demenx

Scavenger traffic is traffic you don't want to protect, and you will try to keep to the minimum. CBWFQ will guarantee you a minimum bw traffic, but not the maximum. Policing is the ideal way to keep your traffic at the maximum possible with no treatment. So the answer is still A.

Hello Guys, I passed the exam recently. All the questions were from 247 VCE dump version 3.1. No new questions. In this chat, someone wrote he responded with the same answers as the dump, and it got 830 scores. I answered as shown in the dump, with some exceptions, getting an 804 score. I was hoping to get a higher score than 830, but it didn't happen. Anyway, the dump is still valid, the score might not be perfect, but it works. Good luck guys. PS: The answers I changed were the following: --- Q: What is a description of a control plane action? Answered: B. hosts bating routers that reside attached links the IPv6 Neighbor Discovery Protocol --- Q: A network security team observes phishing attacks on a user machine from a remote location. The organization has a policy of saving confidential data on two different system using different types of authentication. What is the next step to control such events after the security team verifies all users in Zero Trust modeling? Answered: B. Ensure trustworthiness of devices --- Q: A network attacker exploits application flaws to compromise critical systems in organization with these objectives: - Obtain sensitive data and export the data out of the network - Compromise developer and administrator credentials to potentially gain access. What is the next step after application discovery is completed in Zero Trust networking? Answered: B. Enforce policies and micro segmentation --- Q59: The controller has a global view of the network, and it can easily ensure that the network is in a consistent and optimal configuration. Which two statements describe a centralized SDN control path? Answered: C. it significantly improves the latency when performing reactive handling of "PACKET_IN" events Answered: D. Scaling of the centralized controller cluster is challenging for services like DHCP and load-balancing

Comments your guessing... QUESTION 11 (Seems Incorrect ...) A network attacker exploits application flaws to compromise critical systems in organization with these objectives: - Obtain sensitive data and export the data out of the network - Compromise develepoer and administrator credentials to potentially gain access. What is the next step after application discovery is completed in Zero Trust networking? A. Establish visibility and behavior modeling B. Enforce policies and micro segmentation C. Ensure trustworthiness of systems D. Assess real-time security health Dump answer: A My answer: B In a Zero Trust for workload requires: 1. Visibility and behaviour modeling with application discovery and dependency maps. 2. Per workload, micro-segmentation policy 3. Real-time security health of workloads. [Hidden Content]

QUESTION 34 (Seems Incorrect ...) A network security team observes phishing attacks on a user machine from a remote location. The organization has a policy of saving confidential data on two different system suing different types of authentication. What is the next step to control such events after the security team verifies all users in Zero Trust modeling? A. Enforece risk-based and adaptive access policies B. Ensure trustworthiness of devicess C. Apply a context-based network access control policy for user D. Assess Real-time health of devices Dump Answer: D My answer: B In a Zero Trust for Workforce you have the following path: 1. Verify identity of users 2. Ensure trustworthiness of devices 3. Enforce risk-based and adaptive access policies [Hidden Content]

Let me know guys your thoughts. ------------------------------- QUESTION 17 (Seems Incorrect ...) A security architect receives reports of these incidents: - An Attacker exploits printers and medical devides in the organization to gain control of the network. - An attacker disrupts operations through attacks on networked business. What is the next step to address these issues after discovery and classification of devices? A. Apply a context based network access control policy B. Ensure trustworthiness of devices C. Assess continuois security health monitoring D. Enforce risk-based and adaptive access policies Dump Answer: D My Answer: A In a Zero Trust for the Workplace follow the following path: Establish Trust -->Discovery and classify devices Enforce Trust-Based Access--> Context-based network access control policy for users and things Continuous Trust Verification --> Continuous security health monitoring of devices [Hidden Content]

Hi guys, there are 4 questions related to Zero Trust architecture I think 3 of them the answers are wrong. QUESTION 19 (correct) Organizations that embrace Zero Trust initiatives ranging from business policies to technology infrastructure can reap business and security benefits. Which two domains should be covered under Zero Trust initiatives? (Choose two) A. workload B. work domain C. workplace D. workgroup E. workspace Dump Answer: A C My answer: A C The Three Zero Trust Domains: - workforce - workload - workplace. [Hidden Content]

Agree

Based on this document, GRE can handle Multicast traffic, except for IPv6. [Hidden Content] The sentence says CE is managed by a service provider. If you need a "quick solution" that should be devices controlled by you. The answer seems to be "C", but at the end of the declarative sentence it says "allowing future scalability", so this might change the answer to "B". That's my humble opinion.