實施思科安全訪問解決方案(SISAS)主要檢驗考生作為網路安全工程師是否能夠使用802.1X和TrustSec來掌握安全訪問的元件和架構。
該考試涵蓋思科身份服務引擎(ISE)架構、整體網路威脅緩解的解決方案和元件以及終點控制解決方案。同時考試考察使用ISE的posture和profiling 服務來掌握基礎BYOD概念。考生可以通過學習實施思科安全訪問解決方案(SISAS)課程來準備該考試。
下面YJBYS小編為大家整理了關於300-208 SISAS 考試要點,希望對你有所幫助。
1.0 Identity Management/Secure Access
1.1 Implement Device Administration
1.1.a Compare and select AAA options
1.1.b TACACS+
1.1.c RADIUS
1.1.d Describe Native AD and LDAP
1.2 Describe Identity Management
1.2.a Describe Features and functionality of Authentication and authorization
1.2.b Describe identity store options (i.e., LDAP, AD, PKI, OTP, Smart Card, local)
1.2.c Implement accounting
1.3 Implement Wired/Wireless 802.1x
1.3.a Describe RADIUS Flows
1.3.b AV Pairs
1.3.c EAP types
1.3.d Describe Supplicant, Authenticator, Server
1.3.e Supplicant options
1.3.f 802.1X phasing (monitor mode, low impact, closed mode)
1.3.g AAA server
1.3.h Network access devices
1.4 Implement MAB
1.5 Implement Network Authorization Enforcement
1.5.a dACL
1.5.b Dynamic VLAN Assignment
1.5.c Describe SGA
1.5.d Named ACL
1.5.e CoA
2.0 Threat Defense
2.1 Implement Firewall
2.1.a Describe SGA ACLs
3.0 Identity Management/Secure Access
3.1 Implement Central Web Auth
3.2 Implement Profiling
3.3 Implement Guest Services
3.4 Implement Posturing
3.5 Implement BYOD
3.5.a Describe elements of a BYOD policy
3.5.b Device registration
3.5.c My devices portal
3.5.d Describe supplicant provisioning
4.0 Troubleshooting, Monitoring and Reporting Tools
4.1 Troubleshoot Identity Management Solutions
5.0 Threat Defense Architectures
5.1 Design Secure wireless solution
6.0 Identity Management Architectures
6.1 Design AAA security solution
6.2 Design Profiling security solution
6.3 Design Posturing security solution
6.4 Design BYOD security solution
6.5 Design Device admin security solution
6.6 Design Guest services security solution
