Project Description

Identity Management, Information Exchange, and Access Control

  • 4.1          Describe, implement, and troubleshoot various personas of ISE in a multinode deployment
  • 4.2          Describe, implement, and troubleshoot network access device (NAD), ISE, and ACS configuration for AAA
  • 4.3          Describe, implement, and troubleshoot AAA for administrative access to Cisco network devices using ISE and ACS
  • 4.4          Describe, implement, verify, and troubleshoot AAA for network access with 802.1X and MAB using ISE.
  • 4.5          Describe, implement, verify, and troubleshoot cut-through proxy/auth-proxy using ISE as the AAA server
  • 4.6          Describe, implement, verify, and troubleshoot guest life cycle management using ISE and Cisco network infrastructure
  • 4.7          Describe, implement, verify, and troubleshoot BYOD on-boarding and network access flows with an internal or external CA
  • 4.8          Describe, implement, verify, and troubleshoot ISE and ACS integration with external identity sources such as LDAP, AD, and external RADIUS
  • 4.9          Describe ISE and ACS integration with external identity sources such as RADIUS Token, RSA SecurID, and SAML
  • 4.10        Describe, implement, verify, and troubleshoot provisioning of AnyConnect with ISE and ASA
  • 4.11      Describe, implement, verify, and troubleshoot posture assessment with ISE
  • 4.12        Describe, implement, verify, and troubleshoot endpoint profiling using ISE and Cisco network infrastructure including device sensor
  • 4.13      Describe, implement, verify, and troubleshoot integration of MDM with ISE
  • 4.14     Describe, implement, verify, and troubleshoot certificate based authentication using ISE
  • 4.15        Describe, implement, verify, and troubleshoot authentication methods such as EAP Chaining and Machine Access Restriction (MAR)
  • 4.16        Describe the functions and security implications of AAA protocols such as RADIUS, TACACS+, LDAP/LDAPS, EAP (EAP-PEAP, EAP-TLS, EAP-TTLS, EAP-FAST, EAP-TEAP, EAPMD5, EAP-GTC), PAP, CHAP, and MS-CHAPv2
  • 4.17        Describe, implement, and troubleshoot identity mapping on ASA, ISE, WSA and FirePOWER
  • 4.18        Describe, implement, and troubleshoot pxGrid between security devices such as WSA, ISE, and Cisco FMC