Jump to content

Recommended Posts

Hi guys just passed the exam 102 q is still valid, i prepared Zannard vce. Scored 9xx. Good luck guys. Thank you zannard and the team. 

Share this post

Link to post
Share on other sites

I passed today with 102 q and it's still valid with 9xx

Thank you for sharing!!!

Share this post

Link to post
Share on other sites

Anyone know why every VCE file I open on VCE Player has an error that says "error retrieving key to decrypt file"?  Is there a key somewhere I need?

Share this post

Link to post
Share on other sites
On 4/2/2020 at 7:57 PM, tapandoshi533 said:


Hidden Content

  • Give reaction to this post to see the hidden content.


Just found a way to open the content

Edited by atarize
  • Like 8
  • Thanks 3
  • Haha 1
  • Confused 1
  • Sad 2

Share this post

Link to post
Share on other sites
1 hour ago, blowmehard said:

Just took the exam, there are about 30 new questions not covered in the dump.

How many questions did your exam have?

Which topic were the new questions about?

Share this post

Link to post
Share on other sites

 still 102

there were some Python script questions, some isakmp debugging questions, some questions seem to have been reworded with the old answer in the question and new list of answers.

  • Like 1

Share this post

Link to post
Share on other sites

Hi Guys,

Can someone share with us the new questions? I've seen a lot of people getting new questions that aren't in the 102q and 127q dump.

Please help the community, our anonymous heroes ;)

  • Like 1

Share this post

Link to post
Share on other sites

Hi Guys, Can you please check if any of the following question were in the new exams??


What is a result of enabling Cisco FTD clustering?
A. For the dynamic routing feature, if the master unit fails, the newly elected master unit maintains all existing connections.
B. Integrated Routing and Bridging is supported on the master unit.
C. Site-to-site VPN functionality is limited to the master unit, and all VPN connections are dropped if the master unit fails.
D. All Firepower appliances can support Cisco FTD clustering.
Answer: C

What are the minimum requirements to deploy a managed device inline?
A. inline interfaces, security zones, MTU, and mode
B. passive interface, MTU, and mode
C. inline interfaces, MTU, and mode
D. passive interface, security zone, MTU, and mode
Answer: C

Which Cisco Firepower Threat Defense, which two interface settings are required when configuring a routed interface? (Choose two.)
A. Redundant Interface
B. EtherChannel
C. Speed
D. Media Type
E. Duplex
Answer: CE

Which two dynamic routing protocols are supported in Firepower Threat Defense without using FlexConfig? (Choose two.)
C. static routing
Answer: CE

When creating a report template, how can the results be limited to show only the activity of a specific subnet?
A. Create a custom search in Firepower Management Center and select it in each section of the report.
B. Add an Input Parameter in the Advanced Settings of the report, and set the type to Network/IP.
C. Add a Table View section to the report with the Search field defined as the network in CIDR format.
D. Select IP Address as the X-Axis in each section of the report.
Answer: B

Which object type supports object overrides?
A. time range
B. security group tag
C. network object
D. DNS server group
Answer: C

Which Cisco Firepower rule action displays an HTTP warning page?
A. Monitor
B. Block
C. Interactive Block
D. Allow with Warning
Answer: C

What is the result of specifying of QoS rule that has a rate limit that is greater than the maximum throughput of an interface?
A. The rate-limiting rule is disabled.
B. Matching traffic is not rate limited.
C. The system rate-limits all traffic.
D. The system repeatedly generates warnings.
Answer: B

In which two ways do access control policies operate on a Cisco Firepower system? (Choose two.)
A. Traffic inspection can be interrupted temporarily when configuration changes are deployed.
B. The system performs intrusion inspection followed by file inspection.
C. They can block traffic based on Security Intelligence data.
D. File policies use an associated variable set to perform intrusion prevention.
E. The system performs a preliminary inspection on trusted traffic to validate that it matches the trusted parameters.
Answer: AC

After deploying a network-monitoring tool to manage and monitor networking devices in your organization, you realize that you need to manually upload an MIB for
the Cisco FMC. In which folder should you upload the MIB file?
A. /etc/sf/DCMIB.ALERT
D. system/etc/DCEALERT.MIB
Answer: C

Which command should be used on the Cisco FTD CLI to capture all the packets that hit an interface?
A. configure coredump packet-engine enable
B. capture-traffic
C. capture
D. capture WORD
Answer: B

Which group within Cisco does the Threat Response team use for threat analysis and research?
A. Cisco Deep Analytics
B. OpenDNS Group
C. Cisco Network Response
D. Cisco Talos
Answer: D

Which CLI command is used to generate firewall debug messages on a Cisco Firepower?
A. system support firewall-engine-debug
B. system support ssl-debug
C. system support platform
D. system support dump-table
Answer: A

Which command is typed at the CLI on the primary Cisco FTD unit to temporarily stop running high-availability?
A. configure high-availability resume
B. configure high-availability disable
C. system support network-options
D. configure high-availability suspend
Answer: B

Which command must be run to generate troubleshooting files on an FTD?
A. system support view-files
B. sudo sf_troubleshoot.pl
C. system generate-troubleshoot all
D. show tech-support
Answer: B

When do you need the file-size command option during troubleshooting with packet capture?
A. when capture packets are less than 16 MB
B. when capture packets are restricted from the secondary memory
C. when capture packets exceed 10 GB
D. when capture packets exceed 32 MB
Answer: D

A network engineer is configuring URL Filtering on Firepower Threat Defense. Which two port requirements on the Firepower Management Center must be
validated to allow communication with the cloud service? (Choose two.)
A. outbound port TCP/443
B. inbound port TCP/80
C. outbound port TCP/8080
D. inbound port TCP/443
E. outbound port TCP/80
Answer: AE

Which limitation applies to Cisco Firepower Management Center dashboards in a multidomain environment?
A. Child domains can view but not edit dashboards that originate from an ancestor domain.
B. Child domains have access to only a limited set of widgets from ancestor domains.
C. Only the administrator of the top ancestor domain can view dashboards.
D. Child domains cannot view dashboards that originate from an ancestor domain.
Answer: D

Which two packet captures does the FTD LINA engine support? (Choose two.)
A. Layer 7 network ID
B. source IP
C. application ID
D. dynamic firewall importing
E. protocol
Answer: BE

Which two features of Cisco AMP for Endpoints allow for an uploaded file to be blocked? (Choose two.)
A. application blocking
B. simple custom detection
C. file repository
D. exclusions
E. application whitelisting
Answer: AB

Which action should you take when Cisco Threat Response notifies you that AMP has identified a file as malware?
A. Add the malicious file to the block list.
B. Send a snapshot to Cisco for technical support.
C. Forward the result of the investigation to an external threat-analysis engine.
D. Wait for Cisco Threat Response to automatically block the malware.
Answer: A

In a Cisco AMP for Networks deployment, which disposition is returned if the cloud cannot be reached?
A. unavailable
B. unknown
C. clean
D. disconnected
Answer: A

Which two remediation options are available when Cisco FMC is integrated with Cisco ISE? (Choose two.)
A. dynamic null route configured
B. DHCP pool disablement
C. quarantine
D. port shutdown
E. host shutdown
Answer: CD

Share this post

Link to post
Share on other sites

Can anyone confirm if the below questions are in the updated 350-701 exam?



__ security solution protects remote users against phishing attacks even when not VPN connected.


__ can share data between multiple security products.

Rapid Threat Containment
(Platform Exchange Grid)

Username admin privilege 5
Privilege interface level 5 shutdown
Privilege interface level 5 ip
Privilege interface level 5 description

The admin will be able to __.
Add a sub-interface
(Do nothing useful as it relates to configuration)
Configure anything
Configure an IP address

__ threat involves software being used to gain unauthorized access to a computer system.
NTP amplification
HTTP flooding
Ping of death

__ ISE probe can identify a hosts OUI.

__ is a feature of the open platform capabilities of DNA center.
Automation adapters
Domain integration
Application adapters
(intent-based API)

__ is a common trait of DMVPN and FlexVPN.
Both use IS-IS
Both use the same hashing algorithms
Both use IKEv2
(Both run the same NHRP code in IOS)

__ telemetry data captures variations seen within a flow including TTL, TCP Flags, and Payload Length.
Flow insight
Process detail
Software package

__ command enables AAA globally so that COA is supported on the device.
aaa new-model
Auth-type all
(Aaa server radius dynamic-author)
ip device-tracking

__ is the compliance status when a device fails the posture policy in ISE.

__ and __ are transparent redirection techniques to send HTTP/S traffic to a WSA.
Using PAC files
(Policy based routing)
(Web Cache Communication Protocol (WCCP))
Manually point to the proxy via settings in the browser

__ and __ are characteristics of messenger protocols that make data exfiltration difficult prevent and even detect.
(Traffic is encrypted)
Malware infects the messenger application
(Messenger application cannot be segmented via standard controls)
All out bound traffic of end users is allowed
An exposed API for the messenger application can send large quantities of data

__ is a benefit provided by ensuring an endpoint is compliant with a posture policy with ISE.
It adds endpoints to identity groups dynamically
(Verifies the endpoint has been patched)
Allows an endpoint to 802.1x authenticate
It allows CoA if an endpoint is compliant

__ is a social engineering attack.

__ and __ are differences of FlexVPN vs DMVPN.
DMVPN can use IKEv1 only
DMVPN can use IKEv2 only
(DMVPN can use IKEv1 and IKEv2)
FlexVPN can use IKEv1 only
(FlexVPN can use IKEv2 only)
FlexVPN can use IKEv1 and IKEv2

Interface f0/1
switchport mode access
authentication port-control auto
authentication port-control protect
spanning-tree portfast
__ command is missing to successfully implement 802.1x.
Authentication open
Dot1x reauthentication
(Dot1x pae authenticator)

__ is the means DNS tunneling exfiltrates data from an organization.
Redirects DNS requests
Corrupts DNS servers by replacing real IP addresses with malicious ones
Leverages one DNS server to spread attacks to others via recursive lookups
(It uses an encoded payload with BASE64 characters or other character sets which the DNS server rebuilds the stolen data)

*Sep 21 08:33:43.425: ISAKMP: (1011):Input = IKE_MESG_INTERNAL,
*Sep 21 08:33:43.425: ISAKMP: (1011): Old State = IKE_I_MM5 New State = IKE_DEST_SA
__ is the likely reason for the tunnel not working.
Hash algorithm mismatch
(Authentication key mismatch)
Encryption algorithm mismatch

__ and __ tasks configure Netflow on an ASA.
(Create a class map)
Create an ACL permitting udp 9999
Enable version 9
Apply an exporter to the outside interface inbound
(Define a Netflow collector using the flow-export command)

__ command is correct to configure an SNMP server. Assume username of U1, group name G1, and the source interface of inside.
snmp-server host inside snmpv3 U1
snmp-server host inside snmpv3 G1
(snmp-server host inside version 3 Andy)
snmp-server host inside version 3 G1

__ will share data between devices, is open, based an IETF standard and scalable.
(Platform Exchange Grid)
Multifactor Platform Integration

__ and __ are rootkit types.
User mode
Buffer mode

To configure Netflow on an ASA use __.
(flow-export destination Inside ####)
ip flow-export destination Inside ####

__ will use botnets.
TCP Flood

__ is the purpose of the context directory agent.
(Maps ip addresses to usernames)
Maintains group memberships
Relays user authentication
Accepts user authentication requests for the WSA

  • Like 1
  • Thanks 1

Share this post

Link to post
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

  • Create New...