mh1977 Posted January 16, 2023 Share Posted January 16, 2023 3 hours ago, ZoracZilic said: Do you have pdf for this, If possible could you please provide. for mee to, please 1 Link to comment Share on other sites More sharing options...
yalhoo Posted January 16, 2023 Share Posted January 16, 2023 (edited) What is a disadvantage of the traditional three-tier architecture model when east west traffic between different pods must go through the distribution and core layers? A. low bandwidth B. security C. scalability D. high latency Is correct answer A or D ? ---------- A legacy enterprise is using a Service Provider MPLS network to connect its head office and branches. Recently, they added a new branch to their network. Due to physical security concerns, they want to extend their existing IP CCTV network of the head office to the new branch, without any routing changes in the network. They are also under some time constraints. What is the best approach to extend the existing IP CCTV network to the new branch, without incurring any IP address changes? A. GRE B. L2TPv3 C. VXLAN D. EoMPLS Is correct answer B or D ? ------------ Identity and access management between multiple users and multiple applications has become a mandatory requirement for Company XYZ to fight against ever increasing cybersecurity threats. To achieve this, federated identity services have been deployed in the Company XYZ network to provide single sign-on and Multi-Factor Authentication for the applications and services. Which protocol can be used by Company XYZ to provide authentication and authorization services? A. OAuth2 B. OpenID Connect C. OpenID D. SAML 2.0 Is correct answer B or D ? -------------- A network security team uses a purpose-built tool to actively monitor the campus network, applications, and user activity. The team also analyzes enterprise telemetry data from IPFIX data records that are received from devices in the campus network. Which action can be taken based on the augmented data? A. reduction in time to detect and respond to threats B. integration with an incident response plan C. adoption and improvement of threat-detection response D. asset identification and grouping decisions Is correct answer A or B ? Edited January 16, 2023 by yalhoo 3 Link to comment Share on other sites More sharing options...
Popular Post Min Posted January 16, 2023 Popular Post Share Posted January 16, 2023 (edited) couldn't understand... which three items do you recommend for control plane hardening of the infrastructure device? (Choose three) A. redundant AAA service : This is the hidden content, please Sign In or Sign Up B. control plane policy: This is the hidden content, please Sign In or Sign Up C. warning banners : This is the hidden content, please Sign In or Sign Up D. to enable unused services : ??? E. SNMPv3 : This is the hidden content, please Sign In or Sign Up F. routing protocol authentication: This is the hidden content, please Sign In or Sign Up AAnd which two data plane hardening techniques are true? (Choose two) A. Warning banners: This is the hidden content, please Sign In or Sign Up B. Redundant AAA servers: This is the hidden content, please Sign In or Sign Up C. Control plane policing : This is the hidden content, please Sign In or Sign Up D. SNMPv3: This is the hidden content, please Sign In or Sign Up E. Infrastructure ACLs: This is the hidden content, please Sign In or Sign Up F. Disable unused services: This is the hidden content, please Sign In or Sign Up G. Routing protocol authentication : This is the hidden content, please Sign In or Sign Up This is the hidden content, please Sign In or Sign Up : This is the hidden content, please Sign In or Sign Up Edited January 16, 2023 by Min 58 8 Link to comment Share on other sites More sharing options...
Min Posted January 17, 2023 Share Posted January 17, 2023 On 1/15/2023 at 11:15 PM, Ciscoboygr8 said: For instance see below question: What is a description of a control plane action? A. matching the destination IP address of an IP packet to the IP routing table B. hosts bating routers that reside attached links the IPv6 Neighbor Discovery Protocol C. Matching the destination MAC address of an ethernet frame to the MAC address table D. de-encapsulating and re-encapsulating a packet in a data-link frame Dumps answer is ( A ) but that is incorrect, correct answer is ( C ). A is a description of a data plane action, not a control plane action. The control plane is responsible for managing the routing and switching tables, as well as maintaining the integrity of the network topology. It is responsible for the decision-making process on where traffic should flow, and it communicates with other devices in the network to synchronize and share information about the network topology. On the other hand, the data plane is responsible for forwarding packets through the network based on the information provided by the control plane. It matches the destination IP address of an IP packet to the IP routing table and forwards the packet to its destination. Just my short knowledge is.... The data plane is the forwarding plane, which is responsible for the switching of packets through the router and switch. There are features that could affect packet forwardings such as QoS and ACLs... and included encapsulating, encrypting, and matching IP and MAC as well. the control plane is responsible for maintaining sessions and exchanging protocol information with other routers or network devices. IPv6 Neighbor Discovery Protocol (NDP) is one of the common control plane protocols. so the correct answer is "B" Referenace : This is the hidden content, please Sign In or Sign Up 36 5 Link to comment Share on other sites More sharing options...
Ciscoboygr8 Posted January 17, 2023 Share Posted January 17, 2023 9 hours ago, Min said: Just my short knowledge is.... The data plane is the forwarding plane, which is responsible for the switching of packets through the router and switch. There are features that could affect packet forwardings such as QoS and ACLs... and included encapsulating, encrypting, and matching IP and MAC as well. the control plane is responsible for maintaining sessions and exchanging protocol information with other routers or network devices. IPv6 Neighbor Discovery Protocol (NDP) is one of the common control plane protocols. so the correct answer is "B" Referenace : This is the hidden content, please Sign In or Sign Up The correct answer is D. De-encapsulating and re-encapsulating a packet in a data-link frame. This action is performed by the control plane in order to forward the packet to its intended destination by changing the data-link layer header and trailer. Explanation: A is a description of a data plane action, where the router or switch uses the routing table to determine the next hop for a packet and forwards it accordingly. B is not a correct answer because it is not a control plane action. The IPv6 Neighbor Discovery Protocol (NDP) is a protocol used for discovering other IPv6 nodes on the same link and determining their link-layer addresses, it is a part of the data plane. The control plane is responsible for managing the forwarding information and making forwarding decisions based on the routing table, but IPv6 Neighbor Discovery Protocol (NDP) is not involved in this process. C is a description of a data plane action, not a control plane action. The control plane is responsible for managing and maintaining the routing table and managing the network's topology. The control plane is responsible for making decisions about where to forward packets based on the routing table and other information it has about the network. The data plane, on the other hand, is responsible for forwarding packets based on the decisions made by the control plane. It uses the MAC address table to match the destination MAC address of an ethernet frame to the next hop device. 13 1 Link to comment Share on other sites More sharing options...
Ciscoboygr8 Posted January 17, 2023 Share Posted January 17, 2023 (edited) many question has many right answers, but best answer should be selected. Edited January 17, 2023 by Ciscoboygr8 Link to comment Share on other sites More sharing options...
Min Posted January 17, 2023 Share Posted January 17, 2023 42 minutes ago, Ciscoboygr8 said: many question has many right answers, but best answer should be selected. Yes, you are partially correct. I meant... Please have a look the " This is the hidden content, please Sign In or Sign Up " in CiscoPress. they explain very well..... This is the hidden content, please Sign In or Sign Up So below items are all related data plane actions.... A. matching the destination IP address of an IP packet to the IP routing table C. Matching the destination MAC address of an ethernet frame to the MAC address table D. de-encapsulating and re-encapsulating a packet in a data-link frame And.. the "IPv6 Neighbor Discovery Protocol (NDP)" is more common control plane protocol. 33 5 Link to comment Share on other sites More sharing options...
Min Posted January 17, 2023 Share Posted January 17, 2023 To be honest, I'm so confused these 400-007 questions... some of the questions would be not common sense to me. maybe not.😅 What do you think about the above two hardening questions? any idea? Link to comment Share on other sites More sharing options...
Ciscoboygr8 Posted January 17, 2023 Share Posted January 17, 2023 Yes just see another question: How many fully established neighbour relationships exist on an Ethernet with five routers running OSPF as network type broadcast? A. 5 B. 6 C. 7 D. 10 E. 20 Dump answer is 7. But based on the below formula it has to be 10: n*n-1 /2 On an Ethernet with five routers running OSPF as network type broadcast, there would be 10 fully established neighbor relationships. This is because each router would establish a neighbor relationship with every other router in the network. In total, 5 routers * (5 routers - 1) = 10 fully established neighbor relationships. Link to comment Share on other sites More sharing options...
Ciscoboygr8 Posted January 17, 2023 Share Posted January 17, 2023 1 hour ago, Min said: To be honest, I'm so confused these 400-007 questions... some of the questions would be not common sense to me. maybe not.😅 What do you think about the above two hardening questions? any idea? they are correct in dump. Link to comment Share on other sites More sharing options...
cciehelp1 Posted January 17, 2023 Share Posted January 17, 2023 2 hours ago, Ciscoboygr8 said: Yes just see another question: How many fully established neighbour relationships exist on an Ethernet with five routers running OSPF as network type broadcast? A. 5 B. 6 C. 7 D. 10 E. 20 Dump answer is 7. But based on the below formula it has to be 10: n*n-1 /2 On an Ethernet with five routers running OSPF as network type broadcast, there would be 10 fully established neighbor relationships. This is because each router would establish a neighbor relationship with every other router in the network. In total, 5 routers * (5 routers - 1) = 10 fully established neighbor relationships. i believe the right answer is 7 ,, its an Ethernet connections (Broadcast) so it have to be DR BDR election ,,and the the only fully neighbour with be with the DR and BDR ,,, so 2 x (N-2) + 1 full OSPF neighbor adjacencies. =7 4 1 Link to comment Share on other sites More sharing options...
cciehelp1 Posted January 17, 2023 Share Posted January 17, 2023 On 1/15/2023 at 7:15 AM, Ciscoboygr8 said: For instance see below question: What is a description of a control plane action? A. matching the destination IP address of an IP packet to the IP routing table B. hosts bating routers that reside attached links the IPv6 Neighbor Discovery Protocol C. Matching the destination MAC address of an ethernet frame to the MAC address table D. de-encapsulating and re-encapsulating a packet in a data-link frame Dumps answer is ( A ) but that is incorrect, correct answer is ( D ). A is a description of a data plane action, not a control plane action. The control plane is responsible for managing the routing and switching tables, as well as maintaining the integrity of the network topology. It is responsible for the decision-making process on where traffic should flow, and it communicates with other devices in the network to synchronize and share information about the network topology. On the other hand, the data plane is responsible for forwarding packets through the network based on the information provided by the control plane. It matches the destination IP address of an IP packet to the IP routing table and forwards the packet to its destination. i think the right answer will be B, please see the following link : This is the hidden content, please Sign In or Sign Up 23 5 Link to comment Share on other sites More sharing options...
cciehelp1 Posted January 17, 2023 Share Posted January 17, 2023 On 1/15/2023 at 6:54 PM, demenx said: Based on this document, GRE can handle Multicast traffic, except for IPv6. This is the hidden content, please Sign In or Sign Up The sentence says CE is managed by a service provider. If you need a "quick solution" that should be devices controlled by you. The answer seems to be "C", but at the end of the declarative sentence it says "allowing future scalability", so this might change the answer to "B". That's my humble opinion. I will go with B 26 4 Link to comment Share on other sites More sharing options...
demenx Posted January 18, 2023 Share Posted January 18, 2023 (edited) Hello Guys, I passed the exam recently. All the questions were from 247 VCE dump version 3.1. No new questions. In this chat, someone wrote he responded with the same answers as the dump, and it got 830 scores. I answered as shown in the dump, with some exceptions, getting an 804 score. I was hoping to get a higher score than 830, but it didn't happen. Anyway, the dump is still valid, the score might not be perfect, but it works. Good luck guys. PS: The answers I changed were the following: --- Q: What is a description of a control plane action? Answered: B. hosts bating routers that reside attached links the IPv6 Neighbor Discovery Protocol --- Q: A network security team observes phishing attacks on a user machine from a remote location. The organization has a policy of saving confidential data on two different system using different types of authentication. What is the next step to control such events after the security team verifies all users in Zero Trust modeling? Answered: B. Ensure trustworthiness of devices --- Q: A network attacker exploits application flaws to compromise critical systems in organization with these objectives: - Obtain sensitive data and export the data out of the network - Compromise developer and administrator credentials to potentially gain access. What is the next step after application discovery is completed in Zero Trust networking? Answered: B. Enforce policies and micro segmentation --- Q59: The controller has a global view of the network, and it can easily ensure that the network is in a consistent and optimal configuration. Which two statements describe a centralized SDN control path? Answered: C. it significantly improves the latency when performing reactive handling of "PACKET_IN" events Answered: D. Scaling of the centralized controller cluster is challenging for services like DHCP and load-balancing Edited January 18, 2023 by demenx 1 1 Link to comment Share on other sites More sharing options...
Luckyccie Posted January 18, 2023 Share Posted January 18, 2023 (edited) Guys, I passed with above 800 marks. Many thanks to CiscoISE and Keje for their support, I acknowledge that they made too much extra effort in making the VCE files. My suggestion are the following to everyone in preparing stage. The VCE 247 version, on page 26 by CiscoISE is more than enough to pass All you need is to practice as many times possible so that there is not a single doubt or lack of knowledge which could make you confused between the variances each question set have. Don't ask for PDF version of the questions, because you would miss the practice skills. VCE software and the file is shared on page 26, you would only require a Window OS to run the cracked VCE software and open the file. Lastly, there is no new question, all same as the VCE and no need for any dumps as of now. All the best, I wanted to giveback to the community and thank you all for the support. Edited January 18, 2023 by Luckyccie 6 2 Link to comment Share on other sites More sharing options...
Certadmin Posted January 18, 2023 Share Posted January 18, 2023 @Luckyccie I don't see the VCE link on page 26. Can someone share the link for vce dumps please? I am going to take my exam next week. Thanks in Advance. 1 Link to comment Share on other sites More sharing options...
Certadmin Posted January 18, 2023 Share Posted January 18, 2023 @CiscoISEHello Bro The VCE is just allowing 15 question not all 195. Can you please let me know if we can select 195Q at once to practice? Thank you Link to comment Share on other sites More sharing options...
Thunderbird Posted January 18, 2023 Share Posted January 18, 2023 @Luckyccie Congrats bro. What's the min. pass score? Link to comment Share on other sites More sharing options...
ZANSDELGA Posted January 19, 2023 Share Posted January 19, 2023 (edited) Hi All, I failed my written today. Close but not enough. How Can I get the latest dump ? Where is this VCE I keep reading about ? I am desperate. Thanks Edited January 19, 2023 by ZANSDELGA Link to comment Share on other sites More sharing options...
onevf1 Posted January 19, 2023 Share Posted January 19, 2023 On 8/19/2022 at 9:50 AM, martek said: We have addressed some of your concerns; However, many choose keep answers as they are to get "pass" Here are my findings so far Hidden Content Give reaction or reply to this topic to see the hidden content. hello 10 Link to comment Share on other sites More sharing options...
ZoracZilic Posted January 19, 2023 Share Posted January 19, 2023 You are designing an Out of Band Cisco Network Admission Control. Layer 3 Real-IP Gateway deployment for a customer. Which VLAN must be trunked back to the Clean Access Server from the access switch? A. authentication VLAN B. user VLAN C. untrusted VLAN D. management VLAN Any suggestion which answer here is correct? Link to comment Share on other sites More sharing options...
Thunderbird Posted January 19, 2023 Share Posted January 19, 2023 4 hours ago, ZoracZilic said: You are designing an Out of Band Cisco Network Admission Control. Layer 3 Real-IP Gateway deployment for a customer. Which VLAN must be trunked back to the Clean Access Server from the access switch? A. authentication VLAN B. user VLAN C. untrusted VLAN D. management VLAN Any suggestion which answer here is correct? Hmm.. very unclear question. A. authentication VLAN Please see this: This is the hidden content, please Sign In or Sign Up 38 9 Link to comment Share on other sites More sharing options...
Ciscoboygr8 Posted January 19, 2023 Share Posted January 19, 2023 8 hours ago, ZANSDELGA said: Hi All, I failed my written today. Close but not enough. How Can I get the latest dump ? Where is this VCE I keep reading about ? I am desperate. Thanks Reach me, maybe my version helps you 1 1 Link to comment Share on other sites More sharing options...
Ciscoboygr8 Posted January 19, 2023 Share Posted January 19, 2023 4 hours ago, ZoracZilic said: You are designing an Out of Band Cisco Network Admission Control. Layer 3 Real-IP Gateway deployment for a customer. Which VLAN must be trunked back to the Clean Access Server from the access switch? A. authentication VLAN B. user VLAN C. untrusted VLAN D. management VLAN Any suggestion which answer here is correct? The VLAN that must be trunked back to the Clean Access Server from the access switch is the "authentication VLAN". This VLAN is used to authenticate users and devices before they are granted access to the network. It is also where the Clean Access Server is typically connected to perform the necessary authentication and access control checks. This VLAN is typically separate from the user VLAN, untrusted VLAN, and management VLAN to ensure that only properly authenticated and authorized users and devices are allowed access to the network. 1 1 Link to comment Share on other sites More sharing options...
Thunderbird Posted January 19, 2023 Share Posted January 19, 2023 5 hours ago, Ciscoboygr8 said: Reach me, maybe my version helps you Why not help here? you should give back to community instead of asking poor guy for private DM. Link to comment Share on other sites More sharing options...
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now