One thing to keep in mind is that as of 1.1MR(aka 1.1.1), ISE does not support TACACS+, so you still need to run ACS for that. I am sure you know that, just throwing that out there for folks who are hearing of ISE for the first time in this thread. I do not believe the pending 1.2 release for early next calendar year will have that feature either. 1.2 will feature MDM integration, which is a neat feature. Not likely to see that in the lab any time soon though!
With the hardware in the lab, I would certainly expect VPN support to be included. Otherwise, it would make more sense to run them in VMs. So, to me, seeing the appliance noted reads as VPN profiling as well.
I'd be interested to see how far they go with Guest Services, posture assessment and CPP. The rest of the topics for ISE are fairly straight forward.
If the new CCIE Security labs are written like the R&S track you see a subset of the master blueprint per exam, as opposed to every technology per exam, I could see more depth being explored.
I know I'm way late in responding to this, but if you've gone through the gold labs it's not a huge deal to turn up a policy that will do simple OS profiling and maybe redirect to CPP. This is actually less complex than say something like configuring a router to do multiple SSL VPN portal domains.
I think this new test is going to be a lot of fun if it includes things like this. So much fun that I kind of want to take the new version! (If someone else pays for it )