[Offer] CCIE Security v6.0 Workbook (Design1.0 and DOO 1.0) Complete.

[certcommie]

Q33 is a total mess. I agree with options A, D, H , N and O.

Option K looks wrong, I would answer L instead. Messaging on compliance as remediation makes no sense - if you are compliant you need no remediation at all. On the contrary, "message text only" is a valid remediation action in ISE.

With that, we need two more options to bring the total to 8. Leaving aside everything which is apparently wrong, we are to choose from F, R, I and J.

Picking both options F and R as suggested looks invalid. Patch "presence" cannot be remediation, remediation would be patch "installation". Hence option F does not seem valid. Option R speaks of "posture requirement condition" which is something non-existing in ISE. In ISE, there are posture conditions, posture remediations and posture requirements. Requirements are built in the "if condition then remediation" logic. There are no "requirement conditions".

I and J both look tentatively valid. Remediation window is configured under the posture profile. Although the posture profile is not explicitly called "Anyconnect configuration file", essentially it is an Anyconnect configuration file.

So one has to choose two options from I, J and R. One of those annoying cases when it's not clear whether the option is deliberately invalid or it's valid but poorly phrased. Maybe the incoming data (absent in the workbook) helps to sort it out.

Edited July 8, 2023 by certcommie

[ciscofeeling]

On 6/13/2023 at 3:33 PM, MAS said:

sharing with you guys ccie security v6 workbook with design 1.0.

i am not a reseller, i passed my exam using them (Design 1 and Lab 1) in Dubai.

you can practice also the workbook with the eve topology.

dont ask me for design 2.0 and doo 2.0 which i dont have.

credit goes to the original owner of the content. 

 

Hidden Content

• Give reaction or reply to this topic to see the hidden content.

Hidden Content

• Give reaction or reply to this topic to see the hidden content.

Hidden Content

• Give reaction or reply to this topic to see the hidden content.

 

good

[ciscofeeling]

pls share the docs

 

[hih2050]

thx a lot

 

[Lktd]

thanks

[cagertruro]

thnk

 

[alam]

thanks for sharing 

 

[brhmpo]

On 7/7/2023 at 2:27 PM, certcommie said:

About the Design solutions, some of those are also suspicious.

Q7. In Cisco SAFE guides Web Security is considered to protect the network attack surface. However, here it is mapped to the application attack surface. Also, AVC should be mapped to the application attck serface.

Q13. It's not clear whether each product may be used only once or multiple times. If once, then I would go with the suggested answers, but if products can be matched to multple surfaces then ISE is definitely a candidate for all three of them, and I would also add AMP to the network surface to respect AMP for networks.

Q18. I would answer 5525, not 5516, because 5516 would not handle a multiprotocol throughput of 1Gbps. The question seems to suggest multiprotocol load.

re:Q18 i can tell you 100%, confidently from experience, it is 5516

Edited August 12, 2023 by brhmpo

[brhmpo]

On 6/21/2023 at 7:17 AM, certcommie said:

OMG clientless is still there... The old Cisco habit of testing on stuff which is not on the blueprint still lives.

yup this drove me mad first attempt, its nonsense imo, off blueprint and a dead technology not even supported on new platforms, not enough out there to qualify needing this skill.

[LiF]

Thank you !

 

[certcommie]

On 8/12/2023 at 6:20 AM, brhmpo said:

re:Q18 i can tell you 100%, confidently from experience, it is 5516

Strange, but thanks for the info. Wrong answers is not what one would heartily welcome in a $1600 worth exam, but that's Cisco 🙊.

[877651]

Thanks 

[vandoo]

hi anyone who was attended the exam untill now. Could you please to share your experience?

i will take exam in september and get info that design question have an update......

[parker05]

thanks

[ccieexpert00]

thanks

[rk1305]

On 7/13/2023 at 11:34 PM, ciscofeeling said:

good

Hi Mate, Good to know you passed it already...!! 
Did you passed using this LAB share & which month you gave the LAB exam ?
I recently found this share & just wondering if I can use this LAB for practicing the exam.

[certcommie]

Task 1.4, I wonder what's the point of configuring the VPN tunnel to pass NTP traffic via FTDs whereas the branch PC has direct access to the NTP server via its management NIC. So it would be time synchronized irrespectively of whether the VPN tunnel is functional or not.

Any ideas?

[shaishebabin]

Just Cisco being Cisco. You also have tasks where pcs sends dns trough the "wrong" nic (dot1x tasks), they have host routes configured. To use the other nic.

[certcommie]

Oh my!  🙈

Thanks!

[Sudha]

thanks

[swjeon]

thanks.

[sea1731]

thanks

[Dash888]

Thanks

[giinzo]

thanks

[Grumpy]

THX