CCNP Security Identity Management SISE 300-715 Official Cert Guide

CCNP Security Identity Management SISE 300-715 Official Cert Guide

by Aaron Woland, Katherine McNamara
Released December 2020
Publisher(s): Cisco Press
ISBN: 9780136677710

Read it now on the O’Reilly learning platform with a 10-day free trial.

O’Reilly members get unlimited access to books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.

Start your free trial

Book description

Trust the best-selling Official Cert Guide series from Cisco Press to help you learn, prepare, and practice for exam success. They are built with the objective of providing assessment, review, and practice to help ensure you are fully prepared for your certification exam.

CCNP Security Identity Management SISE 300-715 Official Cert Guide presents you with an organized test preparation routine using proven series elements and techniques. Do I Know This Already? quizzes open each chapter and enable you to decide how much time you need to spend on each section. Exam topic lists make referencing easy. Chapter-ending Exam Preparation Tasks help you drill on key concepts you must know thoroughly.

  • Master CCNP Security Identity Management SISE 300-715 exam topics

  • Assess your knowledge with chapter-opening quizzes

  • Review key concepts with exam preparation tasks

  • Practice with realistic exam questions in the practice test software

CCNP Security Identity Management SISE 300-715 Official Cert Guide, from Cisco Press allows you to succeed on the exam the first time and is the only self-study resource approved by Cisco. Two leading Cisco technology experts share preparation hints and test-taking tips, helping you identify areas of weakness and improve both your conceptual knowledge and hands-on skills.

This complete study package includes

  • A test-preparation routine proven to help you pass the exams

  • Do I Know This Already? quizzes, which allow you to decide how much time you need to spend on each section

  • Chapter-ending and part-ending exercises, which help you drill on key concepts you must know thoroughly

  • The powerful Pearson Test Prep Practice Test software, with two full exams comprised of well-reviewed, exam-realistic questions, customization options, and detailed performance reports

  • A final preparation chapter, which guides you through tools and resources to help you craft your review and test-taking strategies

  • Study plan suggestions and templates to help you organize and optimize your study time

Well regarded for its level of detail, study plans, assessment features, and challenging review questions and exercises, this official study guide helps you master the concepts and techniques that ensure your exam success.

This official study guide helps you master all the topics on the CCNP Security Identity Management SISE 300-715 exam, including

  • Architecture and deployment

  • Policy enforcement

  • Web Auth and guest services

  • Profiler

  • BYOD

  • Endpoint compliance

  • Network access device administration

Companion Website:

The companion website contains two full practice exams, an interactive Flash Cards application, and much more.

Includes Exclusive Offers for Up to 80% Off Video Training, Practice Tests, and more Pearson Test Prep online system requirements:

Browsers: Chrome version 73 and above, Safari version 12 and above, Microsoft Edge 44 and above.

Devices: Desktop and laptop computers, tablets running on Android v8.0 and iOS v13, smartphones with a minimum screen size of 4.7. Internet access required.

Pearson Test Prep offline system requirements:

Windows 10, Windows 8.1; Microsoft .NET Framework 4.5 Client; Pentium-class 1 GHz processor (or equivalent); 512 MB RAM; 650 MB disk space plus 50 MB for each downloaded practice exam; access to the Internet to register and download exam databases Also available from Cisco Press for CCNP Security study is the CCNP Security Identity Management SISE 300-715 Official Cert Guide Premium Edition eBook and Practice Test. This digital-only certification preparation product combines an eBook with enhanced Pearson Test Prep Practice Test.

This integrated learning package:

  • Allows you to focus on individual topic areas or take complete, timed exams

  • Includes direct links from each question to detailed tutorials to help you understand the concepts behind the questions

  • Provides unique sets of exam-realistic practice questions

  • Tracks your performance and provides feedback on a module-by-module basis, laying out a complete assessment of your knowledge to help you focus your study where it is needed most

Table of contents

  1. Cover Page
  2. About This eBook
  3. Title Page
  4. Copyright Page
  5. Credits
  6. Contents at a Glance
  7. Reader Services
  8. Contents
  9. About the Authors
  10. About the Technical Reviewer
  11. Dedications
  12. Acknowledgments
  13. Command Syntax Conventions
  14. Introduction
    1. CCNP Security Certification Overview
    2. Contents of the CCNP Security SISE Exam
    3. How to Take the SISE Exam
    4. Who Should Take This Exam and Read This Book?
    5. Format of the CCNP Security SISE Exam
    6. CCNP Security SISE 300-715 Official Certification Guide
    7. The Companion Website for Online Content Review
    8. How to Access the Pearson Test Prep (PTP) App
  15. Part I Authentication, Authorization, and Accounting
    1. Chapter 1 Fundamentals of AAA
      1. “Do I Know This Already?” Quiz
      2. Foundation Topics
      3. Comparing and Selecting AAA Options
      4. TACACS+
      5. RADIUS
      6. Comparing RADIUS and TACACS+
      7. Exam Preparation Tasks
      8. Review All Key Topics
      9. Define Key Terms
      10. Q&A
    2. Chapter 2 Identity Management
      1. “Do I Know This Already?” Quiz
      2. Foundation Topics
      3. What Is an Identity?
      4. Identity Stores
      5. Identity Source Sequences
      6. Special Identity Sources
      7. Exam Preparation Tasks
      8. Review All Key Topics
      9. Define Key Terms
      10. Q&A
    3. Chapter 3 Extensible Authentication Protocol (EAP) over LAN: 802.1X
      1. “Do I Know This Already?” Quiz
      2. Foundation Topics
      3. Extensible Authentication Protocol
      4. EAP over LAN (802.1X)
      5. Supplicant Options
      6. Exam Preparation Topics
      7. Review All Key Topics
      8. Define Key Terms
      9. Q&A
    4. Chapter 4 Non-802.1X Authentication
      1. “Do I Know This Already?” Quiz
      2. Foundation Topics
      3. Devices Without a Supplicant
      4. MAC Authentication Bypass
      5. Web Authentication
      6. Remote-Access Connections
      7. EasyConnect
      8. Exam Preparation Tasks
      9. Review All Key Topics
      10. Define Key Terms
      11. Q&A
    5. Chapter 5 Introduction to Advanced Concepts
      1. “Do I Know This Already?” Quiz
      2. Foundation Topics
      3. Change of Authorization
      4. Automating MAC Authentication Bypass (MAB)
      5. Posture Assessment
      6. Mobile Device Management (MDM)
      7. Exam Preparation Tasks
      8. Review All Key Topics
      9. Define Key Terms
      10. Q&A
  16. Part II Cisco Identity Services Engine
    1. Chapter 6 Cisco Identity Services Engine Architecture
      1. “Do I Know This Already?” Quiz
      2. Foundation Topics
      3. What Is Cisco ISE?
      4. Personas
      5. Physical or Virtual Appliances
      6. ISE Deployment Scenarios
      7. Exam Preparation Tasks
      8. Review All Key Topics
      9. Define Key Terms
      10. Q&A
    2. Chapter 7 A Guided Tour of the Cisco ISE Graphical User Interface (GUI)
      1. “Do I Know This Already?” Quiz
      2. Foundation Topics
      3. Logging in to ISE
      4. Organization of the ISE GUI
      5. Types of Policies in ISE
      6. Exam Preparation Tasks
      7. Review All Key Topics
      8. Define Key Term
      9. Q&A
    3. Chapter 8 Initial Configuration of Cisco ISE
      1. “Do I Know This Already?” Quiz
      2. Foundation Topics
      3. Cisco Identity Services Engine Form Factors
      4. Bootstrapping Cisco ISE
      5. Network Devices
      6. ISE Identity Stores
      7. Exam Preparation Topics
      8. Review All Key Topics
      9. Define Key Terms
      10. Q&A
    4. Chapter 9 Authentication Policies
      1. “Do I Know This Already?” Quiz
      2. Foundation Topics
      3. The Relationship Between Authentication and Authorization
      4. Authentication Policy
      5. Understanding Policy Sets
      6. Understanding Authentication Policies
      7. Common Authentication Policy Examples
      8. More on MAB
      9. Restore the Authentication Policy
      10. Exam Preparation Tasks
      11. Review All Key Topics
      12. Q&A
    5. Chapter 10 Authorization Policies
      1. “Do I Know This Already?” Quiz
      2. Foundation Topics
      3. Authentication Versus Authorization
      4. Authorization Policies
      5. Saving Conditions for Reuse
      6. Exam Preparation Tasks
      7. Review All Key Topics
      8. Define Key Terms
      9. Q&A
  17. Part III Implementing Secure Network Access
    1. Chapter 11 Implement Wired and Wireless Authentication
      1. “Do I Know This Already?” Quiz
      2. Foundation Topics
      3. Authentication Configuration on Wired Switches
      4. Authentication Configuration on WLCs
      5. Verifying Dot1x and MAB
      6. Live Sessions
      7. Looking Forward
      8. Exam Preparation Tasks
      9. Review All Key Topics
      10. Define Key Terms
      11. Q&A
    2. Chapter 12 Web Authentication
      1. “Do I Know This Already?” Quiz
      2. Foundation Topics
      3. Web Authentication Scenarios
      4. Configuring Centralized Web Authentication
      5. Building CWA Authorization Policies
      6. Verifying Centralized Web Authentication
      7. Exam Preparation Tasks
      8. Review All Key Topics
      9. Define Key Terms
      10. Q&A
    3. Chapter 13 Guest Services
      1. “Do I Know This Already?” Quiz
      2. Foundation Topics
      3. Guest Services Overview
      4. Portals, Portals, and More Portals!
      5. Configuring Guest Portals and Authorization Rules
      6. Sponsors
      7. SAML Authentication
      8. Exam Preparation Tasks
      9. Review All Key Topics
      10. Define Key Terms
      11. Q&A
    4. Chapter 14 Profiling
      1. “Do I Know This Already?” Quiz
      2. Foundation Topics
      3. ISE Profiler
      4. Infrastructure Configuration
      5. Profiling Policies
      6. ISE Profiler and CoA
      7. Profiles in Authorization Policies
      8. Verify Profiling
      9. Exam Preparation Topics
      10. Review All Key Topics
      11. Define Key Terms
      12. Q&A
  18. Part IV Advanced Secure Network Access
    1. Chapter 15 Certificate-Based Authentication
      1. “Do I Know This Already?” Quiz
      2. Foundation Topics
      3. Certificate Authentication Primer
      4. A Common Misconception About Active Directory
      5. EAP-TLS
      6. Configuring ISE for Certificate-Based Authentications
      7. Exam Preparation Tasks
      8. Review All Key Topics
      9. Define Key Terms
      10. Q&A
    2. Chapter 16 Bring Your Own Device
      1. “Do I Know This Already?” Quiz
      2. Foundation Topics
      3. BYOD Challenges
      4. Onboarding Process
      5. Configuring NADs for Onboarding
      6. ISE Configuration for Onboarding
      7. BYOD Onboarding Process Detailed
      8. Verifying BYOD Flows
      9. MDM Onboarding
      10. Managing Endpoints
      11. The Opposite of BYOD: Identify Corporate Systems
      12. Exam Preparation Topics
      13. Review All Key Topics
      14. Define Key Terms
      15. Q&A
    3. Chapter 17 TrustSec and MACsec
      1. “Do I Know This Already?” Quiz
      2. Foundation Topics
      3. Ingress Access Control Challenges
      4. What Is TrustSec?
      5. What Is a Security Group Tag?
      6. What Is the TrustSec Architecture?
      7. TrustSec-Enabled Network Access Devices
      8. Network Device Admission Control (NDAC)
      9. Defining the SGTs
      10. Classification
      11. Transport: SGT Exchange Protocol (SXP)
      12. Transport: Native Tagging
      13. Enforcement
      14. Software-Defined Access (SD-Access)
      15. MACsec
      16. Exam Preparation Tasks
      17. Review All Key Topics
      18. Define Key Terms
      19. Q&A
    4. Chapter 18 Posture Assessment
      1. “Do I Know This Already?” Quiz
      2. Foundation Topics
      3. Posture Assessment with ISE
      4. Configuring Posture
      5. The Endpoint Experience
      6. Mobile Posture
      7. Exam Preparation Tasks
      8. Review All Key Topics
      9. Define Key Terms
      10. Q&A
  19. Part V Safely Deploying in the Enterprise
    1. Chapter 19 Deploying Safely
      1. “Do I Know This Already?” Quiz
      2. Foundation Topics
      3. Why Use a Phased Approach?
      4. Comparing authentication open to Standard 802.1X
      5. Prepare ISE for a Staged Deployment
      6. Monitor Mode
      7. Low-Impact Mode
      8. Closed Mode
      9. Transitioning from Monitor Mode to Your End State
      10. Wireless Networks
      11. Exam Preparation Tasks
      12. Review All Key Topics
      13. Q&A
    2. Chapter 20 ISE Scale and High Availability
      1. “Do I Know This Already?” Quiz
      2. Foundation Topics
      3. Configuring ISE Nodes in a Distributed Environment
      4. Understanding the High Availability Options Available
      5. Using Load Balancers
      6. Maintaining ISE Deployments
      7. Exam Preparation Tasks
      8. Review All Key Topics
      9. Define Key Term
      10. Q&A
    3. Chapter 21 Troubleshooting Tools
      1. “Do I Know This Already?” Quiz
      2. Foundation Topics
      3. Logging
      4. Diagnostic Tools
      5. Troubleshooting Methodology
      6. Troubleshooting Outside of ISE
      7. Exam Preparation Tasks
      8. Review All Key Topics
      9. Q&A
  20. Part VI Extending Secure Access Control
    1. Chapter 22 ISE Context Sharing and Remediation
      1. “Do I Know This Already?” Quiz
      2. Foundation Topics
      3. Integration Types in the ISE Ecosystem
      4. pxGrid
      5. Exam Preparation Tasks
      6. Review All Key Topics
      7. Define Key Terms
      8. Q&A
    2. Chapter 23 Threat Centric NAC
      1. “Do I Know This Already?” Quiz
      2. Foundation Topics
      3. Vulnerabilities and Threats, Oh My!
      4. Integrating Vulnerability Assessment Sources
      5. Integrating with Threat Sources
      6. Exam Preparation Tasks
      7. Review All Key Topics
      8. Define Key Terms
      9. Q&A
  21. Part VII Device Administration AAA
    1. Chapter 24 Device Administration AAA with ISE
      1. “Do I Know This Already?” Quiz
      2. Foundation Topics
      3. Device Administration AAA Refresher
      4. Device Administration in ISE
      5. Device Administration Global Settings
      6. Device Administration Work Center
      7. Exam Preparation Tasks
      8. Review All Key Topics
      9. Q&A
    2. Chapter 25 Configuring Device Administration AAA with Cisco IOS
      1. “Do I Know This Already?” Quiz
      2. Foundation Topics
      3. Overview of IOS Device Administration AAA
      4. Configure ISE and an IOS Device for Device Administration AAA
      5. Testing and Troubleshooting
      6. Exam Preparation Tasks
      7. Review All Key Topics
      8. Define Key Terms
      9. Q&A
    3. Chapter 26 Configuring Device Admin AAA with the Cisco WLC
      1. “Do I Know This Already?” Quiz
      2. Foundation Topics
      3. Overview of WLC Device Administration AAA
      4. Configure ISE and the WLC for Device Administration AAA
      5. Testing and Troubleshooting
      6. Exam Preparation Tasks
      7. Review All Key Topics
      8. Q&A
  22. Part VIII Final Preparation
    1. Chapter 27 Final Preparation
      1. Hands-on Activities
      2. Suggested Plan for Final Review and Study
      3. Summary
  23. Part IX Appendixes
    1. Glossary of Key Terms
    2. Appendix A Answers to the “Do I Know This Already?” Quizzes and Q&A Sections
      1. Answers to the “Do I Know This Already?” Quizzes
      2. Answers to the Q&A Sections
    3. Appendix B CCNP Security Implementing and Configuring Cisco Identity Services Engine (SISE 300-715) Exam Updates
      1. Always Get the Latest at the Book’s Product Page
      2. Technical Content
    4. Appendix C Sample Switch Configurations
      1. Catalyst 3000 Series, 12.2(55)SE
      2. Catalyst 3000 Series, 15.0(2)SE
      3. Catalyst 9000 Series, 16.9.5
      4. Catalyst 4500 Series, IOS-XE 3.3.0 / 15.1(1)SG
      5. Catalyst 6500 Series, 12.2(33)SXJ
  24. Index
  25. Appendix D Study Planner
  26. Where are the companion content files? - Register
  27. Inside Front Cover
  28. Inside Back Cover
  29. Code Snippets

Product information

  • Title: CCNP Security Identity Management SISE 300-715 Official Cert Guide
  • Author(s): Aaron Woland, Katherine McNamara
  • Release date: December 2020
  • Publisher(s): Cisco Press
  • ISBN: 9780136677710