Failed SISAS

Failed today...
Exam wasn't what I expected. Most of the questions are very granular and require memorization, sometimes it feels like they choose random checkbox from the ISE or Radius attribute and asking you what is it (or what is the default value).
Screen resolution was very small so the monitor barely fit a window from the lab. Loosing a lot of time on scrolling, moving windows, switching between multiple windows, since none of the ISE windows fits into screen.
I had some questions on ISE 2.0 and TACACS. Also I thought that exam is for ISE 1.2 but everything was 1.3 - not sure what is the difference between them.

Was using CBT Nuggets, INE, official cert guide and had ISE installed in my lab. All that will not be enough in my opinion.

Will have to study more I guess and pay more attention to details this time. Don't expect general questions like what is the difference between authentication and authorization or something like that.

This time will go through ISE configuration guide and focus on details. Also will reinstall my lab and try to configure everything from scratch.

Find more posts tagged with

Comments

aftereffector

Hey, I failed today too! The screen resolution on the sims is annoying for sure. And the OCG is enough to get you from zero to about 60%... definitely not enough to get a "pass" let alone full marks. I used the OCG and an ISE 1.2/1.3/2.0 lab environment for my studies but I will be supplementing with Cisco white papers, design guides, and some RADIUS RFC type documentation over the weekend.

Have you ever dealt with UNIX regular expressions? I found a good explanation here: http://www.grymoire.com/Unix/Regular.html#uh-4

leugenel

so does it mean that "show .*" is same as "show *" ?
In here Cisco Identity Services Engine Administrator Guide, Release 2.0 - Control Device Administration Using TACACS+ [Cisco Identity Services Engine] - Cisco they don't mention what "." matches.

leugenel

Does anyone knows what are the chances to get the same questions and sims (similar sims) on a second attempt? Or they will try to change everything completely?

aftereffector

"." will match any character except a line return. It's a little obscure and I'm not sure why anyone would use it in a policy as opposed to a wildcard, or why anyone would want to wildcard all arguments in the first place rather than just denying or permitting the command regardless of arguments. But I'm sure someone has a corner use case that relies on the period in regular expressions

"show .*" will match "show " with an argument of at least one character. Since you can't run show without any arguments anyways, it's functionally equivalent to "show *".

leugenel

OK, that makes sense. Thanks,

leugenel

Have one more questions if anyone knows.

According to SISAS official guide:

Multiple Host — Multiple Host (Multi-Host) mode is not commonly used but is still a valid option. Much like Multi-Auth mode, Multi-Host mode is an extension to MDA. One authentication exists on the voice domain, and one authentication exists on the data domain. All other hosts on the data domain are allowed onto the network using the first successful authentication. It’s an authenticate-one-allow-therest type of model. The IP Phone solutions described in the MDA section are still applicable to Mult-Auth mode.

But Cisco site says
multi-host-Multiple hosts on an 802.1X-authorized port after a authenticating a single host.

So is it 1 for voice AND 1 for data (the rest clients use the first successful authenticationfirst successful authentication) or just one authentication total per port (voice or data)??

A bit confused here.
Thanks,

leugenel

Finally I passed it on a second try

Screen resolution was still annoying. Not sure how I get 50% on troubleshooting questions (better than on a previous attempt), I was pretty confident with simulation questions, and I had ISE in my home lab to practice and used it a lot. Anyway... pass is always better than fail.

mnashe

leugenel wrote: »

Finally I passed it on a second try Screen resolution was still annoying. Not sure how I get 50% on troubleshooting questions (better than on a previous attempt), I was pretty confident with simulation questions, and I had ISE in my home lab to practice and used it a lot. Anyway... pass is always better than fail.

Congrats!!! How many more exams to go? Were you using a trial of ISE? I need to get this for my home lab too.

leugenel

1 done 3 to go. I was using a trial version of ISE, it expired once and I had to reinstall it again.

mnashe

nice, you started with a tough one. I'm starting with 300-206

leugenel

I will take 300-206 next. Hopefully I can make all 3 exams in 3 years.

Those exams are very time consuming. Do you know if we can use VIRL to practice? was thinking to get one for myself.

mnashe

leugenel wrote: »

I will take 300-206 next. Hopefully I can make all 3 exams in 3 years. Those exams are very time consuming. Do you know if we can use VIRL to practice? was thinking to get one for myself.

That's what I'm using. It's a great tool, not perfect. The ASAv has some limitations compared to a physical box, but it's still good.

Techand$$

Keep Trying buddy, I find ISE to be very challenging.

Levithan

Just curious, where can you download the ISE? Im assuming a cco account is required?

Thanks!