Share your CCNA Security Experience

Passed with 96X,

Thank you so much Bolo and Anton, God bless you more for the great work you did.

Hi, can anyone please show me the link to Anton´s dumps for 210-260 exam? Thanks!

I just simply could not resist anymore: people, if you are unable to read some tens of pages of a forum, how the heck are you preparing a whole certificate?

Bolo, Anton and so many others, thanks so much. After reading the official guide, the 31 days, watching cbt nuggets (first time I dont like these guys) and pluralsight (great stuff there) and practicing with labs, just then you check this forum and keep preparing the exam, confirming this what you thought, getting answers to your doubts, debating…
But some of you cannot even read some pages of a forum… Really, shame on you. And some even order Bolo, Anton (or whoever) to do something. To prepare a doc for them, to transform it to vce (really??), to search for them instead of doing it by themselves… Again, giant shame on you.

I will take the exam soon after months learning and I wanted to thank all those who have created such community here. A learning community, with students, not with leeches. With people who wants to learn, not just to pass. So, Bolo and all the rest of people answering, adding, labbing… thanks.
Maybe we will meet in a next cert preparation? Do you have any plans, guys?

@Anton and @Bolo
Many thanks

Passed today 1000/1000
All questions from the below link.

Here’s the link to the lastest version of Anton’s file – remove spaces from it:
drive . google . com / open?id = 131HL9-QF-KyRJSTZZ-W4ufQNIvUdOx58

@travis
thank you for your answer

@Sabonis
Thank you.
For now I don’t have any Cisco certs plans myself.

@Marcus, where can i find the labs for study?, i’m prepare the exam to 23 feb

Hi all,

Mine CCNA r&s expire date on May… Is this good time to take CCNA security or Better to wait for new pattern exam after Feb 24th…. Pls help me on this….

hi guyz.
please help me figure out the correct answer in these questions. thanks!
Q1): Which two statements about hardware-based encryption are true? (Choose two)
A. It is potentially easier to compromise than software-based encryption.
B. It can be implemented without impacting performance.
C. It is widely accessible.
D. It is highly cost effective.
E. It requires minimal configuration.
Answer: is it B,E OR B,D

Q2): What are two major considerations when choosing between a SPAN and a TAP when implementing IPS? (Choose two)
A. the amount of bandwidth available
B. the way in which dropped packets will be handled
C. the type of analysis the IPS will perform
D. whether RX and TX signals will use separate ports
E. the way in which media errors will be handled
Answer: A, C or A,B OR A,D

Q3): How does the 802.1x supplicant communicate with the authentication server?
A. The supplicant creates EAP packets and sends them to the authenticator, which translates them into RADIUS and forwards them to the authentication server.
B. The supplicant creates EAP packets and sends them to the authenticator, which encapsulates them into RADIUS and forwards them to the authentication server.
C. The supplicant creates RADIUS packets and sends them to the authenticator, which translates them into EAP and forwards them to the authentication server.
D. The supplicant creates RADIUS packets and sends them to the authenticator, which encapsulates them into EAP and forwards them to the authentication server.
Answer: B OR A

Q4): Which three statements about host-based IPS are true? (Choose three)
A. It can view encrypted files
B. It can be deployed at the perimeter
C. It uses signature-based policies
D. It can have more restrictive policies than network-based IPS
E. It works with deployed firewalls
F. It can generate alerts based on behaviour at the desktop level.
Answer: A, D, F OR A,B,D

Q5): Which two statements about an IPS in tap mode are true? (Choose two.)
A. It requires an synchronous routing configuration for full traffic analysis.
B. The device forwards all traffic, regardless of its source or destination.
C. It directly analyses the actual packets as they pass through the system.
D. It can analyse events without impacting network efficiency.
E. It is unable to drop packets in the main flow.
Answer: D, E is this the correct choice?

Q6): How can you mitigate DCE/RPC evasion techniques while allowing access to the DCE/RPC service?
A. Update the IPS signature for HTTPS to validate DCE/RPC connections.
B. Block suspicious hosts from DCE/RPC port 593.
C. Tunnel DCE/RPC traffic through GRE.
D. Configure the DCE/RPC preprocessor.
Answer: D OR B?

Congratulations!

I passed my 210-260 exam with 960/1000 on 28/Jan/2020.

I study the PassLeader 210-260 questions bank, all the questions in the test is word by word as PassLeader file.

1 SIM: Connection less VPN, 4 questions as PassLeader, the same answers.
D&D : Drag and drop the each port-security violation.
1 new qustion: what is true about STP attack.

I mainly learned the PassLeader 210-260 dumps (552q NEW version), all questions are available in PassLeader.

Really helpful.

P.S.

Part of PassLeader 210-260 dumps are available here FYI:

drive.google.com/drive/folders/0B-ob6L_QjGLpM1dfWVNVZ3Z5dzg

(552q~~~NEW VERSION DUMPS Updated Recently!!!)

Good luck, all!

[copy that link and open it in your web browser]

What’s more:

Part of PassLeader 210-260 IINS new questions (FYI):

[Get the download link at the end of this post]

NEW QUESTION 546
Which statement about TACACS+ is true?

A. Passwords are transmitted between the client and server using MD5 hasing.
B. TACACS_ is flexible than RADIUS because it separates all AAA into individual processes.
C. TACACS_ is used for access to network resources more than administrator access to network devices.
D. TACACS_ server listens UDP port 1813 for accounting.
E. All data that is transmitted between the client and TACACS+ server is cleartext.

Answer: C

NEW QUESTION 547
Which effect of the secure boot-image command is true?

A. It configure the device to boot to the secure IOS image.
B. It archives a secure copy of the device configuration.
C. It archives a secure copy of the IOS image.
D. It displays the status of the bootset.

Answer: C

NEW QUESTION 548
Which two statements about an IPS in tap mode are true? (Choose two.)

A. It requires an synchronous routing configuration for full traffic analysis.
B. The device forwards all traffic, regardless of its source or destination.
C. It directly analyzes the actual packets as they pass through the system.
D. It can analyze events without impacting network efficiency.
E. It is unable to drop packets in the main flow.

Answer: BC

NEW QUESTION 549
How will a stateful firewall handle an inbound packet that it receives and cannot match in its state table?

A. Passes the traffic.
B. Drops the traffic.
C. Broadcasts the traffic.
D. Looks for an ACL, and acts based upon the ACL.

Answer: C

NEW QUESTION 550
Which 802.1x component enforces the network access policy?

A. authentication server
B. authenticator
C. RADIUS server
D. supplicant

Answer: A

NEW QUESTION 551
Drag and Drop
Drag and drop the each port-security violation mode from the left onto the corresponding action on the right.

Answer:

NEW QUESTION 552
……

Download more NEW PassLeader 210-260 dumps from Google Drive here:

drive.google.com/drive/folders/0B-ob6L_QjGLpM1dfWVNVZ3Z5dzg

(552q~~~NEW VERSION DUMPS Updated Recently!!!)

Good luck, all!

[copy that link and open it in your web browser]

Passed today, file still valid.

Hi @Bolo

How many simulation will be there in a exam? I saw only one sim in Antons file. Kindly suggest if only that sim is enough to practice in exam. Thank you very much for your all support as always

@Nick-2020
Only 1, the one form Anton’s file.

@sky
don’t be baffled! antons file is a compilation of the 4-5xx q dumps relevant q’s and thoroughly researched labed up to get the correct answers. Search back a few pages to see the efforts !

Hi Bolo

Mine CCNA r&s expire date on May… Is this good time to take CCNA security or Better to wait for new pattern exam after Feb 24th…. Pls help me on this….

I converted Anton’s PDF to VCE. I just did the first 67 questions then 24 questions. Hope this helps someone. Remove the spaces and replace the xxx with w’s,

https: //xxx.mediafire.com /file /sio76gdboegl0ne/67q.vce/file

https: //xxx.mediafire.com /file /gn4ct0sl1e3v94e/24q.vce/file

@Anton and @Bolo
Many thanks.

I Passed today 98x/1000
All questions from Anton’s file. Still Valid.
Total-67
sim1- ASA-ASDM
drag and drop- 2

Yesterday I pass with score 979 based on Anton file. THX Bro

@Anonymous
I’d do it before 23rd of February. If you wait, you will have to sit the new CCNA exam before your May date to recertify.

Today Passed

Thank you so much Bolo and Anton, God bless you….

@Bolo @Anton,

Do you mean only Anton’s file needs to review 67q and 24q? Thank you.

@Marcus,

Did you review only the Anton’s file? Thank you. I have an exam next week. I hope to pass using Anton’s PDF.

NEW QUESTION 546
Which statement about TACACS+ is true?

A. Passwords are transmitted between the client and server using MD5 hasing.
B. TACACS_ is flexible than RADIUS because it separates all AAA into individual processes.
C. TACACS_ is used for access to network resources more than administrator access to network devices.
D. TACACS_ server listens UDP port 1813 for accounting.
E. All data that is transmitted between the client and TACACS+ server is cleartext.

Answer: C

NEW QUESTION 547
Which effect of the secure boot-image command is true?

A. It configure the device to boot to the secure IOS image.
B. It archives a secure copy of the device configuration.
C. It archives a secure copy of the IOS image.
D. It displays the status of the bootset.

Answer: C

NEW QUESTION 548
Which two statements about an IPS in tap mode are true? (Choose two.)

A. It requires an synchronous routing configuration for full traffic analysis.
B. The device forwards all traffic, regardless of its source or destination.
C. It directly analyzes the actual packets as they pass through the system.
D. It can analyze events without impacting network efficiency.
E. It is unable to drop packets in the main flow.

Answer: BC

NEW QUESTION 549
How will a stateful firewall handle an inbound packet that it receives and cannot match in its state table?

A. Passes the traffic.
B. Drops the traffic.
C. Broadcasts the traffic.
D. Looks for an ACL, and acts based upon the ACL.

Answer: C

NEW QUESTION 550
Which 802.1x component enforces the network access policy?

A. authentication server
B. authenticawdtor
C. RADIUS server
D. supplicant

Answer: A

Q4): Which three statements about host-based IPS are true? (Choose three)
A. It can view encrypted files
B. It can be deployed at the perimeter
C. It uses signature-based policies
D. It can have mowdre restrictive policies than network-based IPS
E. It works with deployed firewalls
F. It can generate alerts based on behaviour at the desktop level.
Answer: A, D, F OR A,B,D

@Anonymous

Its A D F.

you wont be able to deploy Host based IPS at the perimeter as these types of IPS are installed on host machinesnas its name suggest.

I converted Anton’s PDF to VCE. I just did the first 67 questions then 24 questions. Hope this helps someone. Remove the spaces and replace the xxx with w’s,

https: //xxx.mediafire.com /file /sio76gdboegl0ne/67q.vce/file

https: //xxx.mediafire.com /file /gn4ct0sl1e3v94e/24q.vce/file

i schedule my exam for 4/2/2020 this forum is really help me for my study thanks

@Anonymous
Are you mentally disabled? Why are you posting the same questions in Antons PDF with the totally WRONG answers!

@Bolo @Travis
Thx for the response! You wouldnt know on which page the “older” questions are? I think ill look over them for my own interest.

Anton 100%

anyone took the exam today?

yes, 979. Like I said, Anton 100%

997*

cool! thanks @Anonymous!

@CiscoNerd,

Thanks for converting to the VCE format. Do you have an updated VCE player compatible with your converted VCE file? Thank you.

@Bolo @Anton,

Resend: Do you mean only Anton’s file needs to review 67q and 24q? Thank you.

@everyone
Anton’s file is the only resource needed to pass CCNA Security exam – as of now. We worked on questions for months, corrected everything by research, labbing and reading the tech docs. People are getting 1000pts scores on the exam using Anton’s file.

That’s it – get Anton’s file, learn it and go pass your exam.

@Sky
254

Hey guys, how many questions does Anton’s file have, just asking to make sure i have the correct file because i’m new here i’m sorry…

@EM

wasnt able to count but the last question should be a drag and drop that is regarding NIPS and HIPS

@Bolo,

Thank you so much!

Congratulations!

I passed my 210-260 exam with 960/1000 on 31/Jan/2020.

I study the PassLeader 210-260 questions bank, all the questions in the test is word by word as PassLeader file.

1 SIM: Connection less VPN, 4 questions as PassLeader, the same answers.
D&D : Drag and drop the each port-security violation.
1 new qustion: what is true about STP attack.

I mainly learned the PassLeader 210-260 dumps (552q NEW version), all questions are available in PassLeader.

Really helpful.

P.S.

Part of PassLeader 210-260 dumps are available here FYI:

drive.google.com/drive/folders/0B-ob6L_QjGLpM1dfWVNVZ3Z5dzg

(552q~~~NEW VERSION DUMPS Updated Recently!!!)

Good luck, all!

[copy that link and open it in your web browser]

And,

What’s more:

Part of PassLeader 210-260 IINS new questions (FYI):

[Get the download link at the end of this post]

NEW QUESTION 546
Which statement about TACACS+ is true?

A. Passwords are transmitted between the client and server using MD5 hasing.
B. TACACS_ is flexible than RADIUS because it separates all AAA into individual processes.
C. TACACS_ is used for access to network resources more than administrator access to network devices.
D. TACACS_ server listens UDP port 1813 for accounting.
E. All data that is transmitted between the client and TACACS+ server is cleartext.

Answer: C

NEW QUESTION 547
Which effect of the secure boot-image command is true?

A. It configure the device to boot to the secure IOS image.
B. It archives a secure copy of the device configuration.
C. It archives a secure copy of the IOS image.
D. It displays the status of the bootset.

Answer: C

NEW QUESTION 548
Which two statements about an IPS in tap mode are true? (Choose two.)

A. It requires an synchronous routing configuration for full traffic analysis.
B. The device forwards all traffic, regardless of its source or destination.
C. It directly analyzes the actual packets as they pass through the system.
D. It can analyze events without impacting network efficiency.
E. It is unable to drop packets in the main flow.

Answer: BC

NEW QUESTION 549
How will a stateful firewall handle an inbound packet that it receives and cannot match in its state table?

A. Passes the traffic.
B. Drops the traffic.
C. Broadcasts the traffic.
D. Looks for an ACL, and acts based upon the ACL.

Answer: C

NEW QUESTION 550
Which 802.1x component enforces the network access policy?

A. authentication server
B. authenticator
C. RADIUS server
D. supplicant

Answer: A

NEW QUESTION 551
Drag and Drop
Drag and drop the each port-security violation mode from the left onto the corresponding action on the right.

Answer:

NEW QUESTION 552
……

Download more NEW PassLeader 210-260 dumps from Google Drive here:

drive.google.com/drive/folders/0B-ob6L_QjGLpM1dfWVNVZ3Z5dzg

(552q~~~NEW VERSION DUMPS Updated Recently!!!)

Good luck, all!

[copy that link and open it in your web browser]

@ Alderson below is the VCE software that I used. Its the 3rd link, just remove the spaces.

I converted Anton’s PDF to VCE. I just did the first 67 questions then 24 questions. Hope this helps someone. Remove the spaces and replace the xxx with w’s,

https: //xxx.mediafire.com /file /sio76gdboegl0ne/67q.vce/file

https: //xxx.mediafire.com /file /gn4ct0sl1e3v94e/24q.vce/file

https: //xxx..mediafire.com/file / es1ken5n13mv6fr/Avanset_VCE_Exam_Simulator_Pro_1.1.6_+_Crack_-_Windows_Only.zip/file

NEW QUESTION 546
Which statement about TACACS+ is true?

A. Passwords are transmitted between the client and server using MD5 hasing.
B. TACACS_ is flexible than RADIUS because it separates all AAA into individual processes.
C. TACACS_ is used for access to network resources more than administrator access to network devices.
D. TACACS_ server listens UDP port 1813 for accounting.
E. All data that is transmitted between the client and TACACS+ server is cleartext.

Answer: C

NEW QUESTION 547
Which effect of the secure boot-image command is true?

A. It configure the device to boot to the secure IOS image.
B. It archives a secure copy of the device configuration.
C. It archives a secure copy of the IOS image.
D. It displays the status of the bootset.

Answer: C

NEW QUESTION 548
Which two statements about an IPS in tap mode are true? (Choose two.)

A. It requires an synchronous routing configuration for full traffic analysis.
B. The device forwards all traffic, regardless of its source or destination.
C. It directlyre analyzes the actual packets as they pass through the system.
D. It can analyze events without impacting network efficiency.
E. It is unable to drop packets in the main flow.

Answer: BC

NEW QUESTION 549
How will a stateful firewall handle an inbound packet that it receives and cannot match in its state table?

A. Passes the traffic.
B. Drops the traffic.
C. Broadcasts the traffic.
D. Looks for an ACL, and acts based upon the ACL.

Answer: C

NEW QUESTION 550
Which 802.1x component enforces the network access policy?

A. authentication server
B. authenticator
C. RADIUS server
D. supplicant

Answer: A

Passed

1 SIM: Connection less VPN, 4 questions
D&D : Drag and drop the each port-security violation.
1 new qustion: what is true about STP attack.

Copy link and paste in your browser
redirect.is/rdfbrg

NEW QUESTION 548
Which two statements about an IPS in tap mode are true? (Choose two.)

A. It requires an synchronous routing configuration for full traffic analysis.
B. The device forwards all traffic, regardluess of its source or destination.
C. It directlyre analyzes the actual packets as they pass through the system.
D. It can analyze events without impacting network efficiency.
E. It is unable to drop packets in the main flow.

Answer: BC….

I just passed today. I encountered around 10 questions not inside Anton’s file

I can only remember a question regarding Cisco UCS, the question is something like, what is the benefit of using Cisco UCS. can’t really remember, sorry to all

question to Bruno

first, congratulations,

second, are the 10 new other questions difficult !! me i will pass tomorrow

thanks

@Bruno
Grats. If you recall anything more, post here please.

UCS is server hardware from Cisco and questions about it are from CCNA Datacenter – not sure why would it appear on CCNA Security exam. For example, from CCNA DC exam:
What is a key benefit of using Cisco UCS C-Series servers instead of Cisco UCS B-Series servers?

@Bolo

what is the exact answer for below question because someone said its B and someone said its C

Which statement about TACACS+ is true?

A. Passwords are transmitted between the client and server using MD5 hasing.
B. TACACS_ is flexible than RADIUS because it separates all AAA into individual processes.
C. TACACS_ is used for access to network resources more than administrator access to network devices.
D. TACACS_ server listens UDP port 1813 for accounting.
E. All data that is transmitted between the client and TACACS+ server is cleartext.

Answer: C

@Bolo and @ Anton

Im really sorry for the stupid question but your answer would help me a lot for my exam which is tomorrow. Do we need to click on every steps on the simulation or just answering the question is enough? Im just worried for the exam because the simulation is so confusing. Thank you and sorry for my stupid question. Thank you

@Bolo

which one is connection less VPN simulation? I couldnt find. Please help me

@David: You just want to do the exam by heart. Shame on you. You cannot even try to understand one single simple aspect of ASA you were warned about…
@Adam: You even didn’t try.

@David-255
You have to answer questions. I am not sure if the exam engine actually checks if you visited correct parts of the user interface to check configuration for the answer.

@Adam
The one in Anton’s file. It’s “clientless” BTW.

@nick-2020
Nothing changed since yesterday, the answer is in Anton’s file. Two times even.

Hello all,

I´m studiying the exam and I have a question. For the drag and drop about security violations.

Which one sends an SNMP trap and wich one does not notifies?

Restrict? Protect?

@Damian
Restrict send notification
protect doesn’t send notification

Did anyone have any idea about the new questions ? topics could help

@Moha thanks a bunch for your quick answer!!!

@Moha
The person who mentioned new questions only said something about UCS, which is more Datacenter than Security question. So we’ll have to wait to see if there really are any new questions.

Guys, I’ve just passed my exam and @Bruno is absolutely right. I think there were 15 new questions and some of the questions on Anton’s files were changed\twisted so be very careful. Read the questions carefully before answering them. Some of the topics where the question changed were with TACACS+, IPS and Site 2 Site VPN.

You can still pass the exams using Anton’s files cos I still managed to pass the exam and to my surprise, I scored 938.

It was also stated before starting the exam that some of the questions will not be scored as they were being used for testing purposes so I guess that also helped.

Good Luck.

Does anyone know how much mark is for drag and drop, ASDM SIM, MCQ.

@ Cisco
what about the simulation? is the simulation same as in Anton’s file or different than that?

@Cisco

I think you didnt see the latest version Anton’s file. I passed the exam today with 96x/1000. Everything was from his file. I really appreciate the hardwork of Bolo and Anton. Big thanks for them and others who helped us here in forum. God bless you all and good luck for those who are preparing for their exam

@Peter
The simulation was the same as it was in Anton’s file and the DnD was about Port Security, which is also in the file. Good Luck!

@Cisco
Thank you very much for your quick reply. It will help me a lot to prepare for my exam which is tomorrow. I am bit nervous. I will share my result tomorrow evening. Wish me a luck.

@Leena

If that’s the case, then thanks for the update :)

There you go guys, pls make sure you get the updated version to Anton’s file. I’m sure you will find the link somewhere within the previous comments. Good Luck!

@Peter
Good luck!!

@Bolo @ Anton @ Cisco

Could you please answer me for below question?
Which two problems can arise when a proxy firewall serves as the gateway between networks?
(Choose two)
A. It can cause reduced throughput.
B. It is unable to prevent direct connections to other networks.
C. It can prevent content caching.
D. It is unable to provide antivirus protection.
E. It can ktrtf application support.(I dont know what does ktrtf means?)

for those who dont have VCE to practice exam. just remove the spaces and replace aaa with www
https: // aaa.examtopics. com/ exams /cisco/210-260/view/25/

What does ASA Transparent mode support?
A. It supports OSPF.
B. It supports the use dynamic NAT.
C. IP for each interface.
D. Requires a management IP address
correct answer is “D”

reference

https:/ / ipwithease . com / configuring- cisco- asa-i n- transparent- mode/

@Peter
Question is about what does transparent mode support (dynamic NAT is supported in transparent mode), not what is required by one of its features (bridge groups require IP address for BVI).

@Peter
About proxy firewall question – BCD are wrong. So AE? ktrtf can prolly mean ‘limit’ – that would make sense.

Hi guys,

A member of this forum did the exame today and shared with us what he recalled from new questions:

”
+ regarding how you would set up an ike tunnel for cisco ios
+ isakmp_qm_ready isakmp_idle isakmp_qm_idle
+ difference bet radius and tacacs. the choices were diff from anton i just chose the best answer for me.
+ there were out of this world question regarding IPS that i cant remember coz i got rattled
+ where is file reputation in cisco amp being executed
– perimeter
– endpoint
– esa
– cloud

+ how does an Antimalware installed on an endpoint check for a malicious file
– file reputation
– signature checking
-context
– sandboxing
”

Cheers

@Bolo

Thank you my friend for quick response. I really appreciate it.

@Bolo @Anton
Question 291
Which type of address translation should be used when cisco asa is in transparent mode?
A.static nat
B.dynamic nat
C.overload
D.dynamic pat

The answer is A on Anton’s file but im confused as asa on transparent mode supports dynamic nat right?

This Friday marks 2 weeks to the date that this site will be closed forever as the 210-260 exam retires!

Good Luck Everyone

@Bolo
thanks for your reply

@securitas
*-Qm_Idle is for ios isakmp for phase 1 up AM_Active/MM_Active for ASA
*- AMP checks file reputation on cloud-based intelligence network , but i don;t know if there is other ways/ better ways.
source: https://www.cisco.com/c/en/us/support/docs/security/email-security-appliance/210534-Configuring-static-File-Reputation-host.html
*anti malware monitor the behavior of a file or use sandbox to isolate suspicious files

passed my exam 210-260 and get 978

1 SIM: Connection less VPN
D&D : Drag and drop the each port-security violation

Copy link and paste in your browser
poweredbydialup.online/WV4VYT

Could you please answer me for below question?
Which two problems can arise when a proxy firewall serves as the gateway between networks?
(Choose two)
A. It can cause reduced throughput.
B. It is unable to prevent direct connections to other networks.
C. It can prevent content caching.
D. It is unable to provide antivirus protection.
E. It can ktrtf application support.(I dont know what does ktrtf means?)……

@Suppy
In what version of Anton’s file you found this question? In the last version (1.3) there isn’t!

passed yesterday with 944 , anton’s file still valid

@Suppy, Giu
Both static and dynamic NAT is supported in transparent mode. They serve different purposes, so the question saying “should be used” makes no sense. It is prolly incorrectly copied question, that appeared differently on the exam.
And if it’s not in Anton’s file, it means it does not appear anymore – so there’s no need to worry about it.

@Sabah
Grats, thanks for the info.

@all
Anyone took the exam today, can confirm or update the new questions.

I passed exam today 9xx/1000

I would like to thanks @Bolo @Anton for their true support and hard work. They have helped everyone for free. I got 67 questions and 50 of them are from Anton’s file and 17 are the new questions but I found new questions are not that difficult. I don’t remember new questions but I will try my best to remember and I promise to share everyone if I got any of them. I wish good luck to everyone who is preparing for the exam.

@Bolo @ Anton

Do you guys have latest dump for CCNP Route and CCNP Switch? Please help me if you have

@peter
so did you find any questions from the below or do they remind you of questions ?
regarding how you would set up an ike tunnel for cisco ios
+ isakmp_qm_ready isakmp_idle isakmp_qm_idle
+ difference bet radius and tacacs. the choices were diff from anton i just chose the best answer for me.
+ there were out of this world question regarding IPS that i cant remember coz i got rattled
+ where is file reputation in cisco amp being executed
– perimeter
– endpoint
– ESA
– cloud

+ how does an Antimalware installed on an endpoint check for a malicious file
– file reputation
– signature checking
– context
– sandboxing

Hi all,

I have CCNP R&S, i had decided to take CCNP Security cert a while ago therefore I intended to take CCNA Security exam. But you know cisco has changed the format.

At this point;

If I pass the CCNA security, will i have advantage for the new CCNP Security?
I have been studying for the CCNA security exam for two weeks, still should i take the exam?

What are your opinions, thanks in advance.

Regards…

morons from testcenter changing questions 2 Weeks before exam end…unbelievable.
@securitas, Peter, Sabah or who else did the test in last days…
@”+ regarding how you would set up an ike tunnel for cisco ios”

i found this old question in PL, was it in the exam like this?

Refer to the exhibit.
—————————–
| crypto ikev1 policy1
| encryption aes
| hash md5
| authentication pre-shared
| group 2
| lifetime 14400
—————————-
What is the effect of the given command sequence?
*A. It configures IKE Phase 1
B. It configures a site-to-site VPN Tunnel
C. It configures a crypto policy with a key size of 14400
D. It configures IPSec Phase 2

@”+ difference bet radius and tacacs. the choices were diff from anton i just chose the best answer for me.”
also here some old questions….
In which three ways does the TACACS protocol differ from RADIUS? (Choose three)
*A. TACACS uses TCP to communicate with the NAS
*B. TACACS can encrypt the entire packet that is sent to the NAS
C. TACACS authenticates and authorizes simultaneously, causing fewer packets to be transmitted
D. TACACS uses UDP to communicate with the NAS
E. TACACS encrypts only the password field in an authentication packet
*F. TACACS support per-command authorization

and this one
Which three ways does the RADIUS protocol differ from TACACS?? (Choose three)
*A. RADIUS authenticates and authorizes simultaneously. Causing fewer packets to be transmitted
*B. RADIUS encrypts only the password field in an authentication packets
C. RADIUS can encrypt the entire packet that is sent to the NAS
*D. RADIUS uses UDP to communicate with the NAS
E. RADIUS uses TCP to communicate with the NAS
F. RADIUS support per-command authentication

Guys,
i passed the exam this morning
score 93x/1000
the same simulation ASDM , and the same questions + the same responses
the same drag and drop from antone file
67 questions – 55 from Antone file , but i had 12 new questions, which are not in antone file , one of them about UCS some thing like that, for this reason i lost the 60 points, because of these 12 new questions, some of theme are difficult
good luck guys

@Moha

Yes the new questions are some how you mentioned as below
+ isakmp_qm_ready isakmp_idle isakmp_qm_idle
+ difference bet radius and tacacs. the choices were diff from anton i just chose the best answer for me.
+ there were out of this world question regarding IPS that i cant remember coz i got rattled
+ where is file reputation in cisco amp being executed
– perimeter
– endpoint
– ESA
– cloud

+ how does an Antimalware installed on an endpoint check for a malicious file
– file reputation
– signature checking
– context
– sandboxing

and one question about UCS. But I believe Anton’s file is enough to pass the exam

New Question

1) Where is File Reputation in Cisco AMP being executed?

A. Perimeter
B. Endpoint
C. ESA
D. Cloud

Answer: C maybe D

“File Reputation captures a fingerprint of each file as it traverses the ESA and sends it to AMP’s cloud-based intelligence network for a reputation verdict”

The verdict comes from the cloud but maybe the execution of this process happens on the ESA

New Question

1) how does an Antimalware installed on an endpoint check for a malicious file?

A. file reputation
B. Signature checking
C. Context
D. Sandboxing

Answer: B

@CATS
AMP is a solution for firepower and ESA and other clients so if ESA correct endpoints would be correct too ?

also for Anti malware AMP is advanced malware protection so it checks for file reputation and if it’s unknown the threat grid put the file in sandbox and rate it.
https:// www .youtube. com/ watch?v=ZDBMH7X4Dr4

Hi Guys,

Was anybody at the exam today? What were the new questions?

Thanks,
Dan

Hi guys,

One question regarding sims in ASDM. Do they require you to use wizards or configure stuff manually? Or you can pick the way? Thx in advance.

Regarding the following questions:

1.Where is file reputation in cisco amp being executed
a)perimeter
b)endpoint
c)esa
d)cloud

Ans:
As per Cisco official doc, “File reputation: AMP for Endpoints contains a comprehensive database of every file that has ever been seen and a corresponding good or bad disposition. As a result, known malware is quickly and easily quarantined at the point of entry without any processor-intensive scanning.”

So answer is b) endpoint.

2.How does an Antimalware installed on an endpoint check for a malicious file
a)file reputation
b)signature checking
c)context
d)sandboxing

Ans:
Again, from Cisco docs: “AMP for Endpoints will automatically identify executables that exist in low numbers across your endpoints and analyze those samples in our cloud-based sandbox to uncover new threats. Targeted malware or advanced persistent threats will often fly under the radar and start on only a few endpoints”.
The antivirus uses local database for signature checking as well.

So for me this question seems more like a semantics/interpretation thing. What do they mean by “check”? If it is to do an analysis on a selected type of file, or suspicious file, I’d say answer d) from Cisco doc. If they refer to the general detection mechanism, I’d say c) context.

Please let me know your thoughts. Thanks.

@securitas
File Reputation is executed in the cloud. Endpoints send files for analysis to the cloud-based service.

Most of anti-malware software installed on endpoints uses signature checking (or pattern-matching as they sometimes call it) and heuristic analysis.

Is SIM is same as Anton file right , no change in exam right? Can anyone confirm that.