Category Archives: Cisco

Cisco

300-215 Conducting Forensic Analysis and Incident Response Using Cisco CyberOps Technologies (CBRFIR) Exam

300-215 Conducting Forensic Analysis and Incident Response Using Cisco CyberOps Technologies (CBRFIR) Exam

Duration: 90 minutes
Languages: English

Associated certifications:
Cisco Certified CyberOps Professional
Cisco Certified CyberOps Specialist – CyberOps Forensic Analysis and Incident Response

Exam overview
This exam tests your knowledge and skills related to cybersecurity forensic analysis and incident response, including:

Incident response process and playbooks
Advanced incident response
Threat intelligence
Digital forensics concepts
Evidence collection and analysis
Principles of reverse engineering

Exam preparation
Official Cisco training

Conducting Forensic Analysis and Incident Response Using Cisco Technologies for CyberOps (CBRFIR)

Examkingdom Cisco 300-215 Exam pdf,

MCTS Training, MCITP Trainnig

Best Cisco 300-215 Free downloads , Cisco 300-215 Dumps at Certkingdom.com

Exam Description:
Conducting Forensic Analysis and Incident Response Using Cisco Technologies for CyberOps v1.0 (CBRFIR 300-215) is a 90-minute exam that is associated with the Cisco CyberOps Professional Certification. This exam tests a candidate’s knowledge of forensic analysis and incident response fundamentals, techniques, and processes. The course Conducting Forensic Analysis and Incident Response Using Cisco Technologies for CyberOps helps candidates to prepare for this exam.
The following topics are general guidelines for the content likely to be included on the exam. However, other related topics may also appear on any specific delivery of the exam. To better reflect the contents of the exam and for clarity purposes, the guidelines below may change at any time without notice.

20% 1.0 Fundamentals
1.1 Analyze the components needed for a root cause analysis report
1.2 Describe the process of performing forensics analysis of infrastructure network devices
1.3 Describe antiforensic tactics, techniques, and procedures
1.4 Recognize encoding and obfuscation techniques (such as, base 64 and hex encoding)
1.5 Describe the use and characteristics of YARA rules (basics) for malware identification, classification, and documentation
1.6 Describe the role of:
1.6.a hex editors (HxD, Hiew, and Hexfiend) in DFIR investigations
1.6.b disassemblers and debuggers (such as, Ghidra, Radare, and Evans Debugger) to perform basic malware analysis
1.6.c deobfuscation tools (such as, XORBruteForces, xortool, and unpacker)
1.7 Describe the issues related to gathering evidence from virtualized environments (major cloud vendors)

20% 2.0 Forensics Techniques
2.1 Recognize the methods identified in the MITRE attack framework to perform fileless malware analysis
2.2 Determine the files needed and their location on the host
2.3 Evaluate output(s) to identify IOC on a host
2.3.a process analysis
2.3.b log analysis
2.4 Determine the type of code based on a provided snippet
2.5 Construct Python, PowerShell, and Bash scripts to parse and search logs or multiple data sources (such as, Cisco Umbrella, Sourcefire IPS, AMP for Endpoints, AMP for Network, and PX Grid)
2.6 Recognize purpose, use, and functionality of libraries and tools (such as, Volatility, Systernals, SIFT tools, and TCPdump)

30% 3.0 Incident Response Techniques
3.1 Interpret alert logs (such as, IDS/IPS and syslogs)
3.2 Determine data to correlate based on incident type (host-based and network-based activities)
3.3 Determine attack vectors or attack surface and recommend mitigation in a given scenario
3.4 Recommend actions based on post-incident analysis
3.5 Recommend mitigation techniques for evaluated alerts from firewalls, intrusion prevention systems (IPS), data analysis tools (such as, Cisco Umbrella Investigate, Cisco Stealthwatch, and Cisco SecureX), and other systems to responds to cyber incidents
3.6 Recommend a response to 0 day exploitations (vulnerability management)
3.7 Recommend a response based on intelligence artifacts
3.8 Recommend the Cisco security solution for detection and prevention, given a scenario
3.9 Interpret threat intelligence data to determine IOC and IOA (internal and external sources)
3.10 Evaluate artifacts from threat intelligence to determine the threat actor profile
3.11 Describe capabilities of Cisco security solutions related to threat intelligence (such as, Cisco Umbrella, Sourcefire IPS, AMP for Endpoints, and AMP for Network)

15% 4.0 Forensics Processes
4.1 Describe antiforensic techniques (such as, debugging, Geo location, and obfuscation)
4.2 Analyze logs from modern web applications and servers (Apache and NGINX)
4.3 Analyze network traffic associated with malicious activities using network monitoring tools (such as, NetFlow and display filtering in Wireshark)
4.4 Recommend next step(s) in the process of evaluating files based on distinguished characteristics of files in a given scenario
4.5 Interpret binaries using objdump and other CLI tools (such as, Linux, Python, and Bash)

15% 5.0 Incident Response Processes
5.1 Describe the goals of incident response
5.2 Evaluate elements required in an incident response playbook
5.3 Evaluate the relevant components from the ThreatGrid report
5.4 Recommend next step(s) in the process of evaluating files from endpoints and performing ad-hoc scans in a given scenario
5.5 Analyze threat intelligence provided in different formats (such as, STIX and TAXII)

QUESTION 1
A security team is discussing lessons learned and suggesting process changes after a security breach incident. During the incident, members of the security team failed to report the abnormal system activity due to
a high project workload. Additionally, when the incident was identified, the response took six hours due to management being unavailable to provide the approvals needed. Which two steps will prevent these issues
from occurring in the future? (Choose two.)

A. Introduce a priority rating for incident response workloads.
B. Provide phishing awareness training for the fill security team.
C. Conduct a risk audit of the incident response workflow.
D. Create an executive team delegation plan.
E. Automate security alert timeframes with escalation triggers.

Correct Answer: AE

QUESTION 2
An engineer is investigating a ticket from the accounting department in which a user discovered an unexpected application on their workstation. Several alerts are seen from the intrusion detection system of
unknown outgoing internet traffic from this workstation. The engineer also notices a degraded processing capability, which complicates the analysis process. Which two actions should the engineer take? (Choose two.)

A. Restore to a system recovery point.
B. Replace the faulty CPU.
C. Disconnect from the network.
D. Format the workstation drives.
E. Take an image of the workstation.

Correct Answer: AE

QUESTION 3
Refer to the exhibit. What should an engineer determine from this Wireshark capture of suspicious network traffic?

A. There are signs of SYN flood attack, and the engineer should increase the backlog and recycle the oldest half-open TCP connections.
B. There are signs of a malformed packet attack, and the engineer should limit the packet size and set a threshold of bytes as a countermeasure.
C. There are signs of a DNS attack, and the engineer should hide the BIND version and restrict zone transfers as a countermeasure.
D. There are signs of ARP spoofing, and the engineer should use Static ARP entries and IP address-to-MAC address mappings as a countermeasure.

Correct Answer: A

Cisco

350-201 CBRCOR Performing CyberOps Using Cisco Security Technologies Exam PDF

Duration: 120 minutes
Languages: English

Associated certifications:
Cisco Certified CyberOps Professional
Cisco Certified CyberOps Specialist – CyberOps Core

Exam overview
This exam tests your knowledge and skills related to core cybersecurity operations, including:
Fundamentals
Techniques
Processes
Automation

Exam preparation
Official Cisco training

Performing CyberOps Using Cisco Security Technologies (CBRCOR) CBRCOR study materials
350-201 CBRCOR Exam: Performing CyberOps Using Cisco Security Technologies v1.0

Exam Description
Performing CyberOps Using Cisco Security Technologies v1.0 (CBRCOR 350-201) is a 120-minute exam that is associated with the Cisco CyberOps Professional Certification. This exam tests a candidate’s knowledge of core cybersecurity operations including cybersecurity fundamentals, techniques, processes, and automation. The course Performing CyberOps Using Cisco Core Security Technologies helps candidates to prepare for this exam.

The following topics are general guidelines for the content likely to be included on the exam. However, other related topics may also appear on any specific delivery of the exam. To better reflect the contents of the exam and for clarity purposes, the guidelines below may change at any time without notice.

Exam Description:
Performing CyberOps Using Cisco Security Technologies v1.0 (CBRCOR 350-201) is a 120-minute exam that is associated with the Cisco CyberOps Professional Certification. This exam tests a candidate’s knowledge of core cybersecurity operations including cybersecurity fundamentals, techniques, processes, and automation. The course Performing CyberOps Using Cisco Security Technologies helps candidates to prepare for this exam.

The following topics are general guidelines for the content likely to be included on the exam. However, other related topics may also appear on any specific delivery of the exam. To better reflect the contents of the exam and for clarity purposes, the guidelines below may change at any time without notice.

Examkingdom Cisco 350-201 Exam pdf,

MCTS Training, MCITP Trainnig

Best Cisco 350-201 Free downloads , Cisco 350-201 Dumps at Certkingdom.com

20% 1.0 Fundamentals
1.1 Interpret the components within a playbook
1.2 Determine the tools needed based on a playbook scenario
1.3 Apply the playbook for a common scenario (for example, unauthorized elevation of privilege, DoS and DDoS, website defacement)
1.4 Infer the industry for various compliance standards (for example, PCI, FISMA, FedRAMP, SOC, SOX, PCI, GDPR, Data Privacy, and ISO 27101)
1.5 Describe the concepts and limitations of cyber risk insurance
1.6 Analyze elements of a risk analysis (combination asset, vulnerability, and threat)
1.7 Apply the incident response workflow
1.8 Describe characteristics and areas of improvement using common incident response metrics
1.9 Describe types of cloud environments (for example, IaaS platform)
1.10 Compare security operations considerations of cloud platforms (for example, IaaS, PaaS)

30% 2.0 Techniques
2.1 Recommend data analytic techniques to meet specific needs or answer specific questions
2.2 Describe the use of hardening machine images for deployment
2.3 Describe the process of evaluating the security posture of an asset
2.4 Evaluate the security controls of an environment, diagnose gaps, and recommend improvement
2.5 Determine resources for industry standards and recommendations for hardening of systems
2.6 Determine patching recommendations, given a scenario
2.7 Recommend services to disable, given a scenario
2.8 Apply segmentation to a network
2.9 Utilize network controls for network hardening
2.10 Determine SecDevOps recommendations (implications)
2.11 Describe use and concepts related to using a Threat Intelligence Platform (TIP) to automate intelligence
2.12 Apply threat intelligence using tools
2.13 Apply the concepts of data loss, data leakage, data in motion, data in use, and data at rest based on common standards
2.14 Describe the different mechanisms to detect and enforce data loss prevention techniques
2.14.a host-based
2.14.b network-based
2.14.c application-based
2.14.d cloud-based
2.15 Recommend tuning or adapting devices and software across rules, filters, and policies
2.16 Describe the concepts of security data management
2.17 Describe use and concepts of tools for security data analytics
2.18 Recommend workflow from the described issue through escalation and the automation needed for resolution
2.19 Apply dashboard data to communicate with technical, leadership, or executive stakeholders
2.20 Analyze anomalous user and entity behavior (UEBA)
2.21 Determine the next action based on user behavior alerts
2.22 Describe tools and their limitations for network analysis (for example, packet capture tools, traffic analysis tools, network log analysis tools)
2.23 Evaluate artifacts and streams in a packet capture file
2.24 Troubleshoot existing detection rules
2.25 Determine the tactics, techniques, and procedures (TTPs) from an attack

30% 3.0 Processes
3.1 Prioritize components in a threat model
3.2 Determine the steps to investigate the common types of cases
3.3 Apply the concepts and sequence of steps in the malware analysis process:
3.3.a Extract and identify samples for analysis (for example, from packet capture or packet analysis tools)
3.3.b Perform reverse engineering
3.3.c Perform dynamic malware analysis using a sandbox environment
3.3.d Identify the need for additional static malware analysis
3.3.e Perform static malware analysis
3.3.f Summarize and share results
3.4 Interpret the sequence of events during an attack based on analysis of traffic patterns
3.5 Determine the steps to investigate potential endpoint intrusion across a variety of platform types (for example, desktop, laptop, IoT, mobile devices)
3.6 Determine known Indicators of Compromise (IOCs) and Indicators of Attack (IOAs), given a scenario
3.7 Determine IOCs in a sandbox environment (includes generating complex indicators)
3.8 Determine the steps to investigate potential data loss from a variety of vectors of modality (for example, cloud, endpoint, server, databases, application), given a scenario
3.9 Recommend the general mitigation steps to address vulnerability issues
3.10 Recommend the next steps for vulnerability triage and risk analysis using industry scoring systems (for example, CVSS) and other techniques

20% 4.0 Automation
4.1 Compare concepts, platforms, and mechanisms of orchestration and automation
4.2 Interpret basic scripts (for example, Python)
4.3 Modify a provided script to automate a security operations task
4.4 Recognize common data formats (for example, JSON, HTML, CSV, XML)
4.5 Determine opportunities for automation and orchestration
4.6 Determine the constraints when consuming APIs (for example, rate limited, timeouts, and payload)
4.7 Explain the common HTTP response codes associated with REST APIs
4.8 Evaluate the parts of an HTTP response (response code, headers, body)
4.9 Interpret API authentication mechanisms: basic, custom token, and API keys
4.10 Utilize Bash commands (file management, directory navigation, and environmental variables)
4.11 Describe components of a CI/CD pipeline
4.12 Apply the principles of DevOps practices
4.13 Describe the principles of Infrastructure as Code

QUESTION 1
Refer to the exhibit. A threat actor behind a single computer exploited a cloud-based application by sending
multiple concurrent API requests. These requests made the application unresponsive. Which solution protects
the application from being overloaded and ensures more equitable application access across the end-user
community?

A. Limit the number of API calls that a single client is allowed to make
B. Add restrictions on the edge router on how often a single client can access the API
C. Reduce the amount of data that can be fetched from the total pool of active clients that call the API
D. Increase the application cache of the total pool of active clients that call the API

Correct Answer: A

QUESTION 2
DRAG DROP
An organization lost connectivity to critical servers, and users cannot access business applications and
internal websites. An engineer checks the network devices to investigate the outage and determines that all
devices are functioning. Drag and drop the steps from the left into the sequence on the right to continue
investigating this issue. Not all options are used.
Select and Place:

Correct Answer:

QUESTION 3
A threat actor attacked an organization’s Active Directory server from a remote location, and in a thirty-minute
timeframe, stole the password for the administrator account and attempted to access 3 company servers. The
threat actor successfully accessed the first server that contained sales data, but no files were downloaded. A
second server was also accessed that contained marketing information and 11 files were downloaded. When
the threat actor accessed the third server that contained corporate financial data, the session was
disconnected, and the administrator’s account was disabled. Which activity triggered the behavior analytics tool?

A. accessing the Active Directory server
B. accessing the server with financial data
C. accessing multiple servers
D. downloading more than 10 files
Correct Answer: C

QUESTION 4
The physical security department received a report that an unauthorized person followed an authorized
individual to enter a secured premise. The incident was documented and given to a security specialist to analyze.
Which step should be taken at this stage?

A. Determine the assets to which the attacker has access
B. Identify assets the attacker handled or acquired
C. Change access controls to high risk assets in the enterprise
D. Identify movement of the attacker in the enterprise

Correct Answer: D

Cisco

200-201 Understanding Cisco Cybersecurity Operations Fundamentals (CBROPS) Exam Dumps Free Downloads

200-201 Understanding Cisco Cybersecurity Operations Fundamentals (CBROPS) Exam
Duration: 120 minutes
Languages: English
Associated certification : Cisco Certified CyberOps Associate

Exam overview
This exam tests your knowledge and skills related to:
Security concepts
Security monitoring
Host-based analysis
Network intrusion analysis
Security policies and procedures

Exam preparation
Official Cisco training

Understanding Cisco Cybersecurity Operations Fundamentals (CBROPS)
CBROPS training videos
CBROPS study materials
Understanding Cisco Cybersecurity Operations Fundamentals v1.0 (200-201)

Exam Description:
The Understanding Cisco Cybersecurity Operations Fundamentals (CBROPS) exam (200-201) is a 120-minute assessment that is associated with the Cisco Certified CyberOps Associate certification. The CBROPS exam tests a candidate’s knowledge and skills related to security concepts, security monitoring, host-based analysis, network intrusion analysis, and security policies and procedures. The course, Understanding Cisco Cybersecurity Operations Fundamentals, helps candidates to prepare for this exam.

The following topics are general guidelines for the content likely to be included on the exam. However, other related topics may also appear on any specific delivery of the exam. To better reflect the contents of the exam and for clarity purposes, the guidelines below may change at any time without notice.

Examkingdom Cisco 200-201 Exam pdf,

MCTS Training, MCITP Trainnig

Best Cisco 200-201 Free downloads , Cisco 200-201 Dumps at Certkingdom.com

20% 1.0 Security Concepts
1.1 Describe the CIA triad
1.2 Compare security deployments
1.2.a Network, endpoint, and application security systems
1.2.b Agentless and agent-based protections
1.2.c Legacy antivirus and antimalware
1.2.d SIEM, SOAR, and log management
1.3 Describe security terms
1.3.a Threat intelligence (TI)
1.3.b Threat hunting
1.3.c Malware analysis
1.3.d Threat actor
1.3.e Run book automation (RBA)
1.3.f Reverse engineering
1.3.g Sliding window anomaly detection
1.3.h Principle of least privilege
1.3.i Zero trust
1.3.j Threat intelligence platform (TIP)
1.4 Compare security concepts
1.4.a Risk (risk scoring/risk weighting, risk reduction, risk assessment)
1.4.b Threat
1.4.c Vulnerability
1.4.d Exploit
1.5 Describe the principles of the defense-in-depth strategy
1.6 Compare access control models
1.6.a Discretionary access control
1.6.b Mandatory access control
1.6.c Nondiscretionary access control
1.6.d Authentication, authorization, accounting
1.6.e Rule-based access control
1.6.f Time-based access control
1.6.g Role-based access control
1.7 Describe terms as defined in CVSS
1.7.a Attack vector
1.7.b Attack complexity
1.7.c Privileges required
1.7.d User interaction
1.7.e Scope
1.8 Identify the challenges of data visibility (network, host, and cloud) in detection
1.9 Identify potential data loss from provided traffic profiles
1.10 Interpret the 5-tuple approach to isolate a compromised host in a grouped set of logs
1.11 Compare rule-based detection vs. behavioral and statistical detection

25% 2.0 Security Monitoring
2.1 Compare attack surface and vulnerability
2.2 Identify the types of data provided by these technologies
2.2.a TCP dump
2.2.b NetFlow
2.2.c Next-gen firewall
2.2.d Traditional stateful firewall
2.2.e Application visibility and control
2.2.f Web content filtering
2.2.g Email content filtering
2.3 Describe the impact of these technologies on data visibility
2.3.a Access control list
2.3.b NAT/PAT
2.3.c Tunneling
2.3.d TOR
2.3.e Encryption
2.3.f P2P
2.3.g Encapsulation
2.3.h Load balancing
2.4 Describe the uses of these data types in security monitoring
2.4.a Full packet capture
2.4.b Session data
2.4.c Transaction data
2.4.d Statistical data
2.4.e Metadata
2.4.f Alert data
2.5 Describe network attacks, such as protocol-based, denial of service, distributed denial of service, and man-in-the-middle
2.6 Describe web application attacks, such as SQL injection, command injections, and crosssite scripting
2.7 Describe social engineering attacks
2.8 Describe endpoint-based attacks, such as buffer overflows, command and control (C2), malware, and ransomware
2.9 Describe evasion and obfuscation techniques, such as tunneling, encryption, and proxies
2.10 Describe the impact of certificates on security (includes PKI, public/private crossing the network, asymmetric/symmetric)
2.11 Identify the certificate components in a given scenario
2.11.a Cipher-suite
2.11.b X.509 certificates
2.11.c Key exchange
2.11.d Protocol version
2.11.e PKCS

20% 3.0 Host-Based Analysis
3.1 Describe the functionality of these endpoint technologies in regard to security monitoring
3.1.a Host-based intrusion detection
3.1.b Antimalware and antivirus
3.1.c Host-based firewall
3.1.d Application-level allow listing/block listing
3.1.e Systems-based sandboxing (such as Chrome, Java, Adobe Reader)
3.2 Identify components of an operating system (such as Windows and Linux) in a given scenario
3.3 Describe the role of attribution in an investigation
3.3.a Assets
3.3.b Threat actor
3.3.c Indicators of compromise
3.3.d Indicators of attack
3.3.e Chain of custody
3.4 Identify type of evidence used based on provided logs
3.4.a Best evidence
3.4.b Corroborative evidence
3.4.c Indirect evidence
3.5 Compare tampered and untampered disk image
3.6 Interpret operating system, application, or command line logs to identify an event
3.7 Interpret the output report of a malware analysis tool (such as a detonation chamber or sandbox)
3.7.a Hashes
3.7.b URLs
3.7.c Systems, events, and networking

20% 4.0 Network Intrusion Analysis
4.1 Map the provided events to source technologies
4.1.a IDS/IPS
4.1.b Firewall
4.1.c Network application control
4.1.d Proxy logs
4.1.e Antivirus
4.1.f Transaction data (NetFlow)
4.2 Compare impact and no impact for these items
4.2.a False positive
4.2.b False negative
4.2.c True positive
4.2.d True negative
4.2.e Benign
4.3 Compare deep packet inspection with packet filtering and stateful firewall operation
4.4 Compare inline traffic interrogation and taps or traffic monitoring
4.5 Compare the characteristics of data obtained from taps or traffic monitoring and transactional data (NetFlow) in the analysis of network traffic
4.6 Extract files from a TCP stream when given a PCAP file and Wireshark
4.7 Identify key elements in an intrusion from a given PCAP file
4.7.a Source address
4.7.b Destination address
4.7.c Source port
4.7.d Destination port
4.7.e Protocols
4.7.f Payloads
4.8 Interpret the fields in protocol headers as related to intrusion analysis
4.8.a Ethernet frame
4.8.b IPv4
4.8.c IPv6
4.8.d TCP
4.8.e UDP
4.8.f ICMP
4.8.g DNS
4.8.h SMTP/POP3/IMAP
4.8.i HTTP/HTTPS/HTTP2
4.8.j ARP
4.9 Interpret common artifact elements from an event to identify an alert
4.9.a IP address (source / destination)
4.9.b Client and server port identity
4.9.c Process (file or registry)
4.9.d System (API calls)
4.9.e Hashes
4.9.f URI / URL
4.10 Interpret basic regular expressions

15% 5.0 Security Policies and Procedures
5.1 Describe management concepts
5.1.a Asset management
5.1.b Configuration management
5.1.c Mobile device management
5.1.d Patch management
5.1.e Vulnerability management
5.2 Describe the elements in an incident response plan as stated in NIST.SP800-61
5.3 Apply the incident handling process (such as NIST.SP800-61) to an event
5.4 Map elements to these steps of analysis based on the NIST.SP800-61
5.4.a Preparation
5.4.b Detection and analysis
5.4.c Containment, eradication, and recovery
5.4.d Post-incident analysis (lessons learned)
5.5 Map the organization stakeholders against the NIST IR categories (CMMC, NIST.SP800-61)
5.5.a Preparation
5.5.b Detection and analysis
5.5.c Containment, eradication, and recovery
5.5.d Post-incident analysis (lessons learned)
5.6 Describe concepts as documented in NIST.SP800-86
5.6.a Evidence collection order
5.6.b Data integrity
5.6.c Data preservation
5.6.d Volatile data collection
5.7 Identify these elements used for network profiling
5.7.a Total throughput
5.7.b Session duration
5.7.c Ports used
5.7.d Critical asset address space
5.8 Identify these elements used for server profiling
5.8.a Listening ports
5.8.b Logged in users/service accounts
5.8.c Running processes
5.8.d Running tasks
5.8.e Applications
5.9 Identify protected data in a network
5.9.a PII
5.9.b PSI
5.9.c PHI
5.9.d Intellectual property
5.10 Classify intrusion events into categories as defined by security models, such as Cyber Kill Chain Model and Diamond Model of Intrusion
5.11 Describe the relationship of SOC metrics to scope analysis (time to detect, time to contain, time to respond, time to control)

QUESTION 1
Which event is user interaction?

A. gaining root access
B. executing remote code
C. reading and writing file permission
D. opening a malicious file

Correct Answer: D

QUESTION 2
Which security principle requires more than one person is required to perform a critical task?

A. least privilege
B. need to know
C. separation of duties
D. due diligence

Correct Answer: C

QUESTION 3
How is attacking a vulnerability categorized?

A. action on objectives
B. delivery
C. exploitation
D. installation

Correct Answer: C

QUESTION 4
What is a benefit of agent-based protection when compared to agentless protection?

A. It lowers maintenance costs
B. It provides a centralized platform
C. It collects and detects all traffic locally
D. It manages numerous devices simultaneously

Correct Answer: B

Section: Security Concepts

QUESTION 5
Which principle is being followed when an analyst gathers information relevant to a security incident to determine the appropriate course of action?

A. decision making
B. rapid response
C. data mining
D. due diligence

Correct Answer: A

QUESTION 6
One of the objectives of information security is to protect the CIA of information and systems.
What does CIA mean in this context?

A. confidentiality, identity, and authorization
B. confidentiality, integrity, and authorization
C. confidentiality, identity, and availability
D. confidentiality, integrity, and availability

Correct Answer: D

QUESTION 7
What is rule-based detection when compared to statistical detection?

A. proof of a user’s identity
B. proof of a user’s action
C. likelihood of user’s action
D. falsification of a user’s identity

Correct Answer: B

Cisco

350-801 CLCOR Implementing Cisco Collaboration Core Technologies pass in one week

350-801 CLCOR Implementing Cisco Collaboration Core Technologies
Duration: 120 minutes
Languages: English
Associated certifications:
CCNP Collaboration
CCIE Collaboration
Cisco Certified Specialist – Collaboration

Exam overview
This exam tests your knowledge of implementing core collaboration technologies, including:
Infrastructure and design
Protocols, codecs, and endpoints
Cisco IOS XE gateway and media resources
Call Control
QoS
Collaboration applications

Exam preparation
Prepare for your certification exam with official Cisco training or study on your own with self-study resources found on the Cisco Learning Network.

Official Cisco training

Implementing Cisco Collaboration Core Technologies (CLCOR)
Self-study resources
CLCOR training videos
CLCOR study materials

Exam Description:
Implementing Cisco Collaboration Core Technologies v1.1 (CLCOR 350-801) is a 120-minute exam associated with the CCNP and CCIE Collaboration Certifications. This exam certifies acandidate’s knowledge of implementing core collaboration technologies including infrastructure anddesign, protocols, and endpoints, Cisco IOS XE gateway and media resources, Call Control, QoS, andcollaboration applications. The course, Implementing Cisco Collaboration Core Technologies, helpscandidates to prepare for this exam.

The following topics are general guidelines for the content likely to be included on the exam. However, other related topics may also appear on any specific delivery of the exam. To better reflect the contents of the exam and for clarity purposes, the guidelines below may change at any time without notice.

Examkingdom Cisco 350-801 Exam pdf,

MCTS Training, MCITP Trainnig

Best Cisco 350-801 Free downloads , Cisco 350-801 Dumps at Certkingdom.com

20% 1.0 Infrastructure and Design
1.1 Describe the Cisco on-premises, hybrid, and cloud collaboration solution design elements described in the SRND/PA
1.1.a Licensing (Smart, Flex)
1.1.b Sizing
1.1.c Bandwidth
1.1.d High availability
1.1.e Disaster recovery
1.1.f Dial plan
1.1.g Security (certificates, SRTP, TLS)
1.1.h QoS
1.2 Describe the purpose of Edge devices in the Cisco Collaboration architecture such as Expressway and Cisco Unified Border Element
1.3 Configure these network components to support Cisco Collaboration solutions
1.3.a DHCP
1.3.b NTP
1.3.c CDP
1.3.d LLDP
1.3.e LDAP
1.3.f TFTP
1.3.g Certificates
1.4 Troubleshoot these network components in a Cisco Collaboration solution
1.4.a DNS (A/AAA, SRV, Reverse Pointer Record (PTR))
1.4.b NTP
1.4.c LDAP integration on Cisco UCM
1.5 Explain these components to support Cisco Collaboration solutions
1.5.a SNMP
1.5.b DNS
1.5.c Directory Connector
1.6 Describe Webex Control Hub features

20% 2.0 Protocols, Codecs, and Endpoints
2.1 Troubleshoot these elements of a SIP conversation
2.1.a Call set up and tear down
2.1.b SDP
2.1.c DTMF
2.2 Identify the collaboration codecs for a given scenario
2.3 Deploy SIP endpoints
2.3.a Manual
2.3.b Self provisioning
2.3.c Bulk Administration Tool (BAT)
2.3.d Onboarding cloud devices
2.3.e Device onboarding via activation codes (MRA/on-premises)
2.4 Troubleshoot SIP endpoints
2.5 Describe SIP OAuth on Cisco UCM

15% 3.0 Cisco IOS XE Gateway and Media Resources
3.1 Configure voice gateway elements
3.1.a DTMF
3.1.b Voice translation rules and profiles
3.1.c Codec preference list
3.1.d Dial peers
3.2 Troubleshoot ISDN PRI/BRI
3.3 Identify the appropriate IOS XE media resources
3.4 Describe cloud calling hybrid local gateway

25% 4.0 Call Control
4.1 Describe the Cisco UCM digit analysis process
4.2 Implement toll fraud prevention on Cisco UCM
4.3 Configure globalized call routing in Cisco UCM
4.3.a Route patterns (traditional and +E.164)
4.3.b Translation patterns
4.3.c Standard local route group
4.3.d Transforms
4.3.e SIP route patterns
4.4 Describe Mobile and Remote Access (MRA)
4.5 Describe Webex Calling dial plan features
4.5.a Locations and numbers
4.5.b Outgoing and incoming permissions
4.5.c Transfer and forwarding restrictions

10% 5.0 QoS
5.1 Describe problems that can lead to poor voice and video quality
5.1.a Latency
5.1.b Jitter
5.1.c Packet loss
5.1.d Bandwidth
5.2 Describe the QoS requirements for voice and video
5.3 Describe the class models for providing QoS on a network
5.3.a 4/5 Class model
5.3.b 8 Class model
5.3.c QoS Baseline model (11 Class)
5.4 Describe the purpose and function of these DiffServ values as it pertains to collaboration
5.4.a EF
5.4.b AF41
5.4.c AF42
5.4.d CS3
5.4.e CS4
5.5 Describe QoS trust boundaries and their significance in LAN-based classification and marking
5.6 Describe and determine location-based CAC bandwidth requirements
5.7 Configure LLQ (class map, policy map, service policy)

10% 6.0 Collaboration Applications
6.1 Configure Cisco Unity Connection mailbox and MWI
6.2 Configure Cisco Unity Connection SIP integration options to call control
6.3 Describe Cisco Unity Connection call handlers
6.4 Deploy Webex App

QUESTION 1
Which two functionalities does Cisco Expressway provide in the Cisco Collaboration architecture? (Choose two.)

A. Survivable Remote Site Telephony functionality
B. customer interaction management services
C. secure firewall and NAT traversal for mobile or remote Cisco Jabber and TelePresence Video endpoints
D. MGCP gateway registration
E. Secure business-to-business communications

Correct Answer: CE

QUESTION 2
An engineer must extend the corporate phone system to mobile users connecting through the internet with their own devices. One requirement is to keep that as simple as possible for end users. Which infrastructure
element achieves these goals?

A. Cisco Express Mobility
B. Cisco Expressway-C and Expressway-E
C. Cisco Unified Border Element
D. Cisco Unified Instant Messaging and Presence

Correct Answer: C

QUESTION 3
A customer wants a video conference with five Cisco TelePresence IX5000 Series systems. Which media resource is necessary in the design to fully utilize the immersive functions?

A. Cisco PVDM4-128
B. software conference bridge on Cisco Unified Communications Manager
C. Cisco Webex Meetings Server
D. Cisco Meeting Server

Correct Answer: C

QUESTION 4
An engineer is designing a load balancing solution for two Cisco Unified Border Element routers. The first router (cube1.abс.com) takes 60% of the calls and the second router (cube2.abc.com) takes 40% of the calls.
Assume all DNS A records have been created. Which two SRV records are needed for a load balanced solution? (Choose two.)

A. _sip._udp.abc.com 60 IN SRV 2 60 5060 cube1.abc.com
B. _sip._udp.abc.com 60 IN SRV 60 1 5060 cube1.abc.com
C. _sip._udp.abc.com 60 IN SRV 1 40 5060 cube2.abc.com
D. _sip._udp.abc.com 60 IN SRV 3 60 5060 cube2.abc.com
E. _sip._udp.abc.com 60 IN SRV 1 60 5060 cube1.abc.com

Correct Answer: CE

QUESTION 5
Which two functions are provided by Cisco Expressway Series? (Choose two.)

A. interworking of SIP and H.323
B. endpoint registration
C. intercluster extension mobility
D. voice and video transcoding
E. voice and video conferencing

Correct Answer: AD

Cisco

Cisco 300-435 Automating and Programming Cisco Enterprise Solutions (ENAUTO 300-435) Exam

300-435 ENAUTO Automating and Programming Cisco Enterprise Solutions
Duration: 90 minutes
Languages: English and Japanese

Associated certifications:
CCNP Enteprise
Cisco Certified DevNet Professional
Cisco Certified DevNet Specialist – Enterprise Automation and Programmability
Exam overview
This exam tests your knowledge of implementing enterprise automated solutions including:
Programming concepts
Python programming
APIs
Controllers
Automation tools

Exam preparation
Official Cisco training

Implementing Automation for Cisco Enterprise Solutions (ENAUI)

Exam Description:
Automating and Programming Cisco Enterprise Solutions v1.0 (ENAUTO 300-435) is a 90-minute exam associated with the CCNP Enterprise Certification and DevNet Professional Certification. This exam tests a candidate’s knowledge of implementing Enterprise automated solutions, including programming concepts, Python programming, APIs, controllers and automation tools. The course, Implementing Cisco Enterprise Automation Solutions, helps candidates to prepare for this exam.

The following topics are general guidelines for the content likely to be included on the exam. However, other related topics may also appear on any specific delivery of the exam. To better reflect the contents of the exam and for clarity purposes, the guidelines below may change at any time without notice.

10% 1.0 Network Programmability Foundation
1.1 Utilize common version control operations with git (add, clone, push, commit, diff, branching, merging conflict)
1.2 Describe characteristics of API styles (REST and RPC)
1.3 Describe the challenges encountered and patterns used when consuming APIs synchronously and asynchronously
1.4 Interpret Python scripts containing data types, functions, classes, conditions, and looping
1.5 Describe the benefits of Python virtual environments
1.6 Explain the benefits of using network configuration tools such as Ansible and Puppet for automating IOS XE platforms

10% 2.0 Automate APIs and Protocols
2.1 Identify the JSON instance based on a YANG model
2.2 Identify the XML instance based on a YANG model
2.3 Interpret a YANG module tree generated per RFC8340
2.4 Compare functionality, benefits, and uses of OpenConfig, IETF, and native YANG models
2.5 Compare functionality, benefits, and uses of NETCONF and RESTCONF

20% 3.0 Network Device Programmability
3.1 Implement device management and monitoring using NetMiko
3.2 Construct a Python script using ncclient that uses NETCONF to manage and monitor an IOS XE device
3.3 Configure device using RESTCONF API utilizing Python requests library
3.4 Utilize Ansible to configure an IOS XE device
3.5 Configure a subscription for model driven telemetry on an IOS XE device (CLI, NETCONF, and RESTCONF)
3.6 Compare publication and subscription telemetry models
3.6.a Periodic / cadence
3.6.b On-change
3.7 Describe the benefits and usage of telemetry data in troubleshooting the network
3.8 Describe Day 0 provisioning methods
3.8.a iPXE
3.8.b PnP
3.8.c ZTP

Examkingdom Cisco 300-435 Exam pdf,

MCTS Training, MCITP Trainnig

Best Cisco 300-435 Free downloads , Cisco 300-435 Dumps at Certkingdom.com

20% 4.0 Cisco DNA Center
4.1 Compare traditional versus software-defined networks
4.2 Describe the features and capabilities of Cisco DNA Center
4.2.a Network assurance APIs
4.2.b Intent APIs
4.2.c Multivendor support (3rd party SDKs)
4.2.d Events and notifications
4.3 Implement Cisco DNA Center event outbound webhooks
4.4 Implement API requests for Cisco DNA Center to accomplish network management tasks
4.4.a Intent APIs
4.4.b Command Runner APIs
4.4.c Site APIs
4.5 Implement API requests for Cisco DNA Center to accomplish network management tasks using these APIs
4.5.a Network discovery and device APIs
4.5.b Template APIs (Apply a template)
4.6 Troubleshoot Cisco DNA Center automation process using Intent APIs

20% 5.0 Cisco SD-WAN
5.1 Describe features and capabilities of Cisco SD-WAN vManage Certificate Management APIs
5.2 Implement a Python script to perform API requests for Cisco SD-WAN vManage Device Inventory APIs to retrieve and display data
5.3 Construct API requests for Cisco SD-WAN vManage Administration APIs
5.4 Implement a Python script to perform API requests for Cisco SD-WAN vManage Configuration APIs to modify Cisco SD-WAN fabric configuration
5.5 Construct API requests for Cisco SD-WAN vManage Monitoring APIs (Including real-time)
5.6 Troubleshoot a Cisco SD-WAN deployment using vManage APIs

20% 6.0 Cisco Meraki
6.1 Describe features and capabilities of Cisco Meraki
6.1.a Location Scanning APIs
6.1.b MV Sense APIs
6.1.c External Captive Portal APIs
6.1.d WebHook Alert APIs
6.2 Create a network using Cisco Meraki APIs
6.3 Configure a network using Cisco Meraki APIs
6.4 Implement a Python script for Cisco Meraki Alert WebHooks

 

QUESTION 1
What are two characteristics of RPC API calls? (Choose two.)

A. They can be used only on network devices.
B. They use only UDP for communications.
C. Parameters can be passed to the calls.
D. They must use SSL/TLS.
E. They call a single function or service.

Answer: CE

QUESTION 2
Which two actions do Python virtual environments allow users to perform? (Choose two.)

A. Simplify the CI/CD pipeline when checking a project into a version control system, such as Git.
B. Efficiently port code between different languages, such as JavaScript and Python.
C. Run and simulate other operating systems within a development environment.
D. Quickly create any Python environment for testing and debugging purposes.
E. Quickly create an isolated Python environment with module dependencies.

Answer: DE

QUESTION 3
What are two benefits of leveraging Ansible for automation of Cisco IOS XE Software? (Choose two.)
A. Ansible playbooks are packaged and installed on IOS XE devices for automatic execution when an IOS device reboots.
B. All IOS XE operating systems include Ansible playbooks for basic system administration tasks.
C. It is a device-independent method for automation and can be used with any type of device or operating system.
D. Ansible playbooks can be written from the IOS XE EXEC command line to configure the device itself.
E. It does not require any modules of software except SSH to be loaded on the network device.

Answer: CE

QUESTION 4
Refer to the exhibit.
The task is to create a Python script to display an alert message when a Meraki MX Security
Appliance goes down. The exhibit shows sample data that is received. Which Python snippet displays
the device name and the time at which the switch went down?

A. Option A
B. Option B
C. Option C
D. Option D

Answer: C

QUESTION 5
Refer to the exhibit.
The goal is to write a Python script to automatically send a message to an external messaging
application when a rogue AP is detected on the network. The message should include the broadcast
SSID that is in the alert. A function called -oesend_to_application- is created, and this is the declaration: send_to_application(message)
The exhibit also shows the data that is received by the application and stored in the variable return_val. Which Python code completes the task?

A. Option A
B. Option B
C. Option C
D. Option D

Answer: D

QUESTION 6
Which two features are foundations of a software-defined network instead of a traditional network?
(Choose two.)

A. control plane and data plane are tightly coupled
B. build upon a robust software stack
C. requires device by device-level configurations
D. automated through expressed intent to a software controller
E. requires significant physical hardware resources

Answer: BD

QUESTION 7
A new project called -oedevice_status- must be stored in a central Git repository called -oedevice_status-
with the first file named -oedevice_status.py- . The Git repository is created using the account python_programmer. Which set of commands inserts the project into Git?

A. Option A
B. Option B
C. Option C
D. Option D
Explanation:

Cisco

700-821 IOTSE Cisco IoT Essentials for System Engineers

Exam overview
This exam tests a candidate’s knowledge of Cisco’s Industrial Ethernet Switching, Cisco’s Industrial Ethernet Switching Management Options, Cisco’s Industrial Wireless, Cisco Remote and Mobile Assets Hardware, and Cisco Remote and Mobile Assets Software.

Exam topics
The following topics are general guidelines for the content likely to be included on the exam. However, other related topics may also appear on any specific delivery of the exam. To better reflect the contents of the exam and for clarity purposes, the guidelines below may change at any time without notice.

Exam Description:
Cisco IoT Essentials for System Engineers v2.1 (IOTSE 700-821) is a 60-minute exam. This exam tests a candidate’s knowledge of Cisco Industrial Ethernet Switching, Cisco Industrial Wireless, Cisco Industrial Routing, and Cisco IoT Operations Dashboard. The course IoT Essentials Technical helps candidates to prepare for this exam.

The following topics are general guidelines for the content likely to be included on the exam. However, other related topics may also appear on any specific delivery of the exam. To better reflect the contents of the exam and for clarity purposes, the guidelines below may change at any time without notice.

Examkingdom Cisco 700-821 IOTSE Exam pdf,

MCTS Training, MCITP Trainnig

Best Cisco 700-821 IOTSE Free downloads , Cisco 700-821 IOTSE Dumps at

30% 1.0 Cisco Industrial Ethernet Switching
1.1 Describe the Industrial Switches Portfolio
1.2 Describe the capabilities of Industrial Switches
1.3 Explain the power supply options for Industrial Switch
1.4 Explain the management options for Industrial Switch

20% 2.0 Cisco Industrial Wireless
2.1 Describe the capabilities of IW6300
2.2 Describe the capabilities of IW9167
2.3 Describe Cisco Ultra-Reliable Wireless Backhaul Solution

25% 3.0 Cisco Industrial Routing
3.1 Describe the Industrial Routing and gateway portfolio
3.2 Explain the functionality of Industrial Routers and Gateways
3.3 Explain the SDWAN support on IR routers

25% 4.0 Cisco IoT Operations Dashboard
4.1 Describe the functionality and architecture of the IoT Operations Dashboard
4.2 Explain Edge Device Manager and how to deploy and manage routers and gateways with EDM
4.3 Describe the architecture of Secure Equipment Access

QUESTION 1
What information can be updated in the Master PM application for an associated Preventive Maintenance record (PM)?

A. Work Order Status
B. PM Forecast
C. Generate Work Orders
D. PM Hierarchy

Answer: B

The PM Forecast field on the Master PM record is used to specify how many days ahead you want to forecast work orders for associated PMs2. This field can be updated in the Master PM application and
affects how many work orders are generated from the associated PMs.

QUESTION 2
When creating a new Inspection form, a client requires a Work Order to be created if certain responses are recorded. Which two actions are required for this to be achieved?

A. Choose Work Order on question action.
B. Make the question response interactive.
C. In Form Settings add an Action Script.
D. In the Question Options, set the Require action flag.
E. Create an escalation on the QRESPONSE Object.

Answer: AD

Explanation:
According to the IBM documentation, you can create inspection forms that detail the questions and types of responses that you want to collect. The inspection forms that you create are then available
to inspectors in the Conduct an Inspection tool. You can also add conditions to the response fields of existing questions on inspection forms to gather more information. You can determine which
additional response fields appear to inspectors, depending on the answers they gave to inspection form questions.
To create a work order based on certain responses, you need to do two things:
Choose Work Order on question action: This option allows you to specify an action that is triggered when a certain response is selected by the inspector. For example, if a question asks -Is there any
damage?-?, and the inspector selects -Yes-?, you can choose Work Order as the action that is triggered by this response. This will create a work order for repairing the damage.
In the Question Options, set the Require action flag: This option allows you to indicate that an action is required for a question. For example, if a question asks -Is there any damage?-?, and you set the
Require action flag to Yes, then the inspector must select a response that triggers an action, such as Work Order or Notification. If they select a response that does not trigger an action, such as -No-? or
-N/A-?, they will see an error message and will not be able to submit the inspection form.

QUESTION 3
In which three applications can Asset Depreciation be configured?

A. Chart of Accounts
B. Tools
C. Asset Templates
D. Locations
E. Assets
F. Item Master

Answer: CDE

Explanation:
Asset Depreciation can be configured in three applications in IBM Maximo Manage v8.0 according to
IBM’s documentation. These applications are:
Asset Templates
Assets
Locations

QUESTION 4
How is the Lock Out / Tag Outs application structured?

A. Specify a Lock Out on an Asset with a Locking Device and define the Tag Out Operations.
B. Specify a Lock Out on the Location or Asset and define the Tag Out Operations.
C. Specify a Tag Out on the Location or Asset and define the Lock Out Operations.
D. Define the isolation procedures on a set of related assets and specify a sequence.

Answer: B

Explanation:
In IBM Maximo Manage v8.0 implementation, the Lock Out / Tag Out application is structured such
that you specify a Lock Out on the Location or Asset and define the Tag Out operations. This
application is used to manage the procedures and controls put in place to protect personnel from
injury due to unintended or inadvertent equipment or system operation.

Cisco

Cisco CCNP Enterprise 300-401 ENCOR Implementing and Operating Cisco Enterprise Network Core Technologies

Duration: 120 minutes
Languages: English and Japanese

Associated certifications
CCNP Enterprise
CCIE Enterprise Infrastructure
CCIE Enterprise Wireless
Cisco Certified Specialist – Enterprise Core

Exam overview
This exam tests your knowledge and skills related to implementing core enterprise network technologies, including:

Dual stack (IPv4 and IPv6) architecture
Virtualization
Infrastructure
Network assurance
Security
Automation

Exam preparation Official Cisco training
Implementing Cisco Enterprise Network Core Technologies (ENCOR)
ENCOR training videos
ENCOR study materials

Exam Description
To earn your CCNP Enterprise, CCIE Enterprise Infrastructure, or CCIE Enterprise Wireless certification, you must pass the 350-401 ENCOR exam. This exam tests your knowledge of:

Exam Description:
Implementing Cisco Enterprise Network Core Technologies v1.0 (ENCOR 350-401) is a 120-minute exam associated with the CCNP and CCIE Enterprise Certifications. This exam tests a candidate’s knowledge of implementing core enterprise network technologies including dual stack (IPv4 and IPv6) architecture, virtualization, infrastructure, network assurance, security and automation. The course, Implementing Cisco Enterprise Network Core Technologies, helps candidates to prepare for this exam.

The following topics are general guidelines for the content likely to be included on the exam. However, other related topics may also appear on any specific delivery of the exam. To better reflect the contents of the exam and for clarity purposes, the guidelines below may change at any time without notice.

Examkingdom Cisco CCNP Enterprise 300-401 Exam pdf,

MCTS Training, MCITP Trainnig

Best Cisco CCNP Enterprise 300-401 Free downloads , Cisco CCNP Enterprise 300-401 Dumps at Certkingdom.com

15% 1.0 Architecture
1.1 Explain the different design principles used in an enterprise network
1.1.a Enterprise network design such as Tier 2, Tier 3, and Fabric Capacity planning
1.1.b High availability techniques such as redundancy, FHRP, and SSO
1.2 Analyze design principles of a WLAN deployment
1.2.a Wireless deployment models (centralized, distributed, controller-less, controller based, cloud, remote branch)
1.2.b Location services in a WLAN design
1.3 Differentiate between on-premises and cloud infrastructure deployments
1.4 Explain the working principles of the Cisco SD-WAN solution
1.4.a SD-WAN control and data planes elements
1.4.b Traditional WAN and SD-WAN solutions
1.5 Explain the working principles of the Cisco SD-Access solution
1.5.a SD-Access control and data planes elements
1.5.b Traditional campus interoperating with SD-Access
1.6 Describe concepts of wired and wireless QoS
1.6.a QoS components
1.6.b QoS policy
1.7 Differentiate hardware and software switching mechanisms
1.7.a Process and CEF
1.7.b MAC address table and TCAM
1.7.c FIB vs. RIB

10% 2.0 Virtualization
2.1 Describe device virtualization technologies
2.1.a Hypervisor type 1 and 2
2.1.b Virtual machine
2.1.c Virtual switching
2.2 Configure and verify data path virtualization technologies
2.2.a VRF
2.2.b GRE and IPsec tunneling
2.3 Describe network virtualization concepts
2.3.a LISP
2.3.b VXLAN

30% 3.0 Infrastructure
3.1 Layer 2
3.1.a Troubleshoot static and dynamic 802.1q trunking protocols
3.1.b Troubleshoot static and dynamic EtherChannels
3.1.c Configure and verify common Spanning Tree Protocols (RSTP and MST)
3.2 Layer 3
3.2.a Compare routing concepts of EIGRP and OSPF (advanced distance vector vs. link state, load balancing, path selection, path operations, metrics)
3.2.b Configure and verify simple OSPF environments, including multiple normal areas, summarization, and filtering (neighbor adjacency, point-to-point and broadcast network types, and passive interface)
3.2.c Configure and verify eBGP between directly connected neighbors (best path selection algorithm and neighbor relationships)
3.3 Wireless
3.3.a Describe Layer 1 concepts, such as RF power, RSSI, SNR, interference noise, band and channels, and wireless client devices capabilities
3.3.b Describe AP modes and antenna types
3.3.c Describe access point discovery and join process (discovery algorithms, WLC selection process)
3.3.d Describe the main principles and use cases for Layer 2 and Layer 3 roaming
3.3.e Troubleshoot WLAN configuration and wireless client connectivity issues
3.4 IP Services
3.4.a Describe Network Time Protocol (NTP)
3.4.b Configure and verify NAT/PAT
3.4.c Configure first hop redundancy protocols, such as HSRP and VRRP
3.4.d Describe multicast protocols, such as PIM and IGMP v2/v3

10% 4.0 Network Assurance
4.1 Diagnose network problems using tools such as debugs, conditional debugs, trace route, ping, SNMP, and syslog
4.2 Configure and verify device monitoring using syslog for remote logging
4.3 Configure and verify NetFlow and Flexible NetFlow
4.4 Configure and verify SPAN/RSPAN/ERSPAN
4.5 Configure and verify IPSLA
4.6 Describe Cisco DNA Center workflows to apply network configuration, monitoring, and management
4.7 Configure and verify NETCONF and RESTCONF

20% 5.0 Security
5.1 Configure and verify device access control
5.1.a Lines and password protection
5.1.b Authentication and authorization using AAA
5.2 Configure and verify infrastructure security features
5.2.a ACLs
5.2.b CoPP
5.3 Describe REST API security
5.4 Configure and verify wireless security features
5.4.a EAP
5.4.b WebAuth
5.4.c PSK
5.5 Describe the components of network security design
5.5.a Threat defense
5.5.b Endpoint security
5.5.c Next-generation firewall
5.5.d TrustSec, MACsec
5.5.e Network access control with 802.1X, MAB, and WebAuth

15% 6.0 Automation
6.1 Interpret basic Python components and scripts
6.2 Construct valid JSON encoded file
6.3 Describe the high-level principles and benefits of a data modeling language, such as YANG
6.4 Describe APIs for Cisco DNA Center and vManage
6.5 Interpret REST API response codes and results in payload using Cisco DNA Center and RESTCONF
6.6 Construct EEM applet to automate configuration, troubleshooting, or data collection
6.7 Compare agent vs. agentless orchestration tools, such as Chef, Puppet, Ansible, and SaltStack

QUESTION 1
What are two benefits of YANG? (Choose two.)

A. It enforces the use of a specific encoding format for NETCONF.
B. It collects statistical constraint analysis information.
C. It enables multiple leaf statements to exist within a leaf list.
D. It enforces configuration semantics.
E. It enforces configuration constraints.

Answer: A, E

QUESTION 2
Refer to the exhibit.
An engineer must create a configuration that executes the show run command and then terminates the session when user CCNP legs in. Which configuration change is required?

A. Add the access-class keyword to the username command
B. Add the access-class keyword to the aaa authentication command
C. Add the autocommand keyword to the username command
D. Add the autocommand keyword to the aaa authentication command

Answer: C

QUESTION 3
Wireless users report frequent disconnections from the wireless network. While troubleshooting a network engineer finds that after the user a disconnect, the connection re-establishes automatically without any input required. The engineer also notices these message logs .
Which action reduces the user impact?

A. increase the AP heartbeat timeout
B. increase BandSelect
C. enable coverage hole detection
D. increase the dynamic channel assignment interval

Answer: D

QUESTION 4
What is used to perform OoS packet classification?

A. the Options field in the Layer 3 header
B. the Type field in the Layer 2 frame
C. the Flags field in the Layer 3 header
D. the TOS field in the Layer 3 header

Answer: D

QUESTION 5
What is the recommended MTU size for a Cisco SD-Access Fabric?

A. 1500
B. 9100
C. 4464
D. 17914

Answer: B

QUESTION 6
Which two network problems Indicate a need to implement QoS in a campus network? (Choose two.)

A. port flapping
B. excess jitter
C. misrouted network packets
D. duplicate IP addresses
E. bandwidth-related packet loss

Answer: B, E

QUESTION 7
A customer has several small branches and wants to deploy a WI-FI solution with local management using CAPWAP. Which deployment model meets this requirement?

A. Autonomous
B. Mobility Express
C. SD-Access wireless
D. Local mode

Answer: B

QUESTION 8
Which method of account authentication does OAuth 2.0 within REST APIs?

A. username/role combination
B. access tokens
C. cookie authentication
D. basic signature workflow

Answer: B

Cisco

200-901 DevNet Associate (DEVASC) Exam Dumps PDF

The Cisco Certified DevNet Associate exam certifies basic network application abilities such as software development and design for Cisco platforms. The CCNA DevNet course is designed for software developers who wish to improve their programmability, software, and automation abilities.

DevOps training can help Network Engineers start their automation journey because they understand the network better.

200-901 DEVASC
Developing Applications and Automating Workflows using Cisco Platforms
Duration: 120 minutes
Languages: English and Japanese
Associated certification : DevNet Associate

Exam overview
This exam tests your knowledge and skills related to:

Network fundamentals
Network access
IP connectivity
IP services
Security fundamentals
Automation and programmability

Exam preparation
Official Cisco training
Developing Applications and Automating Workflows using Cisco Core Platforms (DEVASC)
Network Automation training videos
DEVASC study materials

Exam Description
To earn your DevNet Associate certification, you must pass the 200-901 DEVASC exam. This 120-minute exam tests your knowledge of:

Exam Description: DevNet Associate Exam v1.0 (DEVASC 200-901) is a 120-minute exam associated with the DevNet Associate – Developer Certification. This exam tests a candidate’s knowledge of software development and design including understanding and using APIs, Cisco platforms and development, application development and security, and infrastructure and automation. The course, Developing Applications and Automating Workflows using Cisco Core Platforms, helps candidates to prepare for this exam.
The following topics are general guidelines for the content likely to be included on the exam. However, other related topics may also appear on any specific delivery of the exam. To better reflect the contents of the exam and for clarity purposes, the guidelines below may change at any time without notice.

15% 1.0 Software Development and Design
1.1 Compare data formats (XML, JSON, and YAML)
1.2 Describe parsing of common data format (XML, JSON, and YAML) to Python data structures
1.3 Describe the concepts of test-driven development
1.4 Compare software development methods (agile, lean, and waterfall)
1.5 Explain the benefits of organizing code into methods / functions, classes, and modules
1.6 Identify the advantages of common design patterns (MVC and Observer)
1.7 Explain the advantages of version control
1.8 Utilize common version control operations with Git
1.8.a Clone
1.8.b Add/remove
1.8.c Commit
1.8.d Push / pull
1.8.e Branch
1.8.f Merge and handling conflicts
1.8.g diff

20% 2.0 Understanding and Using APIs
2.1 Construct a REST API request to accomplish a task given API documentation
2.2 Describe common usage patterns related to webhooks
2.3 Identify the constraints when consuming APIs
2.4 Explain common HTTP response codes associated with REST APIs
2.5 Troubleshoot a problem given the HTTP response code, request and API documentation
2.6 Identify the parts of an HTTP response (response code, headers, body)
2.7 Utilize common API authentication mechanisms: basic, custom token, and API keys
2.8 Compare common API styles (REST, RPC, synchronous, and asynchronous)
2.9 Construct a Python script that calls a REST API using the requests library

15% 3.0 Cisco Platforms and Development
3.1 Construct a Python script that uses a Cisco SDK given SDK documentation
3.2 Describe the capabilities of Cisco network management platforms and APIs (Meraki, Cisco DNA Center, ACI, Cisco SD-WAN, and NSO)
3.3 Describe the capabilities of Cisco compute management platforms and APIs (UCS Manager, UCS Director, and Intersight)
3.4 Describe the capabilities of Cisco collaboration platforms and APIs (Webex Teams, Webex devices, Cisco Unified Communication Manager including AXL and UDS interfaces, and Finesse)
3.5 Describe the capabilities of Cisco security platforms and APIs (Firepower, Umbrella, AMP, ISE, and ThreatGrid)
3.6 Describe the device level APIs and dynamic interfaces for IOS XE and NX-OS
3.7 Identify the appropriate DevNet resource for a given scenario (Sandbox, Code Exchange, support, forums, Learning Labs, and API documentation)
3.8 Apply concepts of model driven programmability (YANG, RESTCONF, and NETCONF) in a Cisco environment
3.9 Construct code to perform a specific operation based on a set of requirements and given API reference documentation such as these:
3.9.a Obtain a list of network devices by using Meraki, Cisco DNA Center, ACI, Cisco SD-WAN, or NSO
3.9.b Manage spaces, participants, and messages in Webex Teams
3.9.c Obtain a list of clients / hosts seen on a network using Meraki or Cisco DNA Center

15% 4.0 Application Deployment and Security
4.1 Describe benefits of edge computing
4.2 Identify attributes of different application deployment models (private cloud, public cloud, hybrid cloud, and edge)
4.3 Identify the attributes of these application deployment types
4.3.a Virtual machines
4.3.b Bare metal
4.3.c Containers
4.4 Describe components for a CI/CD pipeline in application deployments
4.5 Construct a Python unit test
4.6 Interpret contents of a Dockerfile
4.7 Utilize Docker images in local developer environment
4.8 Identify application security issues related to secret protection, encryption (storage and transport), and data handling
4.9 Explain how firewall, DNS, load balancers, and reverse proxy in application deployment
4.10 Describe top OWASP threats (such as XSS, SQL injections, and CSRF)
4.11 Utilize Bash commands (file management, directory navigation, and environmental variables)
4.12 Identify the principles of DevOps practices

20% 5.0 Infrastructure and Automation
5.1 Describe the value of model driven programmability for infrastructure automation
5.2 Compare controller-level to device-level management
5.3 Describe the use and roles of network simulation and test tools (such as VIRL and pyATS)
5.4 Describe the components and benefits of CI/CD pipeline in infrastructure automation
5.5 Describe principles of infrastructure as code
5.6 Describe the capabilities of automation tools such as Ansible, Puppet, Chef, and Cisco NSO
5.7 Identify the workflow being automated by a Python script that uses Cisco APIs including ACI, Meraki, Cisco DNA Center, or RESTCONF
5.8 Identify the workflow being automated by an Ansible playbook (management packages, user management related to services, basic service configuration, and start/stop)
5.9 Identify the workflow being automated by a bash script (such as file management, app install, user management, directory navigation)
5.10 Interpret the results of a RESTCONF or NETCONF query
5.11 Interpret basic YANG models
5.12 Interpret a unified diff
5.13 Describe the principles and benefits of a code review process
5.14 Interpret sequence diagram that includes API calls

15% 6.0 Network Fundamentals
6.1 Describe the purpose and usage of MAC addresses and VLANs
6.2 Describe the purpose and usage of IP addresses, routes, subnet mask / prefix, and gateways
6.3 Describe the function of common networking components (such as switches, routers, firewalls, and load balancers)
6.4 Interpret a basic network topology diagram with elements such as switches, routers, firewalls, load balancers, and port values
6.5 Describe the function of management, data, and control planes in a network device
6.6 Describe the functionality of these IP Services: DHCP, DNS, NAT, SNMP, NTP
6.7 Recognize common protocol port values (such as, SSH, Telnet, HTTP, HTTPS, and NETCONF)
6.8 Identify cause of application connectivity issues (NAT problem, Transport Port blocked, proxy, and VPN)
6.9 Explain the impacts of network constraints on applications

Actualkey 200-901 study materials exam pdf,

MCTS Training, MCITP Trainnig

Best Cisco 200-901 exam format Certification, Cisco 200-901 exam cost Training at certkingdom.com

QUESTION 1
Which type of threat occur when an attacker can send hostile data to an interpreter within an application?

A. Cross-site scripting
B. Sensitive data exposure
C. Broken authentication
D. Injection

Answer: D

QUESTION 2
Refer to the exhibit.
What is the effect of this Ansible playbook on an IOS router?

A. A new running configuration is pushed to the IOS router.
B. The current running configuration of the IOS router is backed up.
C. The start-up configuration of the IOS router is copied to a local folder.
D. A new start-up configuration is copied to the IOS router.

Answer: B

QUESTION 3
Which two statement describe the role of an artifact repository in a CI/CD pipeline? (Choose two.)

A. An artifact repository allows to compare and merge changes in the source code of files involved in a build process.
B. An artifact repository is needed only for CI/CD pipeline executed on a public cloud infrastructure.
C. An artifact repository provides traceability, search, and management of binary files.
D. An artifact repository is needed only for managing open source software.
E. An artifact repository stores files needed and generated during the build process.

Answer: CE

QUESTION 4
What is the purpose of the Cisco VIRL software tool?

A. To verify configurations against compliance standards
B. To simulate and model networks
C. To automate API workflows
D. To test performance of an application

Answer: B

QUESTION 5
Which detail is included in a routing table?

A. IP protocol
B. Broadcast address
C. TCP or UDP port number
D. Destination next hop or outgoing interface

Answer: D

Cisco

Cisco 300-415 ENSDWI Implementing Cisco SD-WAN Solutions Exam Dumps

Cisco’s DevNet certification program is designed to equip IT professionals with the knowledge and skills required to develop and manage modern network applications. This unique certification route focuses on emerging technologies such as automation, IoT, DevOps, and Webex, and is the first of its kind in the industry. The program offers four certification levels: Associate, Specialist, Professional, and Expert, catering to individuals at different stages of their career. By earning a DevNet certification, IT professionals can demonstrate their expertise and competency in developing and managing modern network applications, and enhance their career prospects in this rapidly evolving field.

Duration: 90 minutes
Languages: English and Japanese
Associated certifications: CCNP Enterprise
Cisco Certified Specialist – Enterprise SD-WAN Implementation

Exam overview

This exam tests your knowledge of Cisco’s SD-WAN solution, including:
SD-WAN architecture
Controller deployment
Edge router deployment
Policies
Security
Quality of service
Multicast
Management and operations

Exam preparation

Official Cisco training
Implementing Cisco SD-WAN Solutions (ENSDWI)
Implementing Cisco SD-WAN Solutions v1.1 (300-415)
Exam Description:
Implementing Cisco SD-WAN Solutions v1.1 (ENSDWI 300-415) is a 90-minute exam associated with the CCNP Enterprise Certification. This exam tests a candidate’s knowledge of Cisco’s SD-WAN solution including SD-WAN architecture, controller deployment, WAN Edge router deployment, policies, security, quality of service, multicast, and management and operations. The course, Implementing Cisco SD-WAN Solutions, helps candidates to prepare for this exam.

The following topics are general guidelines for the content likely to be included on the exam. However, other related topics may also appear on any specific delivery of the exam. To better reflect the contents of the exam and for clarity purposes, the guidelines below may change at any time without notice.

Examkingdom Cisco 300-415 ENSDWI Exam pdf,

MCTS Training, MCITP Trainnig

Best Cisco 300-415 ENSDWI Free downloads , Cisco 300-415 ENSDWI Dumps at Certkingdom.com

20% 1.0 Architecture
1.1 Describe Cisco SD-WAN architecture and components
1.1.a Orchestration plane (vBond, NAT)
1.1.b Management plane (vManage)
1.1.c Control plane (vSmart, OMP)
1.1.d Data plane (WAN Edge)
1.1.d (i) TLOC
1.1.d (ii) IPsec and GRE
1.1.d (iii) vRoute
1.1.d (iv) BFD
1.2 Describe Cisco SD-WAN Edge platforms and capabilities
1.3 Describe Cisco SD-WAN Cloud OnRamp
1.3.a SaaS
1.3.b IaaS
1.3.c Colocation

15% 2.0 Controller Deployment
2.1 Describe controller cloud deployment
2.2 Describe controller on-premises deployment
2.2.a Hosting platform (KVM and Hypervisor)
2.2.b Installing controllers
2.2.c Scalability and redundancy
2.3 Configure certificates and device lists
2.4 Troubleshoot control plane connectivity between controllers

20% 3.0 Router Deployment
3.1 Describe WAN Edge deployment
3.1.a On-boarding
3.1.b Orchestration with zero-touch provisioning and plug-and-play
3.1.c Data center and regional hub deployments
3.2 Configure Cisco SD-WAN data plane
3.2.a Circuit termination and TLOC-extension
3.2.b Dynamic tunnels
3.2.c Underlay-overlay connectivity
3.3 Configure OMP
3.4 Configure TLOCs
3.5 Configure CLI and vManage feature configuration templates
3.5.a VRRP
3.5.b OSPF
3.5.c BGP
3.5.d EIGRP
3.6 Describe multicast support in Cisco SD-WAN

20% 4.0 Policies
4.1 Configure control policies
4.2 Configure data policies
4.3 Configure end-to-end segmentation
4.3.a VPN segmentation
4.3.b Topologies
4.4 Configure Cisco SD-WAN application-aware routing
4.5 Configure direct Internet access

15% 5.0 Security and Quality of Service
5.1 Configure service insertion
5.2 Describe Cisco SD-WAN security features
5.2.a. Application-aware enterprise firewall
5.2.b IPS
5.2.c URL filtering
5.2.d AMP
5.2.e SSL and TLS proxy
5.3 Describe Cloud security integration
5.3.a. DNS security
5.3.b. Secure Internet Gateway (SIG)
5.4 Configure QoS treatment on WAN Edge routers
5.4.a Scheduling
5.4.b Queuing
5.4.c Shaping
5.4.d Policing
5.4.e Marking
5.4.f Per-tunnel and adaptive QoS

10% 6.0 Management and Operations
6.1 Describe authentication, monitoring, and reporting from vManage
6.2 Configure authentication, monitoring, and reporting
6.3 Describe REST API monitoring
6.4 Describe software image management from vManage

 

QUESTION 1
What are the two advantages of deploying cloud-based Cisco SD-WAN controllers? (Choose two.)

A. centralized control and data plane
B. distributed authentication policies
C. management of SLA
D. infrastructure as a service
E. centralized raid storage of data

Answer: C D

QUESTION 2
An engineer is troubleshooting a certificate issue on vEdge. Which command is used to verify the validity of the certificates?

A. show control local-properties
B. show control summary
C. show certificate installed
D. show certificate status

Answer: A

QUESTION 3
What is a benefit of the application-aware firewall?

A. It blocks traffic by MAC address
B. It blocks traffic by MTU of the packet.
C. It blocks traffic by application.
D. It blocks encrypted traffic

Answer: C

QUESTION 4
When VPNs are grouped to create destination zone in Zone-Based Firewall, how many zones can a single VPN be part of?

A. two
B. four
C. one
D. three

Answer: C

QUESTION 5
Which attributes are configured to uniquely Identify and represent a TLOC route?

A. system IP address, link color, and encapsulation
B. firewall, IPS, and application optimization
C. site ID, tag, and VPN
D. origin, originator, and preference

Answer: A

QUESTION 6
Which device information is requited on PNP/ZTP to support the zero-touch onboarding process?

A. serial and chassis numbers
B. interface IP address
C. public DNS entry
D. system IP address

Answer: A

Cisco

500-445 Cisco Implementing Cisco Contact Center Enterprise Chat and Email Exam

500-445 CCECE
Cisco Contact Center Enterprise Chat and Email v1.0 (500-445)

Implementing Cisco Contact Center Enterprise Chat and Email
Duration: 90 minutes
Languages: English
Associated certification Advanced Unified Contact Center Enterprise Specialization

Exam overview
This exam tests a candidate’s knowledge of deploying and administering Cisco Enterprise Chat and Email (ECE).

Exam preparation
Official Cisco training

Implementing Cisco Contact Center Enterprise Chat and Email (CCECE)


Exam preparation
Official Cisco training

Implementing Cisco Contact Center Enterprise Chat and Email (CCECE)
Exam Description: Implementing Cisco Contact Center Enterprise Chat and Email v1.0 (CCECE 500-445) exam is associated with the Advanced Unified Contact Center Enterprise Specialization requirements for Deployment Engineers. This exam tests a candidate’s knowledge of deploying and administering Cisco Enterprise Chat and Email (ECE). The course Implementing Cisco Contact Center Enterprise Chat and Email helps candidates to prepare for this exam.
The following topics are general guidelines for the content likely to be included on the exam. However, other related topics may also appear on any specific delivery of the exam. To better reflect the contents of the exam and for clarity purposes, the guidelines below may change at any time without notice.

Examkingdom Cisco 500-445 Exam pdf,

MCTS Training, MCITP Trainnig

Best Cisco 500-445 Free downloads , Cisco 500-445 Dumps at Certkingdom.com

40% 1.0 ECE Deployment
1.1 Describe Enterprise Chat and Email Components and Deployment Model
1.2 Explain ECE Installation process
1.3 Define ECE Best Practices
1.4 Prepare PCCE for ECE and Integration

20% 2.0 ECE Administration and Configuration
2.1 Explain ECE Administration Tasks
2.2 Configure ECE
2.3 Explain ECE Queues

10% 3.0 ECE Email Administration
3.1 Explain ECE Email Administration
3.2 Describe Workflows
3.3 Explain CCE Scripting for Email and Storage Management

10% 4.0 ECE Chat Administration
4.1 Configure ECE for Chat
4.2 Describe Chat Entry Points
4.3 Explain Chat Operation and Chat Customization

20% 5.0 ECE Features and Troubleshooting
5.1 Describe ECE Report types
5.2 Explain Agent Single Sign-on for ECE
5.3 Troubleshoot ECE
 

QUESTION 1
How is Chat Watchdog Interval used?

A. to control the time interval after which a chat activity is tagged as abandoned if an agent could not accept it
B. to control the time interval after which a chat activity is tagged as abandoned if it could not get any response from UCCE
C. to control the time interval after which a chat activity is tagged as abandoned if it could not be routed to UCCE
D. to control the time interval after which a chat activity is tagged as abandoned if it could not be assigned to an agent

Answer: D

QUESTION 2
What are two specifications for reporting templates? (Choose two.)

A. The availability of templates is controlled by licenses.
B. A user can only create ten reports per template.
C. Only one report can be created per template.
D. Any number of reports can be created from a template.
E. Templates can be deleted.

Answer: A,D

QUESTION 3
What is the limit of concurrent agents per application server?

A. 400
B. 600
C. 1200
D. 1800

Answer: D

QUESTION 4
In which two ways are chats transferred? (Choose two.)

A. Only open chat activities in which the customer has not left the chat session can be transferred.
B. Chats can be transferred to departments directly.
C. Agents can transfer the chat activities based on the Maximum Task limit setting.
D. Agents have unlimited transfers of chat activity.
E. Only one chat activity can be transferred at a time.

Answer: A,E

QUESTION 5
Which LDAP URL allows configuration in the properties pane under SSO configuration?

A. Ldap://idap_server:3269
B. Ldap://idap_server:80
C. Ldap://idap_server:443
D. Ldap://idap_server:3268

Answer: B