實施思科安全訪問解決方案考試要點

實施思科安全訪問解決方案考試要點

　　實施思科安全訪問解決方案(SISAS)主要檢驗考生作為網(wǎng)絡(luò)安全工程師是否能夠使用802.1X和TrustSec來掌握安全訪問的組件和架構(gòu)。下面是小編整理的考試要點：

　　該考試涵蓋思科身份服務(wù)引擎(ISE)架構(gòu)、整體網(wǎng)絡(luò)威脅緩解的解決方案和組件以及終點控制解決方案。同時考試考察使用ISE的posture和profiling 服務(wù)來掌握基礎(chǔ)BYOD概念。

　　Exam Description:

　　The first paragraph is the exam description that is followed by a second paragraph with standard copy that appears on all exam topics.

　　The following topics are general guidelines for the content likely to be included on the exam. However, other related topics may also appear on any specific delivery of the exam. In order to better reflect the contents of the exam and for clarity purposes, the guidelines below may change at any time without notice.

　　1.0 Identity Management/Secure Access

　　1.1 Implement Device Administration

　　1.1.a Compare and select AAA options

　　1.1.b TACACS+

　　1.1.c RADIUS

　　1.1.d Describe Native AD and LDAP

　　1.2 Describe Identity Management

　　1.2.a Describe Features and functionality of Authentication and authorization

　　1.2.b Describe identity store options (i.e., LDAP, AD, PKI, OTP, Smart Card, local)

　　1.2.c Implement accounting

　　1.3 Implement Wired/Wireless 802.1x

　　1.3.a Describe RADIUS Flows

　　1.3.b AV Pairs

　　1.3.c EAP types

　　1.3.d Describe Supplicant, Authenticator, Server

　　1.3.e Supplicant options

　　1.3.f 802.1X phasing (monitor mode, low impact, closed mode)

　　1.3.g AAA server

　　1.3.h Network access devices

　　1.4 Implement MAB

　　1.5 Implement Network Authorization Enforcement

　　1.5.a dACL

　　1.5.b Dynamic VLAN Assignment

　　1.5.c Describe SGA

　　1.5.d Named ACL

　　1.5.e CoA

　　2.0 Threat Defense

　　2.1 Implement Firewall

　　2.1.a Describe SGA ACLs

　　3.0 Identity Management/Secure Access

　　3.1 Implement Central Web Auth

　　3.2 Implement Profiling

　　3.3 Implement Guest Services

　　3.4 Implement Posturing

　　3.5 Implement BYOD

　　3.5.a Describe elements of a BYOD policy

　　3.5.b Device registration

　　3.5.c My devices portal

　　3.5.d Describe supplicant provisioning

　　4.0 Troubleshooting, Monitoring and Reporting Tools

　　4.1 Troubleshoot Identity Management Solutions

　　5.0 Threat Defense Architectures

　　5.1 Design Secure wireless solution

　　6.0 Identity Management Architectures

　　6.1 Design AAA security solution

　　6.2 Design Profiling security solution

　　6.3 Design Posturing security solution

　　6.4 Design BYOD security solution

　　6.5 Design Device admin security solution

　　6.6 Design Guest services security solution

【實施思科安全訪問解決方案考試要點】相關(guān)文章：

實施思科安全威脅控制解決方案考試要點07-17

思科CCIE安全實驗考試要點09-13

思科網(wǎng)絡(luò)安全運營考試要點09-07

思科認證CUWSS考試要點08-02

思科認證CLDFND考試要點07-19

思科認證ARCH考試要點08-15

思科認證SIMOS考試要點09-06

200-310 DESGN思科互聯(lián)網(wǎng)絡(luò)解決方案考試要點05-04

實施思科統(tǒng)一無線語音網(wǎng)絡(luò)IUWVN考試要點06-30

實施思科IP交換網(wǎng)絡(luò)（SWITCH 642-813）考試要點09-03