Share your FIREWALL Experience
Cisco has made changes for the Security exams by replacing the old CCSP with the new CCNP Security Certification with 4 modules: Secure, Firewall, IPS and VPN. In fact, the old CCSP and the new CCNP Security are very similar. Many candidates have requested us to put up materials for these new exams but it is a time-consuming work. In the mean time, we created the “Share your experience” for the FIREWALL exam. We really hope anyone who read securitytut, 9tut, digitaltut, certprepare, networktut and voicetut contribute to these sections as your experience is invaluable for CCNP Security learners to complete their goals.
Please share with us your experience after taking the FIREWALL 642-617 exam, your materials, the way you learned, your recommendations…
@steak ok, thank you for your reply
this is the link on cisco site, i still believe that it is only ftp. maybe i didnt grasp it yet.
http://www.cisco.com/en/US/docs/security/asa/asa80/configuration/guide/mpc.html#wp1054769
read on examples 16-1 and 16-2 misconfiguration for ftp and http packets
This is the section you should read until it becomes clear to you
An example of a misconfiguration is if you configure multiple inspections in the same policy map and do not use the default-inspection-traffic shortcut. In Example 16-1, traffic destined to port 21 is mistakenly configured for both FTP and HTTP inspection. In Example 16-2, traffic destined to port 80 is mistakenly configured for both FTP and HTTP inspection. In both cases of misconfiguration examples, only the FTP inspection is applied, because FTP comes before HTTP in the order of inspections applied.
Example 16-1 Misconfiguration for FTP packets: HTTP Inspection Also Configured
class-map ftp
match port tcp 21
class-map http
match port tcp 21 [it should be 80]
policy-map test
class ftp
inspect ftp
class http
inspect http
Example 16-2 Misconfiguration for HTTP packets: FTP Inspection Also Configured
class-map ftp
match port tcp 80 [it should be 21]
class-map http
match port tcp 80
policy-map test
class http
inspect http
class ftp
inspect ftp
Passed with 893/1000. Only with chips105.vce dump. Max new 3 q. Later.
@croat Please share the new questions. I will be taking exam next week.
Sorry on late responce, i cant remember what exact questions but really use chips dumps and u will be ok. Low results was becouse i tried to be smart
Anyone could share CBT Nuggets ??
@Croat,
Please share the labs that have appeared to you.
Anyone can share the newest questions that may appear in the exam ??
Can any one share a working link to download CBT nuggets for 642-617. Please email at shivadayal@gmail.com.
Thanks in advance,
Shiva Dayal.