certcommie Posted July 8, 2023 Share Posted July 8, 2023 (edited) Q33 is a total mess. I agree with options A, D, H , N and O. Option K looks wrong, I would answer L instead. Messaging on compliance as remediation makes no sense - if you are compliant you need no remediation at all. On the contrary, "message text only" is a valid remediation action in ISE. With that, we need two more options to bring the total to 8. Leaving aside everything which is apparently wrong, we are to choose from F, R, I and J. Picking both options F and R as suggested looks invalid. Patch "presence" cannot be remediation, remediation would be patch "installation". Hence option F does not seem valid. Option R speaks of "posture requirement condition" which is something non-existing in ISE. In ISE, there are posture conditions, posture remediations and posture requirements. Requirements are built in the "if condition then remediation" logic. There are no "requirement conditions". I and J both look tentatively valid. Remediation window is configured under the posture profile. Although the posture profile is not explicitly called "Anyconnect configuration file", essentially it is an Anyconnect configuration file. So one has to choose two options from I, J and R. One of those annoying cases when it's not clear whether the option is deliberately invalid or it's valid but poorly phrased. Maybe the incoming data (absent in the workbook) helps to sort it out. Edited July 8, 2023 by certcommie 2 Link to comment Share on other sites More sharing options...
ciscofeeling Posted July 13, 2023 Share Posted July 13, 2023 On 6/13/2023 at 3:33 PM, MAS said: sharing with you guys ccie security v6 workbook with design 1.0. i am not a reseller, i passed my exam using them (Design 1 and Lab 1) in Dubai. you can practice also the workbook with the eve topology. dont ask me for design 2.0 and doo 2.0 which i dont have. credit goes to the original owner of the content.  Hidden Content Give reaction or reply to this topic to see the hidden content. Hidden Content Give reaction or reply to this topic to see the hidden content. Hidden Content Give reaction or reply to this topic to see the hidden content.  good 13 1 Link to comment Share on other sites More sharing options...
ciscofeeling Posted July 13, 2023 Share Posted July 13, 2023 pls share the docs  Link to comment Share on other sites More sharing options...
hih2050 Posted July 14, 2023 Share Posted July 14, 2023 thx a lot  Link to comment Share on other sites More sharing options...
Lktd Posted July 22, 2023 Share Posted July 22, 2023 thanks Link to comment Share on other sites More sharing options...
cagertruro Posted July 23, 2023 Share Posted July 23, 2023 thnk  Link to comment Share on other sites More sharing options...
alam Posted July 24, 2023 Share Posted July 24, 2023 thanks for sharing  Link to comment Share on other sites More sharing options...
brhmpo Posted August 12, 2023 Share Posted August 12, 2023 (edited) On 7/7/2023 at 2:27 PM, certcommie said: About the Design solutions, some of those are also suspicious. Q7. In Cisco SAFE guides Web Security is considered to protect the network attack surface. However, here it is mapped to the application attack surface. Also, AVC should be mapped to the application attck serface. Q13. It's not clear whether each product may be used only once or multiple times. If once, then I would go with the suggested answers, but if products can be matched to multple surfaces then ISE is definitely a candidate for all three of them, and I would also add AMP to the network surface to respect AMP for networks. Q18. I would answer 5525, not 5516, because 5516 would not handle a multiprotocol throughput of 1Gbps. The question seems to suggest multiprotocol load. re:Q18 i can tell you 100%, confidently from experience, it is 5516 Edited August 12, 2023 by brhmpo Link to comment Share on other sites More sharing options...
brhmpo Posted August 12, 2023 Share Posted August 12, 2023 On 6/21/2023 at 7:17 AM, certcommie said: OMG clientless is still there... The old Cisco habit of testing on stuff which is not on the blueprint still lives. yup this drove me mad first attempt, its nonsense imo, off blueprint and a dead technology not even supported on new platforms, not enough out there to qualify needing this skill. Link to comment Share on other sites More sharing options...
LiF Posted August 18, 2023 Share Posted August 18, 2023 Thank you ! Â Link to comment Share on other sites More sharing options...
certcommie Posted August 24, 2023 Share Posted August 24, 2023 On 8/12/2023 at 6:20 AM, brhmpo said: re:Q18 i can tell you 100%, confidently from experience, it is 5516 Strange, but thanks for the info. Wrong answers is not what one would heartily welcome in a $1600 worth exam, but that's Cisco 🙊. Link to comment Share on other sites More sharing options...
877651 Posted August 25, 2023 Share Posted August 25, 2023 Thanks Link to comment Share on other sites More sharing options...
vandoo Posted August 25, 2023 Share Posted August 25, 2023 hi anyone who was attended the exam untill now. Could you please to share your experience? i will take exam in september and get info that design question have an update...... Link to comment Share on other sites More sharing options...
parker05 Posted August 27, 2023 Share Posted August 27, 2023 thanks Link to comment Share on other sites More sharing options...
ccieexpert00 Posted September 5, 2023 Share Posted September 5, 2023 thanks Link to comment Share on other sites More sharing options...
rk1305 Posted September 6, 2023 Share Posted September 6, 2023 On 7/13/2023 at 11:34 PM, ciscofeeling said: good Hi Mate, Good to know you passed it already...!! Did you passed using this LAB share & which month you gave the LAB exam ? I recently found this share & just wondering if I can use this LAB for practicing the exam. Link to comment Share on other sites More sharing options...
certcommie Posted September 15, 2023 Share Posted September 15, 2023 Task 1.4, I wonder what's the point of configuring the VPN tunnel to pass NTP traffic via FTDs whereas the branch PC has direct access to the NTP server via its management NIC. So it would be time synchronized irrespectively of whether the VPN tunnel is functional or not. Any ideas? Link to comment Share on other sites More sharing options...
shaishebabin Posted September 15, 2023 Share Posted September 15, 2023 Just Cisco being Cisco. You also have tasks where pcs sends dns trough the "wrong" nic (dot1x tasks), they have host routes configured. To use the other nic. 1 Link to comment Share on other sites More sharing options...
certcommie Posted September 16, 2023 Share Posted September 16, 2023 Oh my! 🙈 Thanks! Link to comment Share on other sites More sharing options...
Sudha Posted September 17, 2023 Share Posted September 17, 2023 thanks Link to comment Share on other sites More sharing options...
swjeon Posted September 21, 2023 Share Posted September 21, 2023 thanks. Link to comment Share on other sites More sharing options...
sea1731 Posted October 1, 2023 Share Posted October 1, 2023 thanks Link to comment Share on other sites More sharing options...
Dash888 Posted October 9, 2023 Share Posted October 9, 2023 Thanks Link to comment Share on other sites More sharing options...
giinzo Posted October 21, 2023 Share Posted October 21, 2023 thanks Link to comment Share on other sites More sharing options...
Grumpy Posted October 26, 2023 Share Posted October 26, 2023 THX Link to comment Share on other sites More sharing options...
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now