cciehelp1 Posted January 13, 2023 Share Posted January 13, 2023 (edited) 1 hour ago, CCIENXT said: Hello Guys, I passed the exam yesterday. All the questions were from 242 pool. Just check the answers once again because there are wrong answers in the dump. Don't believe any dump sellers and get the exam asap. congratulations,, Thank you for the update , do you mean the 247 vce file ? can you please share the questions that have wrong answers,, any info will be helpful hank you Edited January 13, 2023 by cciehelp1 Link to comment Share on other sites More sharing options...
yalhoo Posted January 13, 2023 Share Posted January 13, 2023 4 hours ago, CCIENXT said: Hello Guys, I passed the exam yesterday. All the questions were from 242 pool. Just check the answers once again because there are wrong answers in the dump. Don't believe any dump sellers and get the exam asap. Congratulations! About how many questions have wrong answers? Link to comment Share on other sites More sharing options...
pskroyal Posted January 14, 2023 Share Posted January 14, 2023 Thanks @CCIENXTwill you be able to tell us which of the questions are having wrong answers in the dump, that will be very helpful, Thanks in advance Link to comment Share on other sites More sharing options...
CCIENXT Posted January 14, 2023 Share Posted January 14, 2023 I can't really tell you which answers are wrong, because I just selected exactly the same answers from dump and got 830 points. So there should be some questions to be fixed. 2 Link to comment Share on other sites More sharing options...
aspiringccnp Posted January 15, 2023 Share Posted January 15, 2023 (edited) @CCIENXT, did you take the 400-007 v3.0? I noticed that 247q is version 400-007 v3.1. Is it the same? Edited January 15, 2023 by aspiringccnp Link to comment Share on other sites More sharing options...
Ciscoboygr8 Posted January 15, 2023 Share Posted January 15, 2023 CD dumps and also PL both has lots of wrong answers. There are many questions which has to be fixed. That is why passing is very low and also whoever pass are getting very low marks. I have the list of those questions which should be corrected. Link to comment Share on other sites More sharing options...
Ciscoboygr8 Posted January 15, 2023 Share Posted January 15, 2023 (edited) For instance see below question: What is a description of a control plane action? A. matching the destination IP address of an IP packet to the IP routing table B. hosts bating routers that reside attached links the IPv6 Neighbor Discovery Protocol C. Matching the destination MAC address of an ethernet frame to the MAC address table D. de-encapsulating and re-encapsulating a packet in a data-link frame Dumps answer is ( A ) but that is incorrect, correct answer is ( D ). A is a description of a data plane action, not a control plane action. The control plane is responsible for managing the routing and switching tables, as well as maintaining the integrity of the network topology. It is responsible for the decision-making process on where traffic should flow, and it communicates with other devices in the network to synchronize and share information about the network topology. On the other hand, the data plane is responsible for forwarding packets through the network based on the information provided by the control plane. It matches the destination IP address of an IP packet to the IP routing table and forwards the packet to its destination. Edited January 17, 2023 by Ciscoboygr8 1 Link to comment Share on other sites More sharing options...
yalhoo Posted January 15, 2023 Share Posted January 15, 2023 11 minutes ago, Ciscoboygr8 said: CD dumps and also PL both has lots of wrong answers. There are many questions which has to be fixed. That is why passing is very low and also whoever pass are getting very low marks. I have the list of those questions which should be corrected. Please share the list of incorrect questions so we can look for the right answers. It would be good if you post the question number too. Thanks. Link to comment Share on other sites More sharing options...
Ciscoboygr8 Posted January 15, 2023 Share Posted January 15, 2023 1 minute ago, yalhoo said: Please share the list of incorrect questions so we can look for the right answers. It would be good if you post the question number too. Thanks. There are many questions, i can't outline all here. If you have any doubt to any question, let me know i can help you with correct answer. The above question number is Q-40. 1 Link to comment Share on other sites More sharing options...
yalhoo Posted January 15, 2023 Share Posted January 15, 2023 Q39. Company XYX is migrating their existing network to IPv6 and they must plan for Layer 2 and Layer 3 devices. Some of the access layer switches do not support IPv6, however, the core and distribution switches fully support unicast and multicast routing. The company wants to minimize cost of the migration. Which migration strategy should be used in the design? A. Layer 2 switches will not affect the implementation of IPv6. They can be included in the design in their current state. B. The access layer switches must support DHCPv6. Any switches that do not support DHCPv6 must be replaced. C. The access layer switches must support IGMP snooping at a minimum. Any switches that do not support IGMP snooping must be replaced. D. Upgrade the non-supporting switches, otherwise it will cause an issue with migration. Answer provided in the 247q dump is D. I think A should be the right answer since they are Layer 2 switches, it will not affect IPv6 which is a layer 3 feature. Please let me know if this is correct. 2 Link to comment Share on other sites More sharing options...
Ciscoboygr8 Posted January 15, 2023 Share Posted January 15, 2023 3 minutes ago, yalhoo said: Q39. Company XYX is migrating their existing network to IPv6 and they must plan for Layer 2 and Layer 3 devices. Some of the access layer switches do not support IPv6, however, the core and distribution switches fully support unicast and multicast routing. The company wants to minimize cost of the migration. Which migration strategy should be used in the design? A. Layer 2 switches will not affect the implementation of IPv6. They can be included in the design in their current state. B. The access layer switches must support DHCPv6. Any switches that do not support DHCPv6 must be replaced. C. The access layer switches must support IGMP snooping at a minimum. Any switches that do not support IGMP snooping must be replaced. D. Upgrade the non-supporting switches, otherwise it will cause an issue with migration. Answer provided in the 247q dump is D. I think A should be the right answer since they are Layer 2 switches, it will not affect IPv6 which is a layer 3 feature. Please let me know if this is correct. A 1 2 Link to comment Share on other sites More sharing options...
yalhoo Posted January 15, 2023 Share Posted January 15, 2023 (edited) Answer B does not look right. Please confirm. I was thinking C but not sure. Edited January 15, 2023 by yalhoo Link to comment Share on other sites More sharing options...
Ciscoboygr8 Posted January 15, 2023 Share Posted January 15, 2023 18 minutes ago, yalhoo said: This is the hidden content, please Sign In or Sign Up Answer B does not look right. Please confirm. I was thinking C but not sure. A GRE tunnel can only be used to transport unicast traffic, it can't handle multicast traffic unless many other features are enabled. In situations where multicast traffic is a critical part of the network, you will use MPLS VPN over DMVPN. A, B, C and E are not correct. Correct and accurate answer is D. The dump has lots of questions which i corrected and added explanation to it. If anyone interested they can DM me to discuss further. 29 10 Link to comment Share on other sites More sharing options...
yalhoo Posted January 15, 2023 Share Posted January 15, 2023 Q2. Which two statements explain the operation of BFD asynchronous mode? (Choose two) A. BFD asynchronous mode with echo packets combine the control packets & echo packets into a single packet B. BFD asynchronous mode with echo packets uses separate control packets & echo packets C. BFD asynchronous mode without echo packets has control sent back to the originating router failures D. BFD asynchronous mode with echo packets uses control packets & FD asynchronous mode with echos does not E. BFD asynchronous mode with & without echo packets use control packets Answer provided in the 247q dump is BE. Not sure if this is correct, let me know. Link to comment Share on other sites More sharing options...
demenx Posted January 15, 2023 Share Posted January 15, 2023 5 hours ago, Ciscoboygr8 said: A GRE tunnel can only be used to transport unicast traffic, it can't handle multicast traffic unless many other features are enabled. In situations where multicast traffic is a critical part of the network, you will use MPLS VPN over DMVPN. A, B, C and E are not correct. Correct and accurate answer is D. The dump has lots of questions which i corrected and added explanation to it. If anyone interested they can DM me to discuss further. Based on this document, GRE can handle Multicast traffic, except for IPv6. This is the hidden content, please Sign In or Sign Up The sentence says CE is managed by a service provider. If you need a "quick solution" that should be devices controlled by you. The answer seems to be "C", but at the end of the declarative sentence it says "allowing future scalability", so this might change the answer to "B". That's my humble opinion. 35 7 1 Link to comment Share on other sites More sharing options...
demenx Posted January 15, 2023 Share Posted January 15, 2023 10 hours ago, Ciscoboygr8 said: A Agree Link to comment Share on other sites More sharing options...
demenx Posted January 16, 2023 Share Posted January 16, 2023 Hi guys, there are 4 questions related to Zero Trust architecture I think 3 of them the answers are wrong. QUESTION 19 (correct) Organizations that embrace Zero Trust initiatives ranging from business policies to technology infrastructure can reap business and security benefits. Which two domains should be covered under Zero Trust initiatives? (Choose two) A. workload B. work domain C. workplace D. workgroup E. workspace Dump Answer: A C My answer: A C The Three Zero Trust Domains: - workforce - workload - workplace. This is the hidden content, please Sign In or Sign Up 29 7 1 Link to comment Share on other sites More sharing options...
demenx Posted January 16, 2023 Share Posted January 16, 2023 Let me know guys your thoughts. ------------------------------- QUESTION 17 (Seems Incorrect ...) A security architect receives reports of these incidents: - An Attacker exploits printers and medical devides in the organization to gain control of the network. - An attacker disrupts operations through attacks on networked business. What is the next step to address these issues after discovery and classification of devices? A. Apply a context based network access control policy B. Ensure trustworthiness of devices C. Assess continuois security health monitoring D. Enforce risk-based and adaptive access policies Dump Answer: D My Answer: A In a Zero Trust for the Workplace follow the following path: Establish Trust -->Discovery and classify devices Enforce Trust-Based Access--> Context-based network access control policy for users and things Continuous Trust Verification --> Continuous security health monitoring of devices This is the hidden content, please Sign In or Sign Up 36 6 Link to comment Share on other sites More sharing options...
demenx Posted January 16, 2023 Share Posted January 16, 2023 QUESTION 34 (Seems Incorrect ...) A network security team observes phishing attacks on a user machine from a remote location. The organization has a policy of saving confidential data on two different system suing different types of authentication. What is the next step to control such events after the security team verifies all users in Zero Trust modeling? A. Enforece risk-based and adaptive access policies B. Ensure trustworthiness of devicess C. Apply a context-based network access control policy for user D. Assess Real-time health of devices Dump Answer: D My answer: B In a Zero Trust for Workforce you have the following path: 1. Verify identity of users 2. Ensure trustworthiness of devices 3. Enforce risk-based and adaptive access policies This is the hidden content, please Sign In or Sign Up 23 3 1 Link to comment Share on other sites More sharing options...
demenx Posted January 16, 2023 Share Posted January 16, 2023 Comments your guessing... QUESTION 11 (Seems Incorrect ...) A network attacker exploits application flaws to compromise critical systems in organization with these objectives: - Obtain sensitive data and export the data out of the network - Compromise develepoer and administrator credentials to potentially gain access. What is the next step after application discovery is completed in Zero Trust networking? A. Establish visibility and behavior modeling B. Enforce policies and micro segmentation C. Ensure trustworthiness of systems D. Assess real-time security health Dump answer: A My answer: B In a Zero Trust for workload requires: 1. Visibility and behaviour modeling with application discovery and dependency maps. 2. Per workload, micro-segmentation policy 3. Real-time security health of workloads. This is the hidden content, please Sign In or Sign Up 20 2 Link to comment Share on other sites More sharing options...
Ciscoboygr8 Posted January 16, 2023 Share Posted January 16, 2023 3 hours ago, demenx said: QUESTION 34 (Seems Incorrect ...) A network security team observes phishing attacks on a user machine from a remote location. The organization has a policy of saving confidential data on two different system suing different types of authentication. What is the next step to control such events after the security team verifies all users in Zero Trust modeling? A. Enforece risk-based and adaptive access policies B. Ensure trustworthiness of devicess C. Apply a context-based network access control policy for user D. Assess Real-time health of devices Dump Answer: D My answer: B In a Zero Trust for Workforce you have the following path: 1. Verify identity of users 2. Ensure trustworthiness of devices 3. Enforce risk-based and adaptive access policies This is the hidden content, please Sign In or Sign Up As per Cisco LIVE document, you should select Trustworthiness of devices as next step. But normally it falls under step 3 after adaptive access policies. SO follow cisco document. 7 1 1 Link to comment Share on other sites More sharing options...
Ciscoboygr8 Posted January 16, 2023 Share Posted January 16, 2023 3 hours ago, demenx said: Comments your guessing... QUESTION 11 (Seems Incorrect ...) A network attacker exploits application flaws to compromise critical systems in organization with these objectives: - Obtain sensitive data and export the data out of the network - Compromise develepoer and administrator credentials to potentially gain access. What is the next step after application discovery is completed in Zero Trust networking? A. Establish visibility and behavior modeling B. Enforce policies and micro segmentation C. Ensure trustworthiness of systems D. Assess real-time security health Dump answer: A My answer: B In a Zero Trust for workload requires: 1. Visibility and behaviour modeling with application discovery and dependency maps. 2. Per workload, micro-segmentation policy 3. Real-time security health of workloads. This is the hidden content, please Sign In or Sign Up B 11 1 Link to comment Share on other sites More sharing options...
Ciscoboygr8 Posted January 16, 2023 Share Posted January 16, 2023 4 hours ago, demenx said: Let me know guys your thoughts. ------------------------------- QUESTION 17 (Seems Incorrect ...) A security architect receives reports of these incidents: - An Attacker exploits printers and medical devides in the organization to gain control of the network. - An attacker disrupts operations through attacks on networked business. What is the next step to address these issues after discovery and classification of devices? A. Apply a context based network access control policy B. Ensure trustworthiness of devices C. Assess continuois security health monitoring D. Enforce risk-based and adaptive access policies Dump Answer: D My Answer: A In a Zero Trust for the Workplace follow the following path: Establish Trust -->Discovery and classify devices Enforce Trust-Based Access--> Context-based network access control policy for users and things Continuous Trust Verification --> Continuous security health monitoring of devices This is the hidden content, please Sign In or Sign Up B 12 Link to comment Share on other sites More sharing options...
Ciscoboygr8 Posted January 16, 2023 Share Posted January 16, 2023 10 hours ago, demenx said: Based on this document, GRE can handle Multicast traffic, except for IPv6. This is the hidden content, please Sign In or Sign Up The sentence says CE is managed by a service provider. If you need a "quick solution" that should be devices controlled by you. The answer seems to be "C", but at the end of the declarative sentence it says "allowing future scalability", so this might change the answer to "B". That's my humble opinion. I would still be using D. In real world you don't use multicast in GRE tunnel. 26 5 Link to comment Share on other sites More sharing options...
ZoracZilic Posted January 16, 2023 Share Posted January 16, 2023 On 1/15/2023 at 11:45 AM, aspiringccnp said: @CCIENXT, did you take the 400-007 v3.0? I noticed that 247q is version 400-007 v3.1. Is it the same? Do you have pdf for this, If possible could you please provide. 2 2 Link to comment Share on other sites More sharing options...
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now