Home > Share your CCNA Security Experience

Share your CCNA Security Experience

November 5th, 2015 Go to comments

Please share with us your experience after taking the CCNA Security 210-260 exam, your materials, the way you learned, your recommendations…

Comments (100) Comments
Comment pages
1 17 18 19 20 21 22 675
  1. securitas
    February 5th, 2020

    @Bolo

    Thanks for the feed! I thought theywere refering to local database.

    Refering 2nd question, that’s is true. And that is why I don’t know what the answer should be. Cisco focus a lot on AMP abilities to monitor malware behavior. But uses different processes so how can we give an exact answer? From their docs, signature checking is just one of the processes.. right?

  2. Bolo
    February 5th, 2020

    @securitas
    The question isn’t asking about a Cisco product, at least the way we have it here. AFAIK, Cisco doesn’t sell any host-based AV (not counting free ClamAV that they develop). AMP uses agents (connectors as Cisco calls them), but those aren’t “real” AV software. The question just seems to be a general security knowledge question (like those about frequency of AV updates in the past for example). So I would bet on general knowledge answer, which should be B.

    A: if the question is about Cisco, this might be an answer – have to see the question exactly as it is on the test
    B: that’s what most AV software does by default
    C: not sure what that means
    D: there is/was software running sandbox on the host (paid Avast?), but mostly it is not endpoint functionality

  3. securitas
    February 5th, 2020

    QUESTIONS CORRECTED – based on @Bolo feedback and following Cisco explanation confirming everything

    “Introduction to Advanced Malware Protection (AMP)” from Cisco official channel.
    https :// youtu.be / ZDBMH7X4Dr4?t =88

    Q1 File reputation is done in the CLOUD. Whenever a file is accessed, AMP connector sends a SHA-256 hash value+file context to the cloud (where the DB is!) so the cloud answers with a veredict/file disposition.

    Q2 It only uses sandboxing after file reputation results, i.e., if the retrieved file disposition from the cloud is tagged as unknown. AMP sends the file context to the cloud to get the file reputation, so I’d go for context (as per my understanding heuristics and signature database is specific for viruses?

  4. securitas
    February 5th, 2020

    @Bolo
    I see… would like to see original question as well. I wdn’t go for the B because they say”Block known threats automatically using machine learning, exploit prevention, file reputation, antivirus, and a wide array of other attack prevention techniques that will stop both fileless and file-based attacks in their tracks.”

    So what I understand from this is that is just one of its techniques. I’d better go for A for the reasons you’ve said, or context because of them saying that for AMP to get file reputation, it has to send hash+context.

  5. Francoise
    February 5th, 2020

    Hi guys, could anybody explain me why this? Thanks a lot.

    What is the effect of the given configuration?
    Device #tunnel group 192.x.x.x ipsec-attributes
    Device# pre-shared-key cisco654

    C. It establishes the preshared key for the firewall

  6. dredv
    February 5th, 2020

    @Francoise: this is a “best of” answer, other choices are router, switch and ISE.
    Switch and ISE are no vpn devices. A Router can be depending of model, Firewall also.
    So firewall is the best of these answers…

  7. Bolo
    February 5th, 2020

    @Francoise, dredv
    I think tunnel-group command is only available on ASAs.

  8. Francoise
    February 5th, 2020

    dredv
    ouh… you are absolutely right!
    Thanks dredv… I didnt think of that (ise and switch)!

  9. Sky
    February 5th, 2020

    So is Antons DUMP still 100% valid or have new questions been added? Taking exam on Friday

  10. Bolo
    February 5th, 2020

    @Sky
    Anton’s dump is valid, just not for the perfect score – that’s what people here are saying. New questions weren’t added – we only know two of them, more or less.

  11. azarki
    February 6th, 2020

    @bolo , @anton and @yuki, thanks a million, I passed today with a 9xx points.
    same simulation.

    few new question:
    a question about UCS (benefit of using UCS)
    a question about MDM (what can do)
    a question with : isakmp_qm_ready isakmp_idle isakmp_qm_idle , I don t remember exactly
    a question about ise

  12. Copy link and paste in your browser
    February 6th, 2020

    passed my exam 978/1000.

    1 SIM: Connection less VPN
    D&D : Drag and drop the each port-security violation

    Copy link and paste in your browser
    poweredbydialup.online/WV4VYT

  13. Anonymous
    February 6th, 2020

    The question isn’t asking about a Cisco product, at least the way we have it here. AFAIK, Cisco doesn’t sell any host-based AV (not counting free ClamAV that they develop). AMP uses agents (connectors as Cisco calls them), but those aren’t “real” AV software. The question just seems to be a general security knowledge question (like those about frequency of AV updates in the past for example). So I would bet on general knowledge answer, which should be B.

    A: if the question is about Cisco, this might be an answer – have to see the question exactly as it is on the test
    B: that’s what most AV software does by default
    C: not sure what that means
    D: there is/was software running sandbox on the host (paid Avast?), but mostly it is not endpoint functionality

  14. Siyanor
    February 6th, 2020

    @Bolo @anton @yuki @othere who participated in this forum.
    I have passed the exam with 938 score. as Azarki said , a few new questions were but anton file is enough to pass the exam , new questions might be testing once which wont be scored.

  15. Zfk
    February 6th, 2020

    Hi everyone,

    Firstly special thanks to Bolo, Anton, Youki, c0achGreece and Anubis for their work and others for their great contribution to community.
    I passed exam today with score 9xx/1000.
    ~60% of questions were from Anton’s file, ~20 from Youki and rest were new questions (about 10).
    SIM was clientless and DND port-security violation.
    Unfortunately I can’t remember most question but I can recall:
    – Question about UCS server, it characteristic
    – In which solution APM is working: ESA, ASA, AnyConnect…
    – Which are MDM two functions in BYOD.
    – What TACACS functions are? (something like that): Decombines authorization and
    authentication, combines authorization and authentication, encrypt body, encrypts password only.

  16. CATS
    February 6th, 2020

    @Securitas & MOHA

    The answer is definitely B – Signature Checking

    The first question I posted was between ESA or Cloud, and the answer is Cloud as Bolo confirmed.

    I have noticed at the end of Anton’s file he has a lot of questions from Passleader(“July 2018 -Unverified”) that are not checked, I imagine these are unlikely to come up in the test? I spotted a few wrong answers in this section.
    Just not sure why he would have added these to his PDF.

  17. CATS
    February 6th, 2020

    @Zfk

    You might just have answered my question regarding old questions in Anton’s file.

    Which are MDM two functions in BYOD?… Is that not the below question from Anton’s file?

    Q. Which is not a function of mobile device management (MDM)?

    A. Enforce Strong Passwords on BYOD Devices
    B. Deploy Software Updates on BYOD Devices
    C. Remotely wipe data
    D. Enforce Data encryption

    Answer B

    What TACACS functions are?

    This one has been covered.

  18. CATS
    February 6th, 2020

    Ignore my question regarding Anton’s file, I have noticed there is a 1.3version of the file.

  19. Sky
    February 6th, 2020

    @CATS
    There is a 1.3 Version?!?!
    Where?

  20. Giu
    February 6th, 2020

    Here’s the link to the lastest (1.3) version of Anton’s file – remove spaces from it:
    drive . google . com / open?id = 131HL9-QF-KyRJSTZZ-W4ufQNIvUdOx58

  21. Moha
    February 6th, 2020

    @ZFK
    do you have a corrected version of Youki’s file ?

  22. securitas
    February 6th, 2020

    @CATS

    “The answer is definitely B – Signature Checking”, based on what?

  23. dredv
    February 6th, 2020

    ZFK remembered this new question:
    “– In which solution AMP is working: ESA, ASA, AnyConnect…”

    AMP is working on all of these, ESa, ASA andd also anyconnect
    i refer to h..ps://www.cisco.com/c/en/us/solutions/collateral/enterprise-networks/advanced-malware-protection/solution-overview-c22-734228.html

    Product Name Details

    Cisco AMP for Endpoints: Protect PCs running Windows, Macs, Linux systems, and Android mobile devices using AMP’s lightweight connector, with no performance impact on users. AMP for Endpoints can also be launched from AnyConnect v4.1.

    Cisco AMP for Networks: Deploy AMP as a network-based solution integrated into Cisco Firepower NGIPS security appliances.

    Cisco AMP on Firewalls and ASA with FirePOWER Services: Deploy AMP capabilities integrated into the Cisco NGFW or ASA Adaptive Security Appliance firewall.

    Cisco AMP Private Cloud Virtual Appliance: Deploy AMP as an on-premises, air-gapped solution built specifically for organizations with high-privacy requirements that restrict using a public cloud.

    Cisco AMP on ESA, or WSA: For Cisco Email Security Appliance (ESA) or Web Security Appliance (WSA), AMP capabilities can be turned on to provide retrospective capabilities and malware analysis.

    Cisco AMP for Meraki MX: Deploy AMP as part of the Meraki MX Security Appliance for cloud-based simplified security management with advanced threat capabilities.

    Cisco Threat Grid: Threat Grid is integrated with Cisco AMP for enhanced malware analysis. It can also be deployed as a standalone advanced malware analysis and threat intelligence solution, in the cloud or on an appliance.

  24. securitas
    February 6th, 2020

    @ZFK @dredv
    wasn’t there the choice to select it all?

  25. Arslan
    February 6th, 2020

    Hi All,

    Can anyone please confirm if answer are correct in dump file named ‘C0achGreece.Yako.PassLeader&more-ByAnton_v1.3’

    Thanks

  26. Arslan
    February 6th, 2020

    Verified answers of few questions and they were correct although answers for same questions were wrong in multiple other dumps. I am assuming as ‘Anton’ dumps are compiled after verifying and discussing questions on this forums so all answers are correct. I would appreciate if someone can confirm it.

  27. Anonymous
    February 6th, 2020

    I am glad to share Prepaway Premium Dumps (Latest Paid Version) along some dumps from other vendors.

    I don’t think new questions are included in these dumps. However please confirm if people who have recently passed the exam are able to see new questions in Prepaway Premium File.

    mega . nz / # F!Vs Nh DYrL! 5Lb6GYM uj Gl wrj lQzSE QAA

    Remove spaces

  28. Arslan
    February 6th, 2020

    @Drevdv

    Thanks.

    Can anyone confirm the answer for below question

    If a router configuration includes the line aaa authentication login default group tacacs+ enable, which events will occur when the TACACS+ server returns an error? (Choose two)
    A. The user will be prompted to authenticate using the enable password
    B. Authentication attempts to the router will be denied
    C. Authentication will use the router`s local database
    D. Authentication attempts will be sent to the TACACS+ server

    Is it A&D or A&B

  29. dredv
    February 6th, 2020

    @Arslan
    A&D

  30. HM
    February 6th, 2020

    Hello everyone,

    How to download the latest dumps? I had an exam on 02/05 but did not pass. I am planning to take again next week.

  31. dredv
    February 6th, 2020

    just scroll up on this page and look for Anton..1.3

  32. Humble
    February 6th, 2020

    Anton’s file still valid. Won’t get perfect score, but you will pass and that’s all that matters right

  33. Dredv
    February 6th, 2020

    @HM
    How did you prepare?

  34. securitas
    February 6th, 2020

    I just passed the exam with 950/1000. Anton’s file IS NOT ENOUGH, at least in my case. There were plenty of new questions. Most of them are basic security/networking questions that I think anyone can answer. In any case, this is what I remember:
    Q1. What is the effect of the given configuration?
    Device #tunnel group 192.x.x.x ipsec-attributes
    Device# pre-shared-key cisco654

    c) It establishes the preshared key for the firewall

    Thanks @Francoise!

    Q2. Something like what method to use to avoid MITM attacks:

    ans: authentication

    Q3. UCS Advantages (2 options among 5) – https:// www. cisco. com/c/dam/en/us/products/collateral/ servers-unified-computing/ ucs-solution-overview.pdf
    a) centralized monitoring and control
    b) something related to lower cost
    x) something about control on-premise and on the CLOUD

    Q4. WHat messages represent a successfull ISAKMP SAs establishment (the idea was this, not literally like this)
    a) I chose QM_IDLE, as per UDEMY videos. Not sure though, but I think I got it right.
    b) IKE_IDLE
    c) and d) other IKE_ messages

    Q5. Something like what resources can we use in a S2S VPN (2 options):
    a) TACACS….
    b) RADIUS….
    … can’t remember the rest

    Q6. Question about MDM features(read de chapter on 31 days before…. everything is there in one page)
    a) something about using ISE that made sense for me…
    b) Wipe data remotely
    c, d)… can’t recall

    If something else comes to my mind I’ll let you know. Cheers!

  35. dredv
    February 6th, 2020

    @securitas: Congratulations & THX for this feedback

  36. Sky
    February 6th, 2020

    Q3. UCS Advantages (2 options among 5) – https:// www. cisco. com/c/dam/en/us/products/collateral/ servers-unified-computing/ ucs-solution-overview.pdf
    a) centralized monitoring and control
    b) something related to lower cost
    x) something about control on-premise and on the CLOUD

    I have no idea what i would pick here? Does someone know better?
    And are there some new news, questions which later came to your mind? Ill be glad to hear about it.

  37. Anonymous
    February 6th, 2020

    Hi everybody,

    Im passed today the exam with 927 score. A new question were added but anton file is enought to pass the exams.

    Thx @anton @Bolo, great contribution.

  38. Polo
    February 6th, 2020

    @Anonymous
    Do u mby know what questions are new?

  39. WannaBeASecurityGuy
    February 6th, 2020

    Hey All, hoping to take the test on either 21st or 23rd before it expires.

    I went through about 8 pages of comments but I didn’t have any luck finding the dumps. Does anyone know what page they’re on?

    Is it worth it to go through all of NetAcad thoroughly or should I pick up the basics and keep working through labs/sims/dumps?

  40. dredv
    February 6th, 2020

    @WannaBeASecurityGuy:
    check first that the testcenter has a free timeslot

  41. WannaBeASecurityGuy
    February 6th, 2020

    Disregard!

    I completely overlooked it and found the link after going through the pages again.

    Would still appreciate advice on best approach to studying. Usually I study strictly off of dumps and dive deeper into concepts I get wrong on the dumps. But would like to know if anyone used the Net Acad course and if they found it very useful

  42. WannaBeASecurityGuy
    February 6th, 2020

    @dredv

    Yeah I need to confirm a testing time is still available. I’m not toooooo worried because I’m sure at least one testing site in the city has an availability sometime the week of the 23rd but I need to finish my NetAcad course so I can get a discounted voucher

  43. Moha
    February 6th, 2020

    Here are the Qs that said to be new they are not complete yet,
    *** if you know the exact question/ or the exact answers please share
    1*ASDM Steps to configure NAT in the ASA.
    I answered: Configuration > Firewall > NAT > Add Rule
    —————————————————————————-
    2*Benefits of using Cisco UCS.
    *Question about UCS server, it characteristic
    UCS Advantages (2 options among 5) – http s:// www. Cisco .com /c/dam/en/us/products/collateral/servers-unified-computing/ucs-solution-overview .pdf
    a) centralized monitoring and control
    b) something related to lower cost
    x) something about control on-premise and on the CLOUD

    what I can get from the document
    Industry leading BW
    Consistent and low latency
    lower infrastructure cost
    Rack server deployment flexibility
    regarding the part with cloud don’t know exactly how Cisco Intersight work
    ———————————————————————
    3*Isakmp SA status when VPN tunnels is formed: QM_IDLE
    regarding how you would set up an ike tunnel for cisco ios
    isakmp_qm_ready
    isakmp_idle
    isakmp_qm_idle
    Ans: QM_Idle for phase 1 active on ios
    AM_Active/MM_Active for ASA
    —————————————————————————-
    4* Features of MDM.
    *which are MDM two functions in BYOD.
    *Question about MDM features(read de chapter on 31 days before…. everything is there in one page)
    a) something about using ISE that made sense for me…
    b) Wipe data remotely
    c, d)… can’t recall

    MDM features
    PIN enforcement
    strong password enforcement
    jailbreak/root detection
    data encryption
    remote data wipe
    DLP
    secure application tunnels
    ———————————————————————-
    5*A Question about BYOD w/ Cisco ISE
    *Question about ISE
    *which are MDM two functions in BYOD.
    ————————————————
    6* in which solution APM is working:
    A. ESA
    B. ASA
    C. AnyConect
    ———————————————
    7* Where is file reputation in cisco amp being executed
    a – perimeter
    b – endpoint
    C – ESA
    d – cloud

    Ans: cloud using thread grid for unknown files/ for known files there should be a score for file reputation.
    —————————————————–
    8*+ how does an Antimalware installed on an endpoint check for a malicious file
    a– file reputation
    b– signature checking
    c-context
    d– sandboxing

    answer according to Bolo should be signature based as this is would be normal antimalware
    ————————————————————-
    9* Difference bet radius and TACACS. The choices were diff from Anton I just chose the best answer for me.
    —————————————————-
    10* there were out of this world question regarding IPS that i can’t remember coz i got rattled
    ———————————————————-
    11* what is the effect of the given configuration? >>> Anton’s file v1.3 Q30
    Device #tunnel group 192.x.x.x ipsec-attributes
    Device# pre-shared-key cisco654
    c) It establishes the preshared key for the firewall
    —————————————————–
    12 Something like what method to use to avoid MITM attacks:
    Ans: authentication
    —————————————————————————–
    13 Something like what resources can we use in a S2S VPN (2 options):
    a) TACACS….
    b) RADIUS….

  44. Take Test Soon
    February 6th, 2020

    Can someone please provide me Anton file/pdf

    d n 7 8 2 1 3@ gmail.com

  45. Dredv
    February 6th, 2020

    Just scroll Update THIS Site Look for User gia

  46. Take Test Soon
    February 6th, 2020

    @Dredv Thank You !!!!!!!!!! :)

  47. securitas
    February 7th, 2020

    @Moha great job!
    @Sky, a) for sure. then I was unsure between b) or that option mentioning Cloud and on-premise. In the end I chose b). Can’t really recall what was the sentence

    Btw, drag n’ drop and lab were the same.

  48. CATS
    February 7th, 2020

    Passed today.

    And i would like to say Anton’s file IS STILL ENOUGH…
    Will you get a perfect score, no. Will you comfortably pass, yes.

    As mentioned, some of the questions are new and some are worded different. For example the question about “Identifying safe traffic as suspicious “False positive”. Was the other way around so the answer was “False Negative”. Learn the new questions on this and previous page as they do come up.

    I actually had a brain fart on the last SIM question even though i had seen the answers on antons file. Went through them 1 by 1 and determined the answer as if i handnt seen the question before. So watch as your brain will sometimes remember the order of answers without you knowing, so this can throw u off when the order is different.

    Thanks to Anton, Bolo, CoachGreece, Yako etc for the great help. The exam retires in 2 weeks so i can’t see any further new questions being added. Good luck

  49. DropBy
    February 7th, 2020

    Just took and passed with 9XX today using reference of Anton’s file v1.3 and PassLeader pdf
    Thanks all for the contribution.

    1 SIM: Clientless VPN same as anton’s
    1 D&D: Port-security violation

    Adding more details into @Moha contributed new questions.

    ———————————————————————-
    5*A Question about which device can help in compliance check for BYOD Device
    A.Cisco ISE
    B.X
    C.X
    D.X
    ————————————————
    ————————————————————-
    9* Why is TACACS > RADIUS
    A. TACACS combine authorization and authentication
    B. TACACS decouple authorizatino and authentication
    C. TACACS encrypt password only in access-request packet
    D. TACACS encrypt the whole access-request packet
    —————————————————-
    13 Something like what resources can we use in a S2S VPN (2 options):
    A. TACACS….
    B. RADIUS….
    C. NTP
    D. Cisco AnyConnect
    —————————————————-
    14. A question about NTP. It shows the configuration of NTP including NTP trusted key and NTP authentication.
    Device(config)#ntp authentication-key 1 md5 sometexthere
    Device(config)#ntp authenticate
    Device(config)#ntp trusted-key 1
    Device(config)#ntp source GigabitEthernet0/0
    Device(config)#ntp server X.X.X.X
    You need to choose which of the following is correct based on the configuration shown.
    A. use MD5 hash
    B. configure to trusted NTP
    C.X
    D.
    —————————————————-

  50. DropBy
    February 7th, 2020

    —————————————————-
    15 IPS state when failed to identify an attack
    A. false positive
    B. false negative
    C. true positive
    D. true negative
    —————————————————-

  51. CATS
    February 7th, 2020

    @Dropby

    Yep..q13 was

    Q13. Which of the following resources are required for IPSEC Site 2 Site VPN.

  52. CATS
    February 7th, 2020

    Options where

    A. TACSAS+ (NOT TACACS)
    B. Radius
    C. NTP
    D.Cisco Anyconnect

  53. lazysummer7
    February 7th, 2020

    Anybody got any answers on this
    13 Something like what resources can we use in a S2S VPN (2 options):
    A. TACACS….
    B. RADIUS….
    C. NTP
    D. Cisco AnyConnect

  54. Polo
    February 7th, 2020

    Yeah, does someone know the answers to these?

  55. thura
    February 7th, 2020

    Hi all, I finished my exam today(7.2.20) with scores of 994.
    1 sim Clientless ssl
    1 DnD portsecurity
    And nearly all other questions are from (C0achGreece.Yako.PassLeader&more-ByAnton_v1.3.pdf)
    And there is like 10 or more new questions from various sections. But no worry at all Anton pdf is enoughed.
    Link below and delete space to download cheer up guys and thanks anton and everybody who contribute in this site.

    drive . google . com / open?id = 131HL9-QF-KyRJSTZZ-W4ufQNIvUdOx58

  56. Bolo
    February 7th, 2020

    First, grats to all the people who passed the exam and big thanks for coming back and giving feedback – ppl like me can only help here thanks to ppl like you.
    I cleaned up new questions a bit and provided some answers/explanations. It’s not much for now, but once we get more feedback, it will get better.

    Q1. ASDM Steps to configure NAT in the ASA.
    A. Configuration > Firewall > NAT Rules > Add
    B.
    C.
    D.
    ANSWER: A (this is how it looks in ASDM 7.5)

    —–

    Q2. Benefits/Advantages of using Cisco UCS (choose 2):
    A. centralized monitoring and control
    B. something related to lower cost
    C. something about control on-premise and on the CLOUD
    D.
    ANSWER: ??

    what I can get from the document
    Industry leading BW
    Consistent and low latency
    lower infrastructure cost
    Rack server deployment flexibility
    regarding the part with cloud don’t know exactly how Cisco Intersight work

    —–

    Q3. ISAKMP SA status when VPN tunnels is formed: QM_IDLE
    A. isakmp_qm_ready
    B. isakmp_idle
    C. isakmp_qm_idle
    D.
    ANSWER: QM_IDLE for IOS, AM_Active/MM_Active for ASA

    —–

    Q4. Features of MDM. Which are MDM two functions in BYOD. Question about MDM features(read de chapter on 31 days before…. everything is there in one page)
    A. something about using ISE that made sense for me…
    B. Wipe data remotely
    C.
    D.
    ANSWER: ?

    PIN enforcement
    strong password enforcement
    jailbreak/root detection
    data encryption
    remote data wipe
    DLP
    secure application tunnels

    —–

    Q5. A Question about BYOD w/ Cisco ISE. A Question about which device can help in compliance check for BYOD Device. Question about ISE *which are MDM two functions in BYOD.
    A.
    B.
    C.
    D.
    ANSWER: ?

    —–

    Q6. In which solution APM is working?
    A. ESA
    B. ASA
    C. AnyConnect
    D.
    ANSWER:

    —–

    Q7. Where is File Reputation in Cisco AMP being executed?
    A. Perimeter
    B. Endpoint
    C. ESA
    D. Cloud
    ANSWER: D

    —–

    Q8. How does an antimalware installed on an endpoint check for a malicious file?
    A. File Reputation
    B. Signature Checking
    C. Context
    D. Sandboxing
    ANSWER: B

    —–

    Q9. Difference between RADIUS and TACACS (choose 2)?
    A. TACACS combine authorization and authentication
    B. TACACS decouple authorization and authentication
    C. TACACS encrypts password only in access-request packet
    D. TACACS encrypts the whole access-request packet
    ANSWER: B+D

    —–

    Q10. there were out of this world question regarding IPS that i can’t remember coz i got rattled
    A.
    B.
    C.
    D.
    ANSWER: ?

    —–

    Q11. Something like what method to use to avoid MITM attacks:
    A. Authentication
    B.
    C.
    D.
    ANSWER: A?

    —–

    Q12. Which of the following resources are required for IPSEC Site 2 Site VPN (choose 2?)
    A. TACACS+
    B. Radius
    C. NTP
    D. Cisco AnyConnect
    ANSWER: C+D?

    NTP is recommended (and sometimes required). If it’s 2 answers, then AnyConnect license is needed too, but since the question is incomplete (answer D doesn’t say license), it’s hard to say.

    —–

    Q13. A question about NTP. You need to choose which of the following is correct based on the configuration shown:

    Device(config)#ntp authentication-key 1 md5 sometexthere
    Device(config)#ntp authenticate
    Device(config)#ntp trusted-key 1
    Device(config)#ntp source GigabitEthernet0/0
    Device(config)#ntp server X.X.X.X

    A. Use MD5 hash
    B. Configure to trusted NTP
    C.
    D.
    ANSWER: ?

    Here’s what commands do:
    ntp authentication-key 1 md5 sometexthere < define authentication key number 1, using MD5 hash
    ntp authenticate < enable authentication
    ntp trusted-key 1 < key number that NTP has to provide to be trusted
    ntp source GigabitEthernet0/0 < interface that will receive NTP packets
    ntp server X.X.X.X < NTP server IP from which packets will come

    —–

    Q14. IPS state when failed to identify an attack?
    A. False positive
    B. False negative
    C. True positive
    D. True negative

    ANSWER: B

  57. Dredv
    February 7th, 2020

    Cu in 350-701 SCOR

  58. R A
    February 7th, 2020

    Can someone provide me Anton file/pdf please? Email: {email not allowed}

  59. R A
    February 7th, 2020

    Can someone provide me Anton file/pdf please? anjanaranasinge @ gmail.com

  60. dredv
    February 7th, 2020

    @R A
    Just scroll Up here in THIS Site … Look for User gia

  61. udontknowme
    February 7th, 2020

    one more new never seen question
    old brain has only fragments of the question

    refer exhibit
    ———————–
    ip http server
    ip http secure-port 8080
    ———————–
    a enables secure http server on port 8080
    b
    c
    d
    one of 4 choices
    indeed for a to be the right answer it should be
    “ip http secure-server”

  62. Anonymous
    February 7th, 2020

    Q13. A question about NTP. You need to choose which of the following is correct based on the configuration shown:

    Device(config)#ntp authentication-key 1 md5 sometexthere
    Device(config)#ntp authenticate
    Device(config)#ntp trusted-key 1
    Device(config)#ntp source GigabitEthernet0/0
    Device(config)#ntp server X.X.X.X

    A. Use MD5 hash
    B. Configure to trusted NTP
    C.
    D.
    ANSWER: ?,,,,

  63. Arslan
    February 7th, 2020

    Which actions can a promiscuous IPS take to mitigate an attack? (Choose three.)
    A. Modifying packets
    B. Requesting connection blocking
    C. Denying packets
    D. Resetting the TCP connection
    E. Requesting host blocking F. Denying frames

    Can anyone confirm if this question has been recently seen in the exam?

  64. Bolo
    February 7th, 2020

    @Arslan
    Anton’s file and new questions posted here is all you need, and all that appears on the exam.

  65. Arslan
    February 7th, 2020

    @ Bolo

    Thanks for confirming.

  66. Dredv
    February 7th, 2020

    @Arslan
    Promiscious IPS means its an IDS, so ist can only request Connection blocking and request Host blocking. Due to fact that ist is Not inline ist cannot handle Traffic by itself

  67. Arslan
    February 8th, 2020

    @Dredv

    Thanks for the explanation.

  68. Moha
    February 8th, 2020

    Anyone can add to these questions or complete them ?

    Q1. ASDM Steps to configure NAT in the ASA.
    A. Configuration > Firewall > NAT Rules > Add
    B.
    C.
    D.
    ANSWER: A (this is how it looks in ASDM 7.5)

    —–

    Q2. Benefits/Advantages of using Cisco UCS (choose 2):
    A. centralized monitoring and control
    B. something related to lower cost
    C. something about control on-premise and on the CLOUD
    D.
    ANSWER: ??

    what I can get from the document
    Industry leading BW
    Consistent and low latency
    lower infrastructure cost
    Rack server deployment flexibility
    regarding the part with cloud don’t know exactly how Cisco Intersight work

    —–

    Q3. ISAKMP SA status when VPN tunnels is formed: QM_IDLE
    A. isakmp_qm_ready
    B. isakmp_idle
    C. isakmp_qm_idle
    D.
    ANSWER: QM_IDLE for IOS, AM_Active/MM_Active for ASA

    —–

    Q4. Features of MDM. Which are MDM two functions in BYOD. Question about MDM features(read de chapter on 31 days before…. everything is there in one page)
    A. something about using ISE that made sense for me…
    B. Wipe data remotely
    C.
    D.
    ANSWER: ?

    PIN enforcement
    strong password enforcement
    jailbreak/root detection
    data encryption
    remote data wipe
    DLP
    secure application tunnels

    —–

    Q5. A Question about BYOD w/ Cisco ISE. A Question about which device can help in compliance check for BYOD Device. Question about ISE *which are MDM two functions in BYOD.
    A.
    B.
    C.
    D.
    ANSWER: ?

    —–

    Q6. In which solution APM is working?
    A. ESA
    B. ASA
    C. AnyConnect
    D.
    ANSWER:

    —–

    Q7. Where is File Reputation in Cisco AMP being executed?
    A. Perimeter
    B. Endpoint
    C. ESA
    D. Cloud
    ANSWER: D

    —–

    Q8. How does an antimalware installed on an endpoint check for a malicious file?
    A. File Reputation
    B. Signature Checking
    C. Context
    D. Sandboxing
    ANSWER: B

    —–

    Q9. Difference between RADIUS and TACACS (choose 2)?
    A. TACACS combine authorization and authentication
    B. TACACS decouple authorization and authentication
    C. TACACS encrypts password only in access-request packet
    D. TACACS encrypts the whole access-request packet
    ANSWER: B+D

    —–

    Q10. there were out of this world question regarding IPS that i can’t remember coz i got rattled
    A.
    B.
    C.
    D.
    ANSWER: ?

    —–

    Q11. Something like what method to use to avoid MITM attacks:
    A. Authentication
    B.
    C.
    D.
    ANSWER: A?

    —–

    Q12. Which of the following resources are required for IPSEC Site 2 Site VPN (choose 2?)
    A. TACACS+
    B. Radius
    C. NTP
    D. Cisco AnyConnect
    ANSWER: C+D?

    NTP is recommended (and sometimes required). If it’s 2 answers, then AnyConnect license is needed too, but since the question is incomplete (answer D doesn’t say license), it’s hard to say.

    —–

    Q13. A question about NTP. You need to choose which of the following is correct based on the configuration shown:

    Device(config)#ntp authentication-key 1 md5 sometexthere
    Device(config)#ntp authenticate
    Device(config)#ntp trusted-key 1
    Device(config)#ntp source GigabitEthernet0/0
    Device(config)#ntp server X.X.X.X

    A. Use MD5 hash
    B. Configure to trusted NTP
    C.
    D.
    ANSWER: ?

    Here’s what commands do:
    ntp authentication-key 1 md5 sometexthere < define authentication key number 1, using MD5 hash
    ntp authenticate < enable authentication
    ntp trusted-key 1 < key number that NTP has to provide to be trusted
    ntp source GigabitEthernet0/0 < interface that will receive NTP packets
    ntp server X.X.X.X < NTP server IP from which packets will come

    —–

    Q14. IPS state when failed to identify an attack?
    A. False positive
    B. False negative
    C. True positive
    D. True negative

    ANSWER: B

  69. CATS
    February 8th, 2020

    @Bolo

    As mentioned, i am 90% sure the question specified TACSAS+, not TACACS.

    As TACSAS+ is not a real thing it cannot be the answer. I got stuck and went for NTP (correct) and Radius (unsure), it could be Anyconnect.

    Q12. Which of the following resources are required for IPSEC Site 2 Site VPN (choose 2?)
    A. TACSAS+
    B. Radius
    C. NTP
    D. Cisco AnyConnect
    ANSWER: C+D?

  70. Bolo
    February 8th, 2020

    @CATS

    Ok, thought it was a typo ;) Anyway, from those 4 answers only NTP makes sense, but it is too much to say it’s required. You can set up S2S tunnel without NTP. In theoretical worst case, if using certificates and dates are very wrong, it wouldn’t be possible to set up a tunnel. But usually, no problem, at least initially. SA flapping, expiry dates etc. would become a problem later on, at some stage after setting it up.

  71. Moha
    February 8th, 2020

    anyone took the exam today or planning to take it soon ?

  72. Moha
    February 8th, 2020

    @Cats
    so the question mentioned exactly IPSec site to site, not point to site or IPSec VPN

  73. Krish
    February 8th, 2020

    Guys completed today. But completed the exam in 35 mins. Is there any issue. Got same as Anton’s file.few new questions

  74. Arslan
    February 8th, 2020

    Congrats Krish.

    How many questions were out of Anton’s file. Thanks

  75. Moha
    February 8th, 2020

    @Krish

    can you complete/correct the questions posted by me or Bolo above and if you can remember what was your answers on them ? that would be much appreciated.

  76. Moha
    February 8th, 2020

    @ Krish
    Sorry thought i said congrats

  77. Zfk
    February 8th, 2020

    @CATS is not that question unfortunately
    @Moha no, I just used original one
    @dredv I’m working with ESA on work and from all solutions it was a best choose for me for my understanding.

  78. Moha
    February 8th, 2020

    @ZFK can you complete the questions posted by me or Bolo with the answers you choose in the exam if you can remember any would be great

  79. Fortypopper
    February 8th, 2020

    I test on 20 Feb. Hopefully, Anton’s PDF is still enough to pass.

  80. Moha
    February 8th, 2020

    @Fortypopper i recommend that you keepfollowing the updates here as there are some new Qs added above posted by me and Bolo but still we don’t know there answers or the exact choices in the exam but people say that Anton’s file is enough.

  81. DumpsSure.com
    February 8th, 2020
  82. JNubia
    February 8th, 2020

    Passed today. Anton’s file is the TRUTH!

    New Question

    What is needed to create a site to site (S2S) VPN between two Cisco IOS devices:

    A. Cisco AnyConnect
    B. NTP
    C. TACSAS+
    D. RADIUS
    E. CA

    I chose B and D because they intentionally spell TACACS+ wrong.

  83. JNubia
    February 9th, 2020

    Let me elaborate..as I see it.

    A is wrong because the question about about site to site VPN’s. Cisco AnyConnect is for remote access…not site to site.

    C is wrong because it’s misspelled.

    E is wrong because you don’t need a CA for site to site. SSL VPN…sure, but not site to site.

  84. Bolo
    February 9th, 2020

    That S2S VPN question really has 2 answers?
    If it has two answers, the only 2 that make sense are NTP and CA. You need those two for S2S VPN using certificates.

  85. mb755
    February 9th, 2020

    @JNubia, did you use only Anton’s file for prepare?

  86. Moha
    February 9th, 2020

    @Bolo
    you need CA when doing S2S using RSA not preshared key

  87. Bolo
    February 9th, 2020

    The question doesn’t say how is S2S being set up. You need CA if you do it with certificates. Not for keys ofc.

    The way this question is posted here, it doesn’t have an answer at all. Nothing from that list is required to set up S2S VPN. NTP is recommended to avoid problems, but not required. CA is only required when using certificates. Other options make no sense, unless AnyConnect refers to the license, which doesn’t seem to be the case ‘cos noone reported anything about license being mentioned in AnyConnect answer.

  88. Moha
    February 9th, 2020

    @JNubia if you can complete more questions please do questions posted by me or Bolo thanks in advance

  89. Moha
    February 9th, 2020

    @Bolo anyconnect license is only needed when using anyconnect right? as far as i know you don’t need anyconnect license for s2s right? So for me i’m with NTP and CA

  90. Paulinho
    February 9th, 2020

    Regarding

    ———————–
    ip http server
    ip http secure-port 8080
    ———————–

    Im not sure but I think I read in any of the guides that this should activate https. With no need of “ip http secure-server”. What do you think, mates? Maybe I’m mixing with another feature, maybe the result of a show, but it was something like that. Even if it looked like only http, included https.

  91. Bolo
    February 9th, 2020

    @Moha
    They use AnyConnect as the name for different licenses (Plus, Apex, VPN-only etc.) – kinda confusing, but has (almost) nothing to do with AnyConnect client. Some features are only available with certain types of licenses, like 3rd party IKEv2 VPN clients require AnyConnectPlus license, clientless support is in AnyConnect Apex license etc.

    I think S2S VPNs are covered by base license that comes with hardware.

  92. Bolo
    February 9th, 2020

    @Paulinho
    ip http server < enables HTTP server
    To enable HTTPS use: ip http secure-server

    ip http secure-port 8080 < changes the default port 443 to 8080 for HTTPS
    To set port for HTTP use: ip http port

    So, you posted a mix of configuration commands for HTTP/HTTPS

  93. Moha
    February 9th, 2020

    @All please update if you can
    Updates on the questions

    1*ASDM Steps to configure NAT in the ASA.
    Answer: Configuration > Firewall > NAT > Add Rule
    —————————————————————————-
    2*Benefits of using Cisco UCS.
    *Question about UCS server, it characteristic
    *UCS Advantages (2 options among 5) – http s:// www. Cisco .com /c/dam/en/us/products/collateral/servers-unified-computing/ucs-solution-overview .pdf
    a) centralized monitoring and control
    b) something related to lower cost
    x) something about control on-premise and on the CLOUD
    What I can get from the document
    Industry leading BW
    Consistent and low latency
    lower infrastructure cost
    Rack server deployment flexibility
    cloud management ready
    ———————————————————————
    3*Isakmp SA status when VPN tunnels is formed: QM_IDLE
    regarding how you would set up an ike tunnel for cisco ios
    isakmp_qm_ready
    isakmp_idle
    isakmp_qm_idle
    Ans: QM_Idle for phase 1 active on ios
    AM_Active/MM_Active for ASA
    —————————————————————————-
    4* Features of MDM.
    *which are MDM two functions in BYOD.
    *Question about MDM features(read de chapter on 31 days before…. everything is there in one page)
    a) something about using ISE that made sense for me…
    b) Wipe data remotely
    c) N/A
    d) N/A
    MDM features
    PIN enforcement
    strong password enforcement
    jailbreak/root detection
    data encryption
    remote data wipe
    DLP
    secure application tunnels
    ———————————————————————-

    5*A Question about BYOD w/ Cisco ISE
    *Question about ISE
    5*A Question about which device can help in compliance check for BYOD Device
    A. Cisco ISE
    B. N/A
    C. N/A
    D. N/A
    ISE: While Cisco ISE provides critical policy functionality to enable the BYOD solution, it has limited awareness of device posture. For example, ISE has no awareness of whether a device has a PIN lock enforced or whether the device has been jailbroken or whether a device is encrypting data, etc. On the other hand, MDMs have such device posture awareness, but are quite limited as to network policy enforcement capacity.
    Source: https:// www .cisco . com /c/en/us/td/docs/solutions/Enterprise/Borderless_Networks/Unified_Access/BYOD_Design_Guide/BYOD_MDMs.html
    ————————————————
    6* in which solution AMP is working:
    A. ESA
    B. ASA
    C. AnyConect

    Some say it’s implemented on ESA but for ASA you have to buy a module ?
    For anyconnect it would be named AMP for endpoints I guess, so for ESA you need to turn it ON/ buy license.
    Reference: https: // www. cisco. com/c/en/us/solutions/collateral/enterprise-networks/advanced-malware-protection/solution-overview-c22-734228.html
    ———————————————
    7* Where is file reputation in cisco amp being executed
    a – perimeter
    b – endpoint
    C – ESA
    d – cloud
    Ans: cloud using thread grid for unknown files/ for known files there should be a score for file reputation.
    —————————————————–
    8* how does an Antimalware installed on an endpoint check for a malicious file
    a– file reputation
    b– signature checking
    c-context
    d– sandboxing
    Answer: B
    ————————————————————-
    9* Difference bet radius and TACACS. The choices were diff from Anton I just chose the best answer for me.
    9* Why is TACACS > RADIUS
    A. TACACS combine authorization and authentication
    B. TACACS decouple authorization and authentication
    C. TACACS encrypt password only in access-request packet
    D. TACACS encrypt the whole access-request packet
    Ans: B, D

    —————————————————-
    10* there were out of this world question regarding IPS that i can’t remember coz i got rattled
    ————————————————–
    11 Something like what method to use to avoid MITM attacks:
    Ans: authentication
    —————————————————————————–
    12 Something like what resources can we use in a S2S VPN (2 options):
    What is needed to create a site to site (S2S) VPN between two Cisco IOS devices:
    A. Cisco AnyConnect
    B. NTP
    C. TACSAS+
    D. RADIUS
    E. CA

    answer: B, E
    ———————————
    13. A question about NTP. It shows the configuration of NTP including NTP trusted key and NTP authentication.
    Device(config)#ntp authentication-key 1 md5 sometexthere
    Device(config)#ntp authenticate
    Device(config)#ntp trusted-key 1
    Device(config)#ntp source GigabitEthernet0/0
    Device(config)#ntp server X.X.X.X
    You need to choose which of the following is correct based on the configuration shown.
    A. use MD5 hash
    B. configure to trusted NTP
    C. N/A
    D. N/A
    answer: could be R1 is configured to a trusted NTP server, still not sure.
    —————————————-

    14 IPS state when failed to identify an attack
    A. false positive
    B. false negative
    C. true positive
    D. true negative

    Ans: B
    —————————————————
    Q15 till now I’ve heard of two versions with almost the same answers
    Version 1***** Refer the exhibit
    # ip http server
    #ip http secure-port 8080
    A. enables secure http server on port 8080
    B. standard https port
    One of 4 choices
    Indeed for a to be the right answer it should be “ip http secure-server”, if there is no command then it enables only http and set secure port for 8080

    Version 2***** refer the exhibit which port the https is configured given the commands:
    # ip http secure-server
    # ip http secure-port 8080
    these commands enables https on port 8080
    A. enables secure http server on port 8080
    B. standard https port

    version 2 answer: A

  94. Moha
    February 9th, 2020

    @Bolo
    Didn’t know we moved to new page sorry. so the answers that make sense somehow NTP and CA “certificate authority”

  95. Anonymous
    February 9th, 2020

    14 IPS state when failed to identify an attack
    A. false positive
    B. false negative
    C. true positive
    D. true negative

    Ans: B…

  96. Moha
    February 9th, 2020

    @Anonymous
    false negative is when the IPS fails to detect an attack
    false positive detecting normal traffic as an attack
    true positive detecting real attacks
    true negative normal traffic is not detected as an attack
    so in this case the answer is false negative

  97. Jan
    February 9th, 2020

    Hello,
    On the exam there is really only 1 SIM with SSL VPN? No LAB to configure ACLs/NAT and MPF to allow ICMP?
    Oh, and passing score is 860?
    Thanks.

  98. Moha
    February 9th, 2020

    @Jan
    the exam contains 1 sim for ASDM about asking about configuration on clientless VPN not to configure them
    and one drag and drop
    passing score is 860 yes

  99. Anonymous
    February 9th, 2020

    If the new CCNA is coming out in Feb and I already HAVE my CCNA and CCNP should I even bother to take this CCNA SECURITY 210-260 Test before February 24th? Is it worth taking at this point? Any options would be greatly appreciated. Thank you.

  100. Anonymous
    February 9th, 2020

    Any opinions sorry.


  101. Note: Please do not open any suspicious links (especially short links and links that need to remove some words to open) in the comment section above as they are usually spams and may harm your computer.
Comment pages
1 17 18 19 20 21 22 675
Add a Comment