CAK). What is it used for.

    As you can see, several questions was regarding Sponsor portal, guest portal, guest users. Some questions were about MacSec 802.1AE and TrustSec. There was simlet where you should configure MAB and correct authentication methods order (MAB > dot1x) only on Catalyst SW, not ISE. Another simlet was about editing ISE Authentication & Authorization policy and also troubleshooting output from ISE Live Log.
    Reply With Quote Quote  

  15. Senior Member viper75's Avatar
    Join Date
    Oct 2003
    Location
    NY
    Posts
    733

    Certifications
    A+, Network+, CCNA R&S, CCDA, CCNA Security, NSTISSI 4011, 4013, CCNP Security
    #14
    Congratz!

    Don't sleep on SITCS. That test is tougher than it looks. I failed it once before I passed on my 2nd attempt.

    Good Luck!
    CCNP Security - DONE!
    CCNP R&S - In Progress...
    CCIE Security - Future...
    Reply With Quote Quote  

  16. Junior Member
    Join Date
    Jun 2012
    Posts
    27

    Certifications
    CISSP, CEH, CCNA Security, CCNA R&S, A+, Network+, Security+, B.S., M.S.
    #15
    Failed today. Does anyone know what "." means in command set? permit s*w .* I cannot find it anywhere.

    I found that "." in regex means: "any character except a newline" but whats the point of ".*" if we can just use "*" ?
    Last edited by leugenel; 08-11-2016 at 04:12 PM.
    Reply With Quote Quote  

  17. Senior Member chrisone's Avatar
    Join Date
    Nov 2009
    Location
    Los Angeles
    Posts
    1,569

    Certifications
    SilentBreakSecurity - DarkSideOps, CISSP, CCDP, CCNP R/S, CCNP Security (Secure, FW) , C|EH , PA ACE
    #16
    Congrats on the PASS!
    2017 Goals: Dark Side OPS: Custom Pentesting (complete), eCPPT (in progress), LFCS (in progress), OSCP
    Reply With Quote Quote  

+ Reply to Thread

Social Networking & Bookmarks