Jump to content

burnnotice

Members
  • Content Count

    19
  • Joined

  • Last visited

Community Reputation

27 Excellent

About burnnotice

  • Rank
    Member

Recent Profile Visitors

81 profile views
  1. Please share the latest dump for the exam!
  2. Hello Everyone Please share latest dump of SENSS (PassLeader 486q) Thank you.
  3. Can anyone post VCE for: Exam 101 - Application Delivery Fundamentals Exam 201 - TMOS Administration
  4. TShoot 83% managament service on Cisco devices 88% Threat D# 94% GUI and CLI Mgmt 94% Threat D# Architecture 90% sec components & considerations 89%
  5. passed today with score 95x PL 270 + Ahmed Khaled's (Exam300-206 298Qs) + new question in this post Labs: NAT & Botnet HotSpot: SNMP & Syslog D&D: inheritance & syslog severity levels No new Questions Time for 300-209 SIMOS
  6. good luck, please share your exp. after you clear the exam
  7. i will do the exam on Jan 23 and i will share my exp wish me luck
  8. when you show the answer read the comments carefully it will guide you for Ex. SNMP HotSpot, Question about: capture or packet trace, ASA best practice etc...
  9. not all correct, but corrected in other dumps
  10. Thanks to all participants in POST for sharing!!! *** It would be great if any one has the time to collect all the questions in one place PDF or VCE with corrected answers. Hereunder latest update for the exam VCE Program: [Hidden Content] New Qs from 238 to 298 - (VCE) : [Hidden Content] New questions posted in this topic: Syslog Hotspot here I answered like this and my score was 100 in troubleshoot topic so i was right: The Cisco ASA is not configured to log messages to the syslog server at that IP address. New connections through the ASA will be allowed and informational system logs will be sent to the internal. System log messages with a severity level of six and lower will be logged to the internal buffer. 1. Which command in ASA allows ASDM connection from client PC over https with the Local AAA user database? A. aaa authentication enable console LOCAL B. aaa authentication http console LOCAL C. aaa authentication ssh console LOCAL D. aaa authentication Telnet console LOCAL 2. When MACSec is enabled on a device which traffic types are unencrypted - choose 2 A. CDP B. DHCP offer C. DHCP Discovery D. EAPOL-Start E. EAPOL-Stop 3.What statements are true about IPv4 and IPv6 addresses on the ASA , which options are true- Something like this (choose 2) - (Something like this) A. IPv4 and IPv6 IPs can be included in the same ACL B. IPv4 and IPv6 IPs can not be included in the same ACL C. IPv4 and IPv6 IPs can be added in the same Object group D. IPv4 and IPv6 IPs can not be added in the same Object group 4. Http traffic has been configured to connect through the ASA on port 1521. When web inspection has been enabled with the default web policy, which inspection policy will be applied? A. HTTP B. HTTPS C. IPX D. SQL*net 5. What feature needs to be enabled along with Dynamic ARP inspection? A. DHCP Snooping B. IP source gaurd C. CDP D. .... 6. What option needs to be used to enable Authentication and Encryption in SNMPv3 A. Encry B. Auth C. Priv D. .... 7. ACL config exibit: -Shows an ACL called OUTSIDE-IN controlling whether IPSEC connections are allowed -ACL has permits on it to allow IPSEC connections to and from an inside network address of 10.10.10.x to an outside IP of 198.x.x.x along with some explicit denies -Shows the ACL being applied to the outside interface using something like: access-group OUTSIDE-IN in interface outside control-plane Which direction is traffic inspected on the interface A. Controling IP traffic from the outside interface B. Controling IPsec traffic from the outside interface C. Controling IP traffic to the outside interface D. Controling IPsec traffic to the outside interface 8. You need to group similar VMs together to classify traffic on the cisco ASA 1000V. Which command would you use A. network-port B. network-profile C. security-port D. security-profile 9. Which are the most secure authentication and encryption options (choose two) A. DES B. 3DES C. AES D. MD5 E. SHA 10. You are using Cisco Security Manager to manage your infrastructure. What protocol is used by the Cisco Security Manager client to connect to the ASA? A. FTP B. Telnet C. SSH D. HTTPS 11. Which element ... ASA 1000V security policy based on a class of VMs instead of an IP address? Options: security profile, security group... I chose security profile. 12. changes to snmp-server ID affects? A- Earlier snmp configuration B- Earlier snmp group C- Earlier snmp user According to cisco docs: [Hidden Content] Changing the value of the SNMP engine ID has significant effects. A user's password (entered on the command line) is converted to a message digest5 algorithm (MD5) or Secure Hash Algorithm (SHA) security digest. This digest is based on both the password and the local engine ID. The command line password is then destroyed, as required by RFC 2274. Because of this deletion, if the local value of the engineID changes, the security digests of SNMPv3 users will become invalid, and the users will have to be reconfigured. Similar restrictions require the reconfiguration of community strings when the engine ID changes. A remote engine ID is required when an SNMPv3 inform is configured. The remote engine ID is used to compute the security digest for authenticating and encrypting packets sent to a user on the remote host. 13. Question about capture or packet tracer which command can be used to confirm or deny if the ASA is responsible for this issue? Right Answer is Packet Tracer as my score in tshoot topic was 100 14. Which action is considered a best practice for Cisco ASA firewall? Right Answer is, Disable Console Logging REF: [Hidden Content]
  11. thanks pedroid for sharing the NEW Q: 1) Which element ... ASA 1000V security policy based on a class of VMs instead of an IP address? Options: security profile, security group... I chose security profile. 2) changes to snmp-server ID affects? A- Earlier snmp configuration B- Earlier snmp group C- Earlier snmp user According to cisco docs: [Hidden Content] Changing the value of the SNMP engine ID has significant effects. A user's password (entered on the command line) is converted to a message digest5 algorithm (MD5) or Secure Hash Algorithm (SHA) security digest. This digest is based on both the password and the local engine ID. The command line password is then destroyed, as required by RFC 2274. Because of this deletion, if the local value of the engineID changes, the security digests of SNMPv3 users will become invalid, and the users will have to be reconfigured. Similar restrictions require the reconfiguration of community strings when the engine ID changes. A remote engine ID is required when an SNMPv3 inform is configured. The remote engine ID is used to compute the security digest for authenticating and encrypting packets sent to a user on the remote host.
  12. which version of ASA 8.XX OR 9.XX
  13. congratz bro in order to practice lab sim, which asa version should i use? 9.x or lower
  14. please share your thoughts if you did the exam.
×
×
  • Create New...