new job this yes: 2016

Wednesday, 28 December 2016

JN0-541 Juniper Networks IDP Certified Internet Associate (JNCIA-IDP)

Concepts of intrusion detection
Identify the features and functions of an IDP sensor
Identify the use of IDP interfaces
Identify the TCP ports used by IDP sensors and Security Manager
Understanding the IDP provisioning modes

Initial configuration of an IDP sensor
Identify the steps involved in implementing the IDP sensor
Describe the configuration of a new sensor via the console
Describe the communication setup between Security Manager and IDP sensor

Configure and fine-tune policies
Assign the IDP attack terminology to the corresponding definitions
Understand the components of an IDP rule
Choice of appropriate IDP actions and IP actions
Describe the algorithm of the IDP rule assignment
Explain the use of captured packages
Explain the fine-tuning of guidelines

Configuring Other Policies for IDP
Explain the function of a rule database for exceptions
Explain the function of a rule database for anomalies
Explain the function of a rule database for backdoors
Explain the function of a SYN Protector rule database
Explain the function of honeypots in the network

Configure and use the profiler
Describe the normal functioning of a profiler
Showing the steps to a working profiler
Describe the use of a profiler for network detection
Describe the use of a profiler to identify new devices and ports
Describe the use of a profiler to detect policy violations

Sensor operation and sensor command line utility
Describe the sensor components and processes
Use scio to manage policies and display sensor configurations
Use sctop to display sensor statistics

Manage attack objects and create custom signatures
Describe the use of static and dynamic groups
Explain how to update the attack object database
List the steps for obtaining information about an attack
Understanding the purpose and use of the sensor commands "scio ccap" and "scio pcap"
List the steps for creating a simple attack object
Describe the purpose of combined attack objects

Maintenance and troubleshooting
Use the Appliance Configuration Manager (ACM) to view and modify sensor configurations
Use sensor and unix commands to resolve IDP issues
Understand the operation of external HA and NIC bypass

QUESTION 1
Which statement is true about the attack object database update process?

A. Each sensor updates its own attack object database automatically; however they must be able
to access the Juniper site on TCP port 443.
B. The attack object database update must be manually performed by the administrator, and the
administrator must manually install it on each sensor.
C. The attack object database update can be initiated manually or automatically.
D. The attack object database update can be automatically scheduled to occur using the Security
Manager GUI.

Answer: C

QUESTION 2
On a sensor, which command will indicate if log messages are being sent to Security Manager?

A. scio vr list
B. serviceidp status
C. scio agentstats display
D. scio getsystem

Answer: C

QUESTION 3
After you enable alerts for new hosts that are detected by the Enterprise Security Profiler, where
do you look in Security Manager to see those alerts?

A. Security Monitor > Profiler > Application Profiler tab
B. Security Monitor > Profiler > Violation Viewer tab
C. Security Monitor > Profiler > Network Profiler tab
D. Log Viewer > Profiler Log

Answer: D

QUESTION 4
When connecting to a sensor using SSH, which account do you use to login?

A. admin
B. super
C. netscreen
D. root

Answer: A

QUESTION 5
Which OSI layer(s) of a packet does the IDP sensor examine?

A. layers 2-7
B. layers 2-4
C. layer 7 only
D. layers 4-7

Answer: A

Click here to view complete Q&A of JN0-541 exam
Certkingdom Review

Best Juniper JN0-541 Certification, Juniper JN0-541 Training at certkingdom.com

Tuesday, 20 December 2016

JN0-943 Enterprise Routing and Switching, Expert

JN0-943 Enterprise Routing and Switching, Expert

At the pinnacle of the Enterprise Routing and Switching certification track is the 1-day JNCIE-ENT practical exam. This exam is designed to validate the networking professionals’ ability to deploy, configure, manage and troubleshoot Junos-based enterprise routing and switching platforms. Throughout this 8-hour practical exam, candidates will build an enterprise network infrastructure consisting of multiple routers and switching devices. Successful candidates will perform system configuration on all devices, configure protocols and features like IPV6, OSPF V2, OSPF V3, BGP, MSDP, PIM, SSM, RSTP, LLDP, 802.1x, CoS, routing policies.

The JNCIE-ENT is valid for two years. Re-certification is achieved by passing the current version of the JNCIP-ENT exam.

Exam topics may include:
System Services and Security
Interfaces
Ethernet Switching
IGPs
BGP
Protocol-Independent Routing
Multicast
Class of Service

System Services and Security
System Services
NTP
Syslog
sFlow
Authentication and authorization
Configuring archival
RPM
PoE
Securing the Control Plane
Stateless firewall configuration

Interfaces
Implementation of Interfaces
Aggregated Ethernet
VRRP
Ethernet OAM
GRE tunnels
BFD
Logical tunnel interfaces

Ethernet Switching
Spanning Tree Protocol
Multiple CIST
MSTP/VSTP/RSTP
xSTP interoperability
Multiple topologies
Optimization
VLANs
VLAN switching and trunking
Q-in-Q
IP Telephony
Private VLANs
Voice VLANs
Virtual Chassis
Master determination
Add/remove members
VCP and VCEP interfaces
Split detection
Security features
Port security features
Dynamic ARP inspection with DHCP snooping
Layer 2 firewall filters
MAC table filtering

IGPs
OSPF
Multi-area OSPF topologies
Filter and summarize routes
Network and link types
Route selection process
BFD
Redistribution
IPv6

BGP
Implementation and Troubleshooting
Routing policy
Route selection
2-byte and 4-byte AS
Multi-homed stub-AS
BFD

Protocol-Independent Routing
Load Balancing
Hash key
Per flow
Filter-based Forwarding
Based on Layer 4
Based on IFL
Configuring Routes
Aggregate
Static
Generated
Policies

Multicast
Implementation of Multicast
Shared tree and source tree
Designated router
RPF table manipulation
SSM
Extend the group range
SSM mapping
RP Redundancy
Anycast RP (PIM and MSDP)
BSR

Class of Service
Implementation
Loss priority
Rewrite rules
Shaping and policing
Scheduling
BA and MF classification
Drop profiles

Click here to view complete Q&A of JN0-943 exam
Certkingdom Review

Best Cisco JN0-943 Certification, Cisco JN0-943 Training at certkingdom.com

Monday, 19 December 2016

JN0-646 Enterprise Routing and Switching, Professional (JNCIP-ENT) Exam

JNCIP-ENT Exam Objectives (Exam: JN0-643 and JN0-646)

OSPF
Describe the concepts, operation and functionality of OSPFv2 and OSPFv3
OSPF LSA types
OSPF area types and operations
LSA flooding through an OSPF multi-area network
DR/BDR operation
SPF algorithm
Metrics, including external metric types
Authentication options
Route summarization and restriction
Overload
Virtual links
OSPFv2 vs OSPFv3
Given a scenario, demonstrate knowledge of how to configure and monitor single-area and multi-area OSPF
Implement OSPF routing policy

BGP
Describe the concepts, operation and functionality of BGP
BGP route selection process
Next hop resolution
BGP attributes - concept and operation
BGP communities
Regular expressions
Load balancing - multipath, multihop, forwarding table
NLRI families - inet, inet6
Advanced BGP options
Given a scenario, demonstrate knowledge of how to configure and monitor BGP
Implement BGP routing policy

IP Multicast
Describe the concepts, operation and functionality of IP multicast
Components of IP multicast, including multicast addressing
IP multicast traffic flow
Any-Source Multicast (ASM) vs. Source-Specific Multicast (SSM)
RPF - concept and operation
IGMP, IGMP snooping
PIM dense-mode and sparse-mode
Rendezvous point (RP) - concept, operation, discovery, election
SSM - requirements, benefits, address ranges
Anycast RP
MSDP
Routing policy and scoping
Given a scenario, demonstrate knowledge of how to configure and monitor IGMP, PIM-DM and PIM-SM (including SSM)
Implement IP multicast routing policy

Ethernet Switching and Spanning Tree
Describe the concepts, operation and functionality of advanced Ethernet switching
Filter-based VLANs
Private VLANs
Dynamic VLAN registration using MVRP
Tunnel Layer 2 traffic through Ethernet networks
Layer 2 tunneling using Q-in-Q and L2PT
Given a scenario, demonstrate knowledge of how to configure and monitor advanced Ethernet switching
Filter-based VLANs
Private VLANs
Dynamic VLAN registration using MVRP
Tunnel Layer 2 traffic through Ethernet networks
Layer 2 tunneling using Q-in-Q and L2PT
Describe the concepts, operation and functionality of advanced spanning tree protocols, including MSTP and VSTP
Given a scenario, demonstrate knowledge of how to configure and monitor MSTP and VSTP

Layer 2 Authentication and Access Control
Describe the operation of various Layer 2 authentication and access control features
Authentication process flow
802.1x - concepts and functionality
MAC RADIUS
Captive portal
Server fail fallback
Guest VLAN
Considerations when using multiple authentication/access control methods
Given a scenario, demonstration how to configure and monitor Layer 2 authentication and access control

IP Telephony Features
Describe the concepts, operation and functionality of features that facilitate IP telephony deployments
Power over Ethernet (PoE)
LLDP and LLDP-MED
Voice VLAN
Given a scenario, demonstrated how to configure and monitor features used to support IP Telephony

Class of Service (CoS)
Describe the concepts, operation and functionality of Junos CoS for Layer 2/3 networks
CoS processing on Junos devices
CoS header fields
Forwarding classes
Classification
Packet loss priority
Policers
Schedulers
Drop profiles
Shaping
Rewrite rules
Given a scenario, demonstrate knowledge of how to configure and monitor CoS for Layer 2/3 networks

Click here to view complete Q&A of JN0-646 exam
Certkingdom Review

Best Cisco JN0-646 Certification, Cisco JN0-646 Training at certkingdom.com

Monday, 12 December 2016

JN0-533 FWV, Specialist (JNCIS-FWV)

JNCIS-FWV Exam Objectives (Exam: JN0-533)

System Setup and Initial Configuration
Identify the concepts and components of ScreenOS software
Security architecture components
Packet flow and decision process
IPv6 packet handling
ScreenOS firewall/VPN product lines
System components
Demonstrate knowledge of how to configure basic elements of ScreenOS software
Interfaces
Zones
Management access and services
User accounts and authentication
Administrative lockout options
DNS configuration
NTP configuration
Describe how to configure and monitor interfaces
VLANs, aggregated Ethernet
Management interface
Bridge Group
Tunnel interfaces
Loopback interface
Interface modes
Redundant Ethernet
Identify the concepts and functionality of virtual systems (vsys)
vsys interfaces and zones
Inter-vsys routing
Profiles
CPU resource management

Layer 3 Operations
Identify the concepts and functionality of Layer 3 operations (IPv4 and IPv6)
Routing lookup flow
Virtual routers
Static and default routing
Dynamic routing - RIP, OSPF, BGP
Considerations for routing over VPNs
Route optimization and aggregation
Route redistribution; access lists and route maps
Source-based vs. policy-based routing
IPv6 modes
Demonstrate knowledge of how to configure, monitor and troubleshoot Layer 3 operations (IPv4 and IPv6)
Zones
Interfaces
IP addressing
Virtual router
Static/default routes, including floating static routes
RIP
OSPF
BGP
Redistribution
Access lists and route maps
Source-based and policy-based routing
Layer 3 verification
Layer 3 troubleshooting - get vrouter, debug, flow filter, session table

Security Policies
Identify the concepts and functionality of security policies
Zones and policies
Policy components
Policy options
Policy ordering
Policy scheduling
Global policies
Multicell policies
Address books
Policing and guaranteed bandwidth
Services
Demonstrate knowledge of how to configure, monitor and troubleshoot security policies
Address books and address groups
Services and service groups
Policy verification
Policy troubleshooting - debug, get session

NAT
Identify the concepts and functionality of NAT
Interface-based vs. policy-based NAT
NAT type usage
Source NAT (NAT-src)
Dynamic IP addresses (DIP)
Destination NAT (NAT-dst)
Virtual IP addresses (VIP)
Mapped IP addresses (MIP)
Precedence
Demonstrate knowledge of how to configure, monitor and troubleshoot NAT
Policy-based NAT
Dynamic IP addresses (DIP)
Reachability/Routing
VIP and MIP
NAT verification
NAT troubleshooting - debug, get session, and traffic logs

IPsec VPNs
Identify the concepts and functionality of IPsec VPNs
Secure VPN characteristics and components
Encapsulating Security Payload (ESP)
Authentication Header (AH)
IPsec tunnel establishment - Internet Key Exchange (IKE)
Hub-and-spoke IPsec VPNs
Policy-based vs. route-based IPsec VPNs
Next-hop tunnel binding (NHTB)
Next Hop Resolution Protocol (NHRP)
Fixed vs. dynamic peers
Tunnel interfaces
Preshared keys
VPN Monitor
Demonstrate knowledge of how to configure, monitor and troubleshoot IPsec VPNs
Interfaces
Objects
IKE
Policy
Routing
VPN Monitor
IPsec VPN verification
IPsec VPN troubleshooting - system/event log, debug, get ike, get sa

High Availability
Identify the concepts and requirements for high availability (HA) in a ScreenOS firewall/VPN environment
NetScreen Redundancy Protocol (NSRP) characteristics
NSRP modes; usage guidelines
Links, ports and zones
Virtual security device (VSD), virtual security interfaces (VSI) and VSD groups
VSD states
Run-time objects (RTOs)
HA probes
Failover tuning
IP tracking
Virtual Router Redundancy Protocol (VRRP)
Redundant interfaces
Links between the firewalls
Redundant VPN gateways
Demonstrate knowledge of how to configure, monitor and troubleshoot HA
HA link
Cluster settings
Interfaces
VSD settings
RTO synchronization
Tracking and monitoring
Redundant interface
HA verification
HA monitoring for VPNs - IKE heartbeats, dead peer detection
HA troubleshooting - debug, get interface, get nsrp stats

Attack Prevention
Describe the purpose, configuration and operation of Screens
Attack types and phases
Screen options
Best practices
Configuration, verification and troubleshooting
Describe the purpose, configuration and operation of deep inspection (DI)
Attack object database
Custom attack objects
Signature database update methods
DI policies and actions
Licensing
Configuration, verification and troubleshooting
Describe the purpose, configuration and operation of Unified Threat Management (UTM)
Antispam profiles
Actions
Spam block list (SBL)
Antivirus scanning methods and options
Antivirus flow process
Licensing
Web filtering features and solutions
Data flow
Search order
White lists, black lists and categories
Configuration, verification and troubleshooting

System Administration, Management and Monitoring
Demonstrate knowledge of how to manage and monitor a ScreenOS firewall/VPN environment
File management
Password recovery
Licensing
Logs
Syslog
SNMP
Alarms
Counters

QUESTION 1
Which ScreenOS security feature helps protect against port scans and denial of service attacks?

A. session-based stateful firewall
B. IPsec VPNs
C. security policies
D. Screen options

Answer: B

Explanation:

QUESTION 2
What is the initial default username and password for all ScreenOS devices?

A. administrator/password
B. root/password
C. netscreen/netscreen
D. admin/netscreen1

Answer: D

Explanation:

QUESTION 3
What is a virtual system?

A. a mechanism to logically partition a single ScreenOS device into multiple logical devices
B. a collection of subnets and interfaces sharing identical security requirements
C. a method of providing a secure connection across a network
D. a tool to protect against DoS attacks

Answer: C

Explanation:

QUESTION 4
What is a zone?

A. a set of rules that controls traffic from a specified source to a specified destination using a
specified service
B. a collection of subnets and interfaces sharing identical security requirements
C. a method of providing a secure connection across a network
D. a tool to protect against DoS attacks

Answer: C

Explanation:

QUESTION 5
What is the function of NAT?

A. It performs Layer 3 routing.
B. It evaluates and redirects matching traffic into secure tunnels.
C. It provides translation between IP addresses.
D. It performs Layer 2 switching.

Answer: B

Explanation:

Click here to view complete Q&A of JN0-533 exam
Certkingdom Review

Best Cisco JN0-533 Certification, Cisco JN0-533 Training at certkingdom.com

Thursday, 8 December 2016

JN0-696 Security Support, Professional (JNCSP-SEC)

JNCSP-SEC Exam Objectives (Exam: JN0-696)

Security Policy Troubleshooting
Given a scenario, demonstrate knowledge of how to troubleshoot security policy evaluation issues on Junos devices
Transit traffic issues
To-the-device traffic issues
Default and global policy issues
Zone issues
Address book issues
Filter-based forwarding
NAT issues
Configuration issues

IPSec VPN Troubleshooting
Given a scenario, demonstrate knowledge of how to troubleshoot IPSec VPN issues on Junos device
Route-based VPN issues
Policy-based VPN issues
IKE phase 1 issues
IKE phase 2 issues
Configuration issues

Application-Aware Security Services Troubleshooting
Given a scenario, demonstrate knowledge of how to troubleshoot Junos AppSecure issues
AppID issues
AppTrack issues
AppFW issues
AppDoS issues
AppQoS issues
Configuration issues

Intrusion Prevention Troubleshooting
Given a scenario, demonstrate knowledge of how to troubleshoot Junos Intrusion Prevention System (IPS) issues
Licensing and platform issues
Signature database issues
IPS and security policy issues
Configuration issues

Unified Threat Management (UTM) Troubleshooting
Given a scenario, demonstrate knowledge of how to troubleshoot UTM issues on Junos devices
Licensing and platform issues
Antivirus issues
Antispam issues
Content-filtering issues
Web-filtering issues
UTM and security policy issues
Configuration issues

High Availability (HA) Clustering Troubleshooting
Given a scenario, demonstrate knowledge of how to troubleshoot chassis cluster issues on Junos devices
Cluster architecture issues
Cluster component issues
Cluster mode issues
Configuration issues

QUESTION 1
You are having problems establishing an IPsec tunnel between two SRX Series devices.
What are two explanations for this problem? (Choose two.)

A. proposal mismatch
B. antivirus configuration
C. preshared key mismatch
D. TCP MSS clamping is disabled

Answer: B,D

Explanation:

QUESTION 2
Two SRX Series devices are having problems establishing an IPsec VPN session. One of the
devices has a firewall filter applied to its gateway interface that rejects UDP traffic.
What would resolve the problem?

A. Disable the IKE Phase 1 part of the session establishment.
B. Disable the IKE Phase 2 part of the session establishment.
C. Change the configuration so that session establishment uses TCP.
D. Edit the firewall filter to allow UDP port 500.

Answer: A

Explanation:

QUESTION 3
Your SRX Series device has the following configuration:
user@host> show security policies
...
Policy: my-policy, State: enabled, Index: 5, Sequence number: 1
Source addresses: any
Destination addresses: any
Applications: snmp
Action: reject
From zone: trust, To zone: untrust
...
When traffic matches my-policy, you want the device to silently drop the traffic; however, you
notice that the device is replying with ICMP unreachable messages instead.
What is causing this behavior?

A. the snmp application
B. the reject action
C. the trust zone
D. the untrust zone

Answer: C

Explanation:

QUESTION 4
You want to allow remote users using PCs running Windows 7 to access the network using an
IPsec VPN. You implement a route-based hub-and-spoke VPN; however, users report that they
are not able to access the network.
What is causing this problem?

A. The remote clients do not have proper licensing.
B. Hub-and-spoke VPNs cannot be route-based; they must be policy-based.
C. The remote clients' OS is not supported.
D. Hub-and-spoke VPNs do not support remote client access; a dynamic VPN must be
implemented instead.

Answer: B

Explanation:

Click here to view complete Q&A of JN0-696 exam
Certkingdom Review

Best Cisco JN0-696 Certification, Cisco JN0-696 Training at certkingdom.com

Monday, 5 December 2016

JN0-355 Junos Pulse Secure Access, Specialist (JNCIS-SA)

JNCIS-SA Exam Objectives (Exam: JN0-355)

Overview
Components and elements
Component functions, interaction and relationships
Junos Pulse Gateway and Virtual Appliance product lines
Licensing
Deployment considerations and integration options
SSL, TLS and digital certificates overview
Access methods

Initial Configuration
Configure the basic elements of a Junos Pulse Secure Access Service environment
Initial configuration via CLI
Initial configuration via admin UI

Roles
Describe the concepts, operation and functionality of roles
Purpose of roles
Role mapping and merging
Customization of the end-user experience
Configure roles
Roles and role options

Policies and Profiles
Describe the concepts, operation and functionality of policies and profiles
Purpose of policies; policy types and elements
Purpose of profiles and profile types
Interrelationship and usage guidelines
Configure policies and profiles
Policies and policy options
Profiles and profile options

Authentication
Describe the authentication process for the Junos Pulse Secure Access Service
Authentication elements
Sign-in process
Digital certificates
Certificate validation process
Advanced authentication options
Configure authentication
Authentication servers
Authentication realms
Role mapping
Sign-in policies
Certificates
Advanced options

Client/Server Communications
Identify and describe client/server applications
WSAM
JSAM
VPN tunneling
Configure client/server applications
SAM
VPN tunneling

Junos Pulse Client
Describe the features, benefits and functionality of the Junos Pulse client
Components and features
Configure the Junos Pulse client
WSAM application access
VPN tunneling

Junos Pulse Collaboration
Describe the features, benefits and functionality of Junos Pulse Collaboration
Components and features
Deployment
Collaboration client
Scheduling meetings
Monitoring meetings
Configure Junos Pulse Collaboration
Collaboration configuration
Meeting options
Pulse Connection

Endpoint Security
Describe the concepts, operation and functionality of endpoint security
TNC architecture
Host Checker
Enhanced Endpoint Security (EES)
Secure Virtual Workspace (SVW)
Cache Cleaner
Enforcement
Configure endpoint security
Host Checker
Enhanced Endpoint Security (EES)
Secure Virtual Workspace (SVW)
Cache Cleaner

Virtualization
Describe the concepts, operation and functionality of virtualization in a Junos Pulse Secure Access Service environment
Concepts and components
Virtual appliances
Virtual Desktop Infrastructure
Configure virtualization
Licensing
Virtual desktops

High Availability
Describe the concepts and requirements for high availability in a Junos Pulse Secure Access Service environment
Clustering
Deployment options and considerations
Licensing
Configure high availability
Clustering configuration
Upgrades

Administration, Management and Troubleshooting
Demonstrate knowledge of how to manage and troubleshoot a Junos Pulse Secure Access Service environment
Configuration file management
Backup and archiving
Logging
System monitoring
Statistics
Policy tracing
Packet capture tools
Connectivity testing tools
Session recording
System snapshot
Client connectivity

QUESTION 1
Which two statements are correct regarding the MAG6611 Junos Pulse Gateway in an
active/active cluster configuration? (Choose two.)

A. Virtual IP (VIP) is available.
B. It supports up to two devices.
C. It supports up to four devices.
D. External load balancing is preferred.

Answer: C,D

Explanation:

QUESTION 2
What is the function of the smart caching setting within a Web caching policy?

A. to send the cache control compress header to the client
B. to remove the cache control headers from the origin server
C. to not modify the cache control header from the origin server
D. to send the appropriate cache control header based on Web content.

Answer: D

Explanation:

QUESTION 3
You have configured RADIUS authentication on the Junos Pulse Secure Access Service. Users
report that their authentication is rejected. The RADIUS administrator reports that the RADIUS
server requires a specific attribute that identifies the Junos Pulse Secure Access Service on the
RADIUS server.
In the Admin UI, which configuration parameter will address this issue?

A. Name
B. NAS-Identifier
C. RADIUS Server
D. Shared Secret

Answer: B

Explanation:

QUESTION 4
What are three benefits that resource profiles provide over resource policies? (Choose three.)

A. Resource profiles provide automatic mapping of users to roles.
B. Resource profiles provide a simplified process for creating bookmarks and resource policies.
C. One profile can be assigned to multiple roles.
D. Resource options can be customized for each profile.
E. Resource profiles provide a simplified process for configuring applications such as VPN
tunneling.

Answer: B,C,D

Explanation:

QUESTION 5
You must deploy VPN tunneling using Network Connect to multiple Microsoft Windows devices.
Due to access restrictions, the users do not have permission to install WSAM.
Which component resolves this issue?

A. Juniper Installer Service
B. Host Checker
C. third-party integrity measurement verifier
D. Windows Secure Application Manager scriptable launcher

Answer: A

Explanation:

Click here to view complete Q&A of JN0-355 exam
Certkingdom Review

Best Cisco JN0-355 Certification, Cisco JN0-355 Training at certkingdom.com

Tuesday, 22 November 2016

650-472 S802DT1X Introduction to 802.1X Operations for Cisco Security Professionals Exam

Exam Number 650-472
Last day to test: December 31, 2016
Duration 60 minutes (60-65 Questions)
Available Languages English

This exam will test field engineers' knowledge on the 802.1X concepts, components, and operations, and TrustSec authentication, access control, and end-user policy. Candidates will be tested on how to identify the steps and options for configuring a switch and a Wireless LAN Controller for 802.1X operations with Identity Services Engine (ISE) as the authentication server to authorize network access to employees and guests.

Exam Topics
The following topics are general guidelines for the content likely to be included on the exam. However, other related topics may also appear on any specific delivery of the exam. In order to better reflect the contents of the exam and for clarity purposes, the guidelines below may change at any time without notice.

Identity based networking concepts
IEEE 802.1X concepts, architecture, and requirements for deployment
Component requirements for 802.1X operations
IEEE 802.1X operations in wired and wireless environment
Designing Identity Based Networks with 802.1X and ISE

QUESTION 1
Which two statements represent good use cases for Wake on LAN? (Choose two.)

A. WoL can be used to power-up hosts for on-demand PXE booting.
B. WoL can be used to power-up hosts for after-hours operating system updates and application patching.
C. WoL can be used to power-up hosts to access the IPMI.
D. WoL can be used to save electricity by powering down underused servers and desktops.

Answer: A,B

Explanation:

QUESTION 2
Which two choices are valid methods of authorizing a wired supplicant? (Choose two.)

A. EAP-FAST
B. VLAN assignment
C. dACL
D. EAPOL
E. RADIUS

Answer: B,C

Explanation:

QUESTION 3
Which two statements about MACsec security are true? (Choose two.)

A. MACsec is an IEEE standard that is defined by 802.3AE.
B. MACsec leverages an 802.1X EAP framework to negotiate the MACsec Key Agreement.
C. MACsec is an IETF standard that is defined by RFC 4501.
D. MACsec can negotiate a MACsec Key Agreement without 802.1X.
E. MACsec is an IETF standard that is defined by RFC 4505.
F. MACsec is an IEEE standard that is defined by 802.1AE.

Answer: B,F

Explanation:

QUESTION 4
Which statement correctly defines a persona?

A. A Cisco ISE node can be configured as a primary or backup persona.
B. Persona refers to collections of services running on a Cisco ISE node.
C. A Cisco ISE node can be configured as a wired or wireless persona.
D. Persona relates to the collection of 802.1X services configured on a Cisco Catalyst switch.
E. Persona refers to the collection of EAP methods available to a supplicant.
F. A Cisco ISE node can be configured as a standalone or distributed persona.

Answer: B

Explanation:

Click here to view complete Q&A of 650-472 exam
Certkingdom Review

Best Cisco 650-472 Certification, Cisco 650-472 Training at certkingdom.com

Monday, 14 November 2016

650-665 CSPWCHD Cisco SP Video Wireline and Cable Headend Design for SE for Validating Knowledge (not for Cisco Certification)

SE Cisco SP Video Wireline Cable Headend Design (650-665)

Exam Description:
The 650-665 Cisco SP Video Wireline and Cable Headend Design for SE (CSPWCHD) 650-665 exam is a 45-minute test with 25–35 questions. The exam tests a candidate's knowledge on designing a service provider Wireline or cable video solution, configuring and testing the solution, and comparing it against competitive solutions by articulating key differentiators. Candidates can prepare for this exam by taking the Authorized Service Provider Video Partner Wireline and Cable Headend Design track of training, including Phases I, II, and III.

The following topics are general guidelines for the content that is likely to be included on the exam. However, other related topics may also appear on any specific instance of the exam. To better reflect the contents of the exam and for clarity purposes, these guidelines may change at any time without notice.

100% 1.0 SE Cisco SP Video Wireline Cable Headend Design
QUESTION 1
Which output formats are available from an IRD?

A. baseband, ASI and MPEGoIP
B. RF, SDI and optical
C. QAM, optical, and analog
D. RF, ASI, and MPEGoIP

Answer: A

Explanation:

QUESTION 2
What network management system can monitor and control video headend equipment?

A. ANA
B. Cisco Works
C. ROSA
D. SNMP

Answer: C

Explanation:

QUESTION 3
What is the modulation format used in Digital Video Broadcast-S?

A. QAM 256
B. FDM
C. QPSK
D. FM

Answer: C

Explanation:

Click here to view complete Q&A of 650-665 exam
Certkingdom Review

Best Cisco 650-665 Certification, Cisco 650-665 Training at certkingdom.com

Sunday, 6 November 2016

700-172 FlexPod Sales

700-172 FlexPod Sales
Exam Description:
The FlexPod Sales (700-172) exam is a 45-minute, 35−45 item exam that assesses how sales teams can effectively position FlexPod in the Data Center. Some of the topics assessed are how to consider the challenges faced by business and IT today and how this relates to FlexPod opportunities. The exam also assesses who “the customer” is and the importance of applications to many of the customers that are influential in purchasing application-based solutions.
The following topics are general guidelines for the content likely to be included on the exam. However, other related topics may also appear on any specific delivery of the exam. In order to better reflect the contents of the exam and for clarity purposes, the guidelines below may change at any time without notice.

30% 1.0 Customer Challenges and Business Value of FlexPod
1.1 Identify the customer challenges addressed and the corresponding value that the FlexPod architecture brings
1.1.a Responsiveness and speed of delivery
1.1.b Limited IT staff and budget
1.1.c Provisioning complexity
1.1.d Exponential data growth
1.1.e Staying competitive in their market space
1.1.f Data security
1.1.g Mobile workforce productivity
1.1.h Application availability and rollout complexity
1.1.i Application characteristics

1.2 Describe the business value proposition of converged infrastructure vs legacy infrastructure
1.2.a Describe how FlexPod delivers business agility by accelerating application development
1.2.b Describe how FlexPod mitigates risk
1.2.c Describe operational efficiency through standardization of deployment
1.2.d Describe how FlexPod enables different cloud models

1.3 Identify what makes the FlexPod architecture superior to alternate solutions
1.3.a Cisco Validated Designs (CVD)
1.3.b Open approach toward various workloads and hypervisors
1.3.c Unified architecture
1.3.d Storage efficiency
1.3.e Clustering technology
1.3.f Cisco Unified support
1.3.g Converged infrastructure (#1 system worldwide) 2013 Cisco Systems, Inc. This document is Cisco Public. Page 1
1.3.h Scale up vs scale out discussion (standard FlexPod slide)
1.3.i Secure multitenancy

1.4 Describe competitive landscape and positioning vs. other architectures and offerings
1.4.a Reference architecture approach allows customer to buy what they need
1.4.b Extensive library of validate workloads across virtualization platforms and bare metal deployments
1.4.c Scalable solutions from mid-market with FlexPod Express to the Data Center and service providers with FlexPod Datacenter
1.4.d Integrated co-operative support include hypervisors
1.4.e Integrated unified storage and networking architecture
1.4.f Secure multitenancy

19% 2.0 Technical Features and Value of the Constituent Components
2.1 Describe Cisco Unified Computing System (UCS) and the value proposition
2.1.a Cisco UCS service profiles, stateless computing, simplified deployment for non-virtualized workloads
2.1.b Identify supported hypervisors (VMware, Microsoft, XenServer)
2.1.c Articulate the Cisco UCS market Impact
2.2 Describe Cisco Nexus family
2.2.a Describe the value proposition of Cisco Unified fabric – power, cooling, and cabling savings aspect
2.2.b Identify the benefits of various fabric options (switches, fabrics, and interconnects)
2.3 Describe NetApp storage
2.3.a Identify the benefits of a NetApp storage architecture
2.3.a (i) Leading storage efficiency
2.3.a (ii) Nondisruptive operations
2.3.a (iii) Seamless platform scalability
2.3.a (iv) Ease of management
2.3.a (v) Enable cloud computing evolution into hybrid environment
2.3.b Describe the differences between 7 Mode, Clustered Data ONTAP, and E Series
2.3.c Describe the characteristics of a unified storage platform

19% 3.0 FlexPod Management, Automation, and Orchestration
3.1 Describe the differences between management, automation, and orchestration
3.1.a Management
3.1.b Automation
3.1.c Orchestration
3.2 Identify the appropriate cloud solution for the customer use case (private, public, and hybrid)
3.2.a Private cloud
3.2.b Public cloud
3.2.c Hybrid cloud

20% 4.0 Application Workloads and Use Cases Enabled by FlexPod
4.1 Describe IT business transformation and related business process and application drivers
4.1.a Increase demand for more agile IT infrastructure to meet the business need
4.1.b Requirement to increase the efficiency within the data center
4.1.c Enable simple scaling of the infrastructure to meet the business requirements
4.1.d Enable future development of a hybrid cloud strategy
4.1.e Meet regulatory requirements
4.1.f Limited IT resources for managing infrastructure
4.1.g Requirement for IT to become a business enabler
4.1.h Transformation of IT from a builder of infrastructure to a provider of services
4.1.i Enable IT to be prepared for new workloads generated for new channels, such as mobile
4.1.j Enable the business to consume IT on demand
4.2 Identify various application buying centers within organizations – LOB, consultant, architect, server admins, VP of IT, CIO, Facilities, and Procurement
4.2.a Head of IT – Manager / VP / CIO
4.2.b Security office
4.2.c Business unit owner
4.2.d Application owner
4.2.e Application administrator
4.2.f Database administrator
4.2.g Infrastructure manager
4.2.h Operations management
4.2.i Data center manager
4.2.j Network manager
4.2.k Storage manager
4.2.l Data protection / backup administrator
4.2.m Procurement
4.3 Determine customer critical applications, insertion points and risk factors
4.3.a Business critical
4.3.a (i) Applications viewed as critical will vary between companies and based on the level of impact that downtime or logical corruption would have on the business
4.3.a (ii) ERP
4.3.a (iii) Collaboration – email and messaging
4.3.a (iv) Finance and accounting
4.3.a (v) Core databases
4.3.a (vi) Web-portals
4.3.a (vii) CRM
4.3.a (viii) Payroll
4.3.a (ix) Business Intelligence
4.3.b Risk factors
4.3.b (i) Network link failures
4.3.b (ii) Hardware failures
4.3.b (iii) Thermal or cooling issues 2014 Cisco Systems, Inc. This document is Cisco Public. Page 3
4.3.b (iv) Finance and accounting
4.3.b (v) Power failures
4.3.b (vi) Application or database failures
4.3.b (vii) Human error
4.3.b (viii) Malicious intent
4.3.b (ix) Building-level disruption
4.3.b (x) Metro-level disruption
4.3.b (xi) Regional disruption
4.4 Describe the need to collaborate with application software and hardware vendors
4.4.a All IT environments are made up of storage, networking, compute, operating system, application and management components that work together to create a solution.
4.4.b Each part within the solution has a dependency on one or more other layers, so working with vendors who work closely together minimizes the risk when deploying an infrastructure.
4.4.c Collaboration between vendors enables optimization of the infrastructure to ensure the best price, performance and reliability of an infrastructure.
4.5 Describe the different use cases and application workloads that can be virtualized and nonvirtualized and describe how FlexPod meets their needs
4.5.a Describe n-tier architecture
4.5.b Describe applications and service opportunities
4.5.b (i) Oracle (E-Business Suite, Siebel, PeopleSoft)
4.5.b (ii) SAP (HANA, NetWeaver, Business Suite)
4.5.b (iii) Microsoft (Exchange, Hyper-V, SharePoint, SQL, System Center)
4.5.b (iv) IBM (WebSphere, Tivoli, Rational Software, Informix)
4.5.c Identify application acronyms: CRM, SCM, PLM, HRIS, BI/DSS, ERP, FM
4.5.d Identify situations best suited for using virtualization (scenario questions)
4.5.e Application dependent
4.5.f Database – no
4.5.g Web, Microsoft, desktop, general purpose – yes
4.5.h Identify situations best suited for using bare-metal implementation
4.5.i Capacity, security, and corporate guidelines
4.5.j How FlexPod enhances desktop and server virtualization
4.5.k Identify applications addressed by CVDs

12% 5.0 FlexPod Programs, Tools, and Resources
5.1 Describe Premium Partner program and FlexPod Premium framework
5.1.a Identify what FlexPod Premium partners bring to the table (NetApp/Cisco certified training)
5.1.a (i) A scalable framework from Cisco and NetApp that recognizes and rewards partners for achieving the highest level of FlexPod competency
5.1.a (ii) A mutual investment from Cisco and NetApp to deliver greater value to those partners
5.1.a (iii) A single set of qualification criteria to identify and differentiate partners with highest level of competency 2014 Cisco Systems, Inc. This document is 5.1.a (iv) An opportunity to communicate with one voice to highest level of FlexPod partners
5.1.a (v) Incremental benefits
5.2 Describe FlexPod Partner profitability
5.2.a Rebate program
5.2.b Partner sales desk
5.2.c Extra margin programs and Cisco UCS Breakaway
5.2.d Cisco UCS and Nexus front-end partner programs, such as SIP and OIP
5.2.e Cisco UCS SmartPlay bundles
5.3 Identify FlexPod resources and tools
5.3.a Describe CiscoNetApp.com, Cisco.com, and NetApp partner portal
5.3.b Describe the CVD warehouse (design zone)
5.3.c Describe the ROI and TCO tools
5.3.d Describe the FlexPod support model

1. Overview
This document provides configuration guidance for users of Cisco® IOS SSLVPN. This feature is
designed to terminate SSL VPN connections on Cisco IOS Software-based routers (1800, 2800,
3700, 3800, 7200, and 7301). SSL VPN is comparable to and complements the popular IP
Security (IPsec) remote-access VPN.

The testing was performed at the NSITE lab in Research Triangle Park, North Carolina (RTP) on
the devices defined above. The objective of the testing was to configure and test interaction of
Cisco IOS SSLVPN with authentication, authorization, and accounting (AAA) policies using the
backup authentication setup. This is typically used by a provider with redundant AAA servers.
Advantage: The primary advantage of backup AAA authentication is the provider can have
redundant AAA servers. In the event of failure, users will still be authenticated. This setup can be
used with any of the AAA designs, and will work with authentication domains.
Note: All Cisco IOS SSL VPN/WebVPN features are included in a single, cost-effective license
that would be purchased separately. You can purchase the feature license in packs of 10, 25, or
100 simultaneous users directly from the Cisco.com configuration tool. If you already have a
router, use the following SKUs to order the license: FL-WEBVPN-10-K9=, FL-WEBVPN-25-K9=,
FL WEBVPN 100-K9=. Check the data sheet to find the maximum supported users for your platform.

2. Audience
This configuration guide is intended for customers and partners working to provide configuration
guidelines and best practices for smaller SSL VPN deployments.

3. Network Topology
Figure 1 shows a Cisco IOS SSL VPN topology that uses redundant AAA servers.
Figure 1. Cisco IOS SSL VPN Topology with Redundant AAA Servers

4. Basic Configurations
4.1 Global AAA Configuration
When the primary AAA server is unreachable, the service provider will typically have a backup
AAA server. When the router does not get a pass/fail response from the primary server, it will
eventually time out. Next it will send the request to the secondary server. It will work with the
authentication domains as well, but this will need to be set up on both servers.

Click here to view complete Q&A of 700-172 exam
Certkingdom Review

Best Cisco 700-172 Certification, Cisco 700-172 Training at certkingdom.com

Friday, 4 November 2016

700-070 IX5K Cisco TelePresence IX5000 Series Immersive Solutions

Exam Number 700-070 IX5K
Associated Certifications Cisco TelePresence Solutions Specialist
Cisco TelePresence Video Master Authorized Technology Provider Program (ATP)
Duration 60 minutes (45-55 questions)
Available Languages English

This exam is designed to provide students with a strong understanding of the installation, configuration, operation, maintenance, and troubleshooting of the Cisco IX5000 and IX5200 systems. The Cisco IX5000 exam assessment topics include features and options, physical installation, configuration, operations, maintenance, upgrades, and troubleshooting.

The Cisco TelePresence IX5000 Series Immersive Solutions exam (700-070) is a 60 minute, 45-55 question assessment that is associated with the Cisco IX5000 Series Immersive Solutions course. The Cisco IX5000 Series Immersive Solutions course is designed to provide students with a strong understanding of the installation, configuration, operation, maintenance, and troubleshooting of the Cisco IX5000 and IX5200 systems. The Cisco IX5000 exam assessment topics include features and options, physical installation, configuration, operations, maintenance, upgrades, and troubleshooting.

The following topics are general guidelines for the content likely to be included on the exam. However, other related topics may also appear on any specific delivery of the exam. In order to better reflect the contents of the exam and for clarity purposes, the guidelines below may change at any time without notice.

1.0 Immersive TelePresence 10%
1.1 Describe Immersive TelePresence and how it is implemented
1.2 Describe the Cisco IX5000 Series system characteristics

2.0 Cisco IX5000 Overview 10%
2.1 Identify the components of the IX5000 Series endpoints
2.2 Identify the components of the infrastructure needed to support the IX5000 Series

3.0 Cisco IX5000 Installation Overview 15%
3.1 Describe the pre-installation tasks for the IX5000 Series
3.2 Describe the physical setup of the IX5000 Series systems
3.3 Describe the electrical, network, and system wiring tasks for the IX5000 Series
3.4 Describe first-time setup considerations for the IX5000 Series endpoints
3.5 Describe the optional hardware peripheral devices available with the IX5000 Series endpoints

4.0 Cisco IX5000 Configuration 15%
4.1 Explain how to configure the infrastructure that supports the IX5000 Series
4.2 Explain how to configure the IX5000 endpoint

5.0 Cisco IX5000 Operations 20%
5.1 Explain how to schedule OBTP calls with the IX5000 System and Cisco TMS
5.2 Explain how to use the Cisco Touch Control Panel to place and manage calls on the IX5000 Series
5.3 Explain how to share content using the IX5000 Series
5.4 Explain how to change user controlled options on the IX5000 Series

6.0 Cisco IX5000 Maintenance 15%
6.1 Describe basic maintenance tasks for the IX5000 endpoint
6.2 Describe basic maintenance tasks for the infrastructure that supports the IX5000
6.3 Describe the upgrade considerations for the IX5000 Series

7.0 Cisco IX5000 Basic Troubleshooting 15%
7.1 Describe common issues that can be encountered by IX5000 users
7.2 Describe how to troubleshoot common problems for the IX5000 Series

QUESTION 1
What causes echo or reverberation in the room during a call?

A. too many acoustic panels
B. too many hard surfaces
C. too many people
D. too many devices

Answer: B

Explanation:
A common problem with rooms larger than the Cisco recommended dimensions is excessive
reverberation. Large rooms with smooth surface areas such as glass or long parallel walls reflect
more sound and in some cases create a noticeable echo, giving the room a ‘boomy’ or ‘echoy’
effect. Additionally, rooms with hard floors or hard-finished ceilings have more reverberation due to
the increased hard-surface areas present. Generally reverberation is more of a concern for
participants in the room than for the audio being shared with the other side of the Immersive Cisco
TelePresence meeting.
Reference:http://www.cisco.com/c/dam/en/us/solutions/collateral/collaboration-endpoints/c07-
643449-00_tp_dg.pdf

QUESTION 2
What is the purpose of the IX5000?

A. immersive collaboration
B. mobile-device use
C. desktop use
D. home use

Answer: A

Explanation:

QUESTION 3
Which two peripheral devices are available for the IX5000? (Choose two.)

A. additional Touch 12 screens
B. additional Touch 10 screens
C. additional Touch 8 screens
D. document scanner
E. auxiliary monitors

Answer: B,E
Reference:
http://www.cisco.com/c/en/us/td/docs/telepresence/ix5000/recommendations/ix5000_room_require
ments.html

QUESTION 4
Which two standards does the IX5000 codec support? (Choose two.)

A. H.324
B. H.320
C. H.265
D. G.729AB
E. G.728

Answer: A,C

Explanation:

QUESTION 5
Which infrastructure component is needed for OBTP?

A. Prime Collaboration
B. Cisco VCS
C. Cisco TMS
D. Cisco TelePresence System

Answer: C

Explanation:
The Cisco TelePresence Management Suite (TMS) is delivered as a management appliance or
software that can be loaded on a server. Cisco TMS provides one-button-to-push (OBTP) call
launching, scheduling, monitoring, and provisioning for TelePresence endpoints registered with
the VCS.
Reference:
http://www.cisco.com/c/en/us/td/docs/voice_ip_comm/uc_system/design/guides/videodg/vidguide/infrastr.html

Click here to view complete Q&A of 700-070 exam
Certkingdom Review

Best Cisco 700-070 Certification, Cisco 700-070 Training at certkingdom.com

Tuesday, 1 November 2016

810-403 OUTCOMES Selling Business Outcomes

810-403 OUTCOMES Selling Business Outcomes

Exam Number 810-403
Associated Certifications Cisco Business Value Specialist
Duration 90 Minutes (60 - 70 questions)
Available Languages English, French, Japanese

This exam tests a candidate's knowledge and skills related to selling technology services and solutions with a business outcome focus. Questions cover essential capabilities to grow pipeline and revenue through work across sales stages from "Prospect" through "Close".

13% 1.0 Business Outcomes Sales Approach
1.1 Identify concepts and elements of business outcome-based sales approach
1.2 Explain the value of business outcome-based sales
1.3 Identify new skills for business outcome-based sales
1.4 Explain the difference between product and business outcome-based sales
1.5 Describe the three types of outcomes

20% 2.0 Customer Business Environment
2.1 Identify key customer stakeholders
2.2 Identify business outcome-based opportunities across industry verticals
2.3 Describe the business impact from emerging products and services
2.4 Describe the link between Cisco solutions and services to business outcomes
2.5 Describe the importance of Key Performance Indicators (KPIs)
2.6 Describe the importance of Critical Success Factors (CFSs)

25% 3.0 Customer Business Context, Challenges, and Opportunities
3.1 Analyze stakeholder expectations and their approach for technology purchases and adoption
3.2 Apply the stakeholder power/influence grid to identify and manage stakeholders
3.3 Identify business outcomes that are based on the customer business context and business requirements
3.4 Describe how business outcome-based sales impacts the customer value proposition
3.5 Apply the business model canvas to define the customer environment, business model, and motivators for change
3.6 Interpret the financial impact on business value, opportunities, and challenges in business outcome-based selling
3.7 Describe the four types of requirements for the customer's business

25% 4.0 Outcome-Based Opportunity for Customer Impact
4.1 Identify customer priorities for required business outcomes
4.2 Identify required consumption models
4.3 Describe Cisco solutions and services that will enable business outcomes for the customer
4.4 Identify business outcome-based opportunities from licensing models
4.5 Define customer decision criteria and key performance indicators to measure business outcomes
4.6 Interpret benefits and costs from a business outcome-based sales approach

17% 5.0 Manage and Communicate with Stakeholders
5.1 Describe the process for communicating with stakeholders
5.2 Describe the Cisco sales enablement resources to enhance the business outcome-based experience for the stakeholders
5.3 Determine a business outcome-based sales plan that is aligned with stakeholders need
5.4 Apply the Seven Elements Framework for communicating and negotiating with stakeholders
5.5 Articulate the business value of the proposed solution to stakeholders
5.6 Describe the components of the process to gain stakeholder support

QUESTION 1
Which option must you know when you plan to negotiate or reach agreement?

A. underlying Interests of the stakeholders
B. timing for decision on purchases
C. the customer budget
D. Cisco offerings

Answer: A

QUESTION 2
Which two activities require strong facilitation skills for gathering qualitative data? (Choose two.)

A. workshop
B. focus group
C. survey
D. questionnaire
E. interview

Answer: A,B

QUESTION 3
Which two dimensions are used in the stakeholder power grid? (Choose two.)

A. Influence/Authority
B. Power/Influence
C. Interest/Empathy
D. Interest/Support
E. Consensus/Support

Answer: B,D

QUESTION 4
Which two options are reasons why effective communications is key to success? (Choose two.)

A. It allows effective interaction between stakeholders.
B. Can help mitigate the intrinsic risks within negotiation.
C. It allows other strengths to create maximum impact.
D. Can help lessen the impact of business weakness.

Answer: A,D

QUESTION 5
Which are the four types of requirements for aligning outcomes to business needs?

A. Business, Functional, Strategic,Tactical
B. Strategic, Tactical, Operational, Procedural
C. Functional, Operational, Administrative, Strategic
D. Business, Technical, Functional, Transitional

Answer: D

Click here to view complete Q&A of 810-403 exam
Certkingdom Review

Best Cisco 810-403 Certification, Cisco 810-403 Training at certkingdom.com

Sunday, 30 October 2016

810-502 LVCI Leading Virtual Classroom Instruction

Exam Number 810-502
Associated Certifications Virtual Classroom Instruction Specialist
Duration 75 minutes (55-65 questions)
Available Languages English

The 810-502 Leading Virtual Classroom Instruction written exam is required for Cisco WebEx Virtual Classroom Instruction Specialist. The computer-based, multiple-choice exam tests the candidate's knowledge of how to prepare and manage a virtual classroom environment and use collaboration tools to maximize student participation and comprehension. Candidates can prepare for the exam by taking the Cisco WebEx Leading Virtual Classroom Instruction course (LVCI) v2.0.

The 810-502 Leading Virtual Classroom Instruction written exam is required for Cisco WebEx Virtual Classroom Instruction Specialist certification. The computer-based, multiple-choice exam tests the candidate's knowledge of how to prepare and manage a virtual classroom environment and use collaboration tools to maximize student participation and comprehension. Candidates can prepare for the exam by taking the Cisco WebEx Leading Virtual Classroom Instruction course.

The following topics are general guidelines for the content likely to be included on the exam. However, other related topics may also appear on any specific delivery of the exam. In order to better reflect the contents of the exam and for clarity purposes, the guidelines below may change at any time without notice.

1.0 Describe Synchronous eLearning Environments to Include Characteristics, Roles and Responsibilities 5%
1.1 Describe the characteristics of synchronous eLearning — definitions and terms used in the industry
1.2 Describe the function and benefits of interactivity in a virtual classroom environment
1.3 Describe the general roles and responsibilities when implementing a virtual delivery program

2.0 Manage Program and Logistics 5%
2.1 Plan and execute effective participant communication before, during and after scheduled virtual sessions
2.2 Given a scenario identify and describe the steps to coordinate and schedule a virtual session
2.3 Given a scenario, determine the appropriate pre-session activities necessary (including scheduling, registration, and reporting)
2.4 Assess your needs against the program goals and determine whether to augment the virtual classroom with blended learning options
2.5 Identify recording and playback capabilities, purposes and considerations

3.0 Prepare Yourself and Your Physical and Virtual Environment for Conducting an Effective Virtual Classroom Session 11%
3.1 Set up the trainer's physical and virtual environment including preparing the attendee environment
3.2 Prepare yourself for facilitating in a virtual training environment
3.3 Develop contingency plans for common difficulties
3.4 Review course materials and address any areas that are unclear or may lead to learner confusion

4.0 Demonstrate Effective Classroom Management Skills in a Virtual Classroom Setting 33%
4.1 Implement contingency plans to manage disruptions
4.2 Keep sessions on track by responding to questions, keeping participants focused, and encouraging participation
4.3 Apply time management strategies effectively
4.4 Maintain a safe and positive learning environment that is conducive to the learning process
4.5 Build rapport with students
4.6 Establishes and maintains credibility with learners
4.7 Checks in at regular intervals and adjusts instruction based on feedback and/or behavioral cues from participants
4.8 Provide clear instruction and guidance to learners on how to meet the learning objective
4.9 Manage small group work, labs, and independent work
4.10 Employ effective questioning skills to involve learners (e.g., open-ended questions, wait after asking questions, let people self-select, etc.)
4.11 Ensure most participants are responding and interacting at the desired level
4.12 Gauge when to control the facilitation process versus when to let interaction flow
4.13 Facilitate interaction between participants to achieve balanced participation among class members
4.14 Defines how participants should participate and reinforces desired behavior (e.g., use chat, raise hand icon, speak up)
4.15 Guide learners through the lesson content to achieve deeper understanding
4.16 Guide learners through the process of using online tools in activities

5.0 Demonstrate Effective Presentation Skills in a Virtual Classroom Setting 8%
5.1 Present content in a logical flow and order
5.2 Use a pace appropriate for students, learning objectives and learning material
5.3 Describe concepts in a clear and complete manner, using relevant examples
5.4 Transition effectively between topics/instructional elements

6.0 Select and Effectively Use Tools for Presentation and Collaboration that Are Appropriate for Achieving Intended Learning Objective or Desired Result 15%
6.1 Use annotation tools to focus attention to relevant content
6.2 Use sharing features when appropriate, including application, presentation, desktop, etc.
6.3 Use white boarding or white space to enhance instruction or group process
6.4 Use collaboration tools when appropriate, including annotation, chat, Q&A, polling, video, pass presenter role, remote control

7.0 Demonstrate Use of Voice Modulation and Effective Audio Techniques 5%
7.1 Uses appropriate modulation, vocal inflection, tone, and volume (e.g., varies pitch and emphasis to avoid speaking in monotone)
7.2 Conveys energy and enthusiasm (e.g., puts a smile in his/her voice)
7.3 Makes appropriate vocal adjustments (e.g., adjusts pace or volume) in response to participant feedback
7.4 Creates an effective audio environment (e.g., ensures a quiet presentation space, and that participants have audio as they join)
7.5 Limit use of filler words (e.g., um, ah, you know, etc.)

8.0 Apply Fundamental Virtual Classroom Content Design Concepts 11%
8.1 Identify and describe effective synchronous training design principle
8.2 Create/update effective synchronous presentation materials (e.g., updates presentation materials following leading practices for graphics, text, color and font)
8.3 Identifies and develops/chooses effective learning activities

9.0 Assess Student Comprehension and Evaluate the Effectiveness of Training 7%
9.1 Develop a strategy for evaluating effectiveness of the training and student skills and knowledge
9.2 Create effective test questions and surveys to measure participant reaction and learning gains
9.3 Assess whether the training was effective based on reviewing test results, survey results, and attendee feedback through online tools such as polls
9.4 Reviews content or adjusts pace of delivery to enhance comprehension if required

Click here to view complete Q&A of 810-502 exam
Certkingdom Review

Best Cisco 810-502 Certification, Cisco 810-502 Training at certkingdom.com

Monday, 24 October 2016

200-125 CCNA Cisco Certified Network Associate Exam

Exam Number 200-125 CCNA
Associated Certifications CCNA Routing and Switching
Duration 90 Minutes (50-60 questions)
Available Languages English, Japanese

This exam tests a candidate's knowledge and skills related to network fundamentals, LAN switching technologies, IPv4 and IPv6 routing technologies, WAN technologies, infrastructure services, infrastructure security, and infrastructure management.

The Cisco Certified Network Associate (CCNA) Routing and Switching composite exam (200-125) is a 90-minute, 50–60 question assessment that is associated with the CCNA Routing and Switching certification. This exam tests a candidate's knowledge and skills related to network fundamentals, LAN switching technologies, IPv4 and IPv6 routing technologies, WAN technologies, infrastructure services, infrastructure security, and infrastructure management.

The following topics are general guidelines for the content likely to be included on the exam. However, other related topics may also appear on any specific delivery of the exam. In order to better reflect the contents of the exam and for clarity purposes, the guidelines below may change at any time without notice.

Subscribe to Cisco Learning Network Premium and access the most comprehensive e-learning training, resources and tools you’ll need to prepare for your CCENT, CCNA and CCNP Routing and Switching certifications.

1.0 Network Fundamentals 15%

1.1 Compare and contrast OSI and TCP/IP models

1.2 Compare and contrast TCP and UDP protocols

1.3 Describe the impact of infrastructure components in an enterprise network

1.3.a Firewalls
1.3.b Access points
1.3.c Wireless controllers

1.4 Describe the effects of cloud resources on enterprise network architecture

1.4.a Traffic path to internal and external cloud services
1.4.b Virtual services
1.4.c Basic virtual network infrastructure

1.5 Compare and contrast collapsed core and three-tier architectures

1.6 Compare and contrast network topologies

1.6.a Star
1.6.b Mesh
1.6.c Hybrid

1.7 Select the appropriate cabling type based on implementation requirements

1.8 Apply troubleshooting methodologies to resolve problems

1.8.a Perform and document fault isolation
1.8.b Resolve or escalate
1.8.c Verify and monitor resolution

1.9 Configure, verify, and troubleshoot IPv4 addressing and subnetting

1.10 Compare and contrast IPv4 address types

1.10.a Unicast
1.10.b Broadcast
1.10.c Multicast

1.11 Describe the need for private IPv4 addressing

1.12 Identify the appropriate IPv6 addressing scheme to satisfy addressing requirements in a LAN/WAN environment

1.13 Configure, verify, and troubleshoot IPv6 addressing

1.14 Configure and verify IPv6 Stateless Address Auto Configuration

1.15 Compare and contrast IPv6 address types

1.15.a Global unicast
1.15.b Unique local
1.15.c Link local
1.15.d Multicast
1.15.e Modified EUI 64
1.15.f Autoconfiguration
1.15.g Anycast

2.0 LAN Switching Technologies 21%

2.1 Describe and verify switching concepts

2.1.a MAC learning and aging
2.1.b Frame switching
2.1.c Frame flooding
2.1.d MAC address table

2.2 Interpret Ethernet frame format

2.3 Troubleshoot interface and cable issues (collisions, errors, duplex, speed)

2.4 Configure, verify, and troubleshoot VLANs (normal/extended range) spanning multiple switches

2.4.a Access ports (data and voice)
2.4.b Default VLAN

2.5 Configure, verify, and troubleshoot interswitch connectivity

2.5.a Trunk ports
2.5.b Add and remove VLANs on a trunk
2.5.c DTP, VTP (v1&v2), and 802.1Q
2.5.d Native VLAN

2.6 Configure, verify, and troubleshoot STP protocols

2.6.a STP mode (PVST+ and RPVST+)
2.6.b STP root bridge selection

2.7 Configure, verify and troubleshoot STP related optional features

2.7.a PortFast
2.7.b BPDU guard

2.8 Configure and verify Layer 2 protocols

2.8.a Cisco Discovery Protocol
2.8.b LLDP

2.9 Configure, verify, and troubleshoot (Layer 2/Layer 3) EtherChannel

2.9.a Static
2.9.b PAGP
2.9.c LACP

2.10 Describe the benefits of switch stacking and chassis aggregation

3.0 Routing Technologies 23%

3.1 Describe the routing concepts

3.1.a Packet handling along the path through a network
3.1.b Forwarding decision based on route lookup
3.1.c Frame rewrite

3.2 Interpret the components of a routing table

3.2.a Prefix
3.2.b Network mask
3.2.c Next hop
3.2.d Routing protocol code
3.2.e Administrative distance
3.2.f Metric
3.2.g Gateway of last resort

3.3 Describe how a routing table is populated by different routing information sources

3.3.a Admin distance

3.4 Configure, verify, and troubleshoot inter-VLAN routing

3.4.a Router on a stick
3.4.b SVI

3.5 Compare and contrast static routing and dynamic routing

3.6 Compare and contrast distance vector and link state routing protocols

3.7 Compare and contrast interior and exterior routing protocols

3.8 Configure, verify, and troubleshoot IPv4 and IPv6 static routing

3.8.a Default route
3.8.b Network route
3.8.c Host route
3.8.d Floating static

3.9 Configure, verify, and troubleshoot single area and multi-area OSPFv2 for IPv4 (excluding authentication, filtering, manual summarization, redistribution, stub, virtual-link, and LSAs)

3.10 Configure, verify, and troubleshoot single area and multi-area OSPFv3 for IPv6 (excluding authentication, filtering, manual summarization, redistribution, stub, virtual-link, and LSAs)

3.11 Configure, verify, and troubleshoot EIGRP for IPv4 (excluding authentication, filtering, manual summarization, redistribution, stub)

3.12 Configure, verify, and troubleshoot EIGRP for IPv6 (excluding authentication, filtering, manual summarization, redistribution, stub)

3.13 Configure, verify, and troubleshoot RIPv2 for IPv4 (excluding authentication, filtering, manual summarization, redistribution)

3.14 Troubleshoot basic Layer 3 end-to-end connectivity issues

4.0 WAN Technologies 10%

4.1 Configure and verify PPP and MLPPP on WAN interfaces using local authentication

4.2 Configure, verify, and troubleshoot PPPoE client-side interfaces using local authentication

4.3 Configure, verify, and troubleshoot GRE tunnel connectivity

4.4 Describe WAN topology options

4.4.a Point-to-point
4.4.b Hub and spoke
4.4.c Full mesh
4.4.d Single vs dual-homed

4.5 Describe WAN access connectivity options

4.5.a MPLS
4.5.b Metro Ethernet
4.5.c Broadband PPPoE
4.5.d Internet VPN (DMVPN, site-to-site VPN, client VPN)

4.6 Configure and verify single-homed branch connectivity using eBGP IPv4 (limited to peering and route advertisement using Network command only)

4.7 Describe basic QoS concepts

4.7.a Marking
4.7.b Device trust
4.7.c Prioritization
4.7.c. [i] Voice
4.7.c. [ii] Video
4.7.c. [iii] Data
4.7.d Shaping
4.7.e Policing
4.7.f Congestion management

5.0 Infrastructure Services 10%

5.1 Describe DNS lookup operation

5.2 Troubleshoot client connectivity issues involving DNS

5.3 Configure and verify DHCP on a router (excluding static reservations)

5.3.a Server
5.3.b Relay
5.3.c Client
5.3.d TFTP, DNS, and gateway options

5.4 Troubleshoot client- and router-based DHCP connectivity issues

5.5 Configure, verify, and troubleshoot basic HSRP

5.5.a Priority
5.5.b Preemption
5.5.c Version

5.6 Configure, verify, and troubleshoot inside source NAT

5.6.a Static
5.6.b Pool
5.6.c PAT

5.7 Configure and verify NTP operating in a client/server mode

6.0 Infrastructure Security 11%

6.1 Configure, verify, and troubleshoot port security

6.1.a Static
6.1.b Dynamic
6.1.c Sticky
6.1.d Max MAC addresses
6.1.e Violation actions
6.1.f Err-disable recovery

6.2 Describe common access layer threat mitigation techniques

6.2.a 802.1x
6.2.b DHCP snooping
6.2.c Nondefault native VLAN

6.3 Configure, verify, and troubleshoot IPv4 and IPv6 access list for traffic filtering

6.3.a Standard
6.3.b Extended
6.3.c Named

6.4 Verify ACLs using the APIC-EM Path Trace ACL analysis tool

6.5 Configure, verify, and troubleshoot basic device hardening

6.5.a Local authentication
6.5.b Secure password
6.5.c Access to device
6.5.c. [i] Source address
6.5.c. [ii] Telnet/SSH
6.5.d Login banner

6.6 Describe device security using AAA with TACACS+ and RADIUS

7.0 Infrastructure Management 10%

7.1 Configure and verify device-monitoring protocols

7.1.a SNMPv2
7.1.b SNMPv3
7.1.c Syslog

7.2 Troubleshoot network connectivity issues using ICMP echo-based IP SLA

7.3 Configure and verify device management

7.3.a Backup and restore device configuration
7.3.b Using Cisco Discovery Protocol or LLDP for device discovery
7.3.c Licensing
7.3.d Logging
7.3.e Timezone
7.3.f Loopback

7.4 Configure and verify initial device configuration

7.5 Perform device maintenance

7.5.a Cisco IOS upgrades and recovery (SCP, FTP, TFTP, and MD5 verify)
7.5.b Password recovery and configuration register
7.5.c File system management

7.6 Use Cisco IOS tools to troubleshoot and resolve problems

7.6.a Ping and traceroute with extended option
7.6.b Terminal monitor
7.6.c Log events
7.6.d Local SPAN

7.7 Describe network programmability in enterprise network architecture

7.7.a Function of a controller
7.7.b Separation of control plane and data plane
7.7.c Northbound and southbound APIs

QUESTION 22
A receiving host computes the checksum on a frame and determines that the frame is damaged. The frame is then discarded. At which OSI layer did this happen?
A. session
B. transport
C. network
D. data link
E. physical

Answer: D
Explanation:
The Data Link layer provides the physical transmission of the data and handles error notification, network topology, and flow control. The Data Link layer formats the message into pieces, each called a data frame, and adds a customized header containing the hardware destination and source address. Protocols Data Unit (PDU) on Datalink layer is called frame. According to this question the frame is damaged and discarded which will happen at the Data Link layer.

QUESTION 23
A router has two Fast Ethernet interfaces and needs to connect to four VLANs in the local network. How can you accomplish this task, using the fewest physical interfaces and without decreasing network performance?
A. Use a hub to connect the four VLANS with a Fast Ethernet interface on the router.
B. Add a second router to handle the VLAN traffic.
C. Add two more Fast Ethernet interfaces.
D. Implement a router-on-a-stick configuration.

Answer: D
Explanation:
A router on a stick allows you to use sub-interfaces to create multiple logical networks on a single physical interface.

QUESTION 25
In an Ethernet network, under what two scenarios can devices transmit? (Choose two.)
A. when they receive a special token
B. when there is a carrier
C. when they detect no other devices are sending
D. when the medium is idle
E. when the server grants access

Answer: C,D
Explanation:
Ethernet network is a shared environment so all devices have the right to access to the medium. If more than one device transmits simultaneously, the signals collide and cannot reach the destination.
If a device detects another device is sending, it will wait for a specified amount of time before attempting to transmit.
When there is no traffic detected, a device will transmit its message. While this transmission is occurring, the device continues to listen for traffic or collisions on the LAN. After the message is sent, the device returns to its default listening mode.

QUESTION 28
VLAN 3 is not yet configured on your switch. What happens if you set the switchport access vlan 3 command in interface configuration mode?
A. The command is rejected.
B. The port turns amber.
C. The command is accepted and the respective VLAN is added to vlan.dat.
D. The command is accepted and you must configure the VLAN manually.

Answer: C
Explanation:
The “switchport access vlan 3” will put that interface as belonging to VLAN 3 while also updated the VLAN database automatically to include VLAN 3.

QUESTION 29
Which term describes a spanning-tree network that has all switch ports in either the blocking or forwarding state?
A. converged
B. redundant
C. provisioned
D. spanned

Answer: A
Explanation:
Spanning Tree Protocol convergence (Layer 2 convergence) happens when bridges and switches have transitioned to either the forwarding or blocking state. When layer 2 is converged, root bridge is elected and all port roles (Root, Designated and Non-Designated) in all switches are selected.

Click here to view complete Q&A of 200-125 exam
Certkingdom Review

Best Cisco 200-125 Certification, Cisco 200-125 Training at certkingdom.com

Friday, 21 October 2016

210-250 SECFND Understanding Cisco Cybersecurity Fundamentals

Exam Number 210-250 SECFND
Available for testing: November 2016
The availability date is subject to change without notice.
Associated Certifications CCNA Cyber Ops
Duration 90 Minutes (55-60 questions)
Available Languages English
Register Pearson VUE

This exam is the first of the two required exams to achieve the CCNA Cyber Ops certification and is aligned with the job role of an associate-level Security Operations Center (SOC) Security Analyst. The SECFND exam tests candidates understanding of cybersecurity’s basic principles, foundational knowledge, and core skills needed to grasp the more advanced associate-level materials in the second required exam, "Implementing Cisco Cybersecurity Operations (SECOPS)".

The 210-250 SECFND "Understanding Cisco Cybersecurity Fundamentals" (SECFND) is a 1.5-hour exam with 50−60 questions and is associated with the Cisco CCNA Cyber Ops certification. Candidates can prepare for this exam by taking the course, "Understanding Cisco Cybersecurity Fundamentals (SECFND) v1.0”. This exam tests a candidate's understanding of cybersecurity’s basic principles, foundational knowledge, and core skills needed to grasp the more advanced associate-level materials in the second required exam, "Implementing Cisco Cybersecurity Operations (SECOPS)". The exam is closed book and no outside reference materials are allowed.

The following topics are general guidelines for the content likely to be included on the exam. However, other related topics may also appear on any specific delivery of the exam. In order to better reflect the contents of the exam and for clarity purposes, the guidelines below may be updated at any time without notice.

1.0 Network Concepts 12%

2.0 Security Concepts 17%

3.0 Cryptography 12%

4.0 Host Based Analysis 19%

5.0 Security Monitoring 19%

6.0 Attack Methods 21%

Click here to view complete Q&A of 210-250 exam
Certkingdom Review

Best Cisco 210-250 Certification, Cisco 210-250 Training at certkingdom.com

Wednesday, 19 October 2016

210-255 SECOPS Implementing Cisco Cybersecurity Operations

Exam Number 210-255 SECOPS
Available for testing: December 2016
The availability date is subject to change without notice.
Associated Certifications CCNA Cyber Ops
Duration 90 Minutes (55-60 questions)
Available Languages English

This exam is the second of the two required exams in achieving the associate-level CCNA Cyber Ops certification and prepares candidates to begin a career within a Security Operations Center (SOC), working with Cybersecurity Analysts at the associate level. The SECFND exam tests a candidate's knowledge and skills needed to successfully handle the tasks, duties, and responsibilities of an associate-level Security Analyst working in a SOC.

The 210-255 "Implementing Cisco Cybersecurity Operations" (SECOPS) is a 1.5-hour exam with 50−60 questions and is associated with the Cisco CCNA Cyber Ops certification. Candidates can prepare for this exam by taking the Implementing Cisco Cybersecurity Operations v1.0 (SECOPS) course. This exam tests a candidate's knowledge and skills needed to successfully assist with the tasks, duties, and responsibilities of an associate-level Security Analyst working in a Security Operations Center (SOC).The exam is closed book and no outside reference materials are allowed.

The following topics are general guidelines for the content likely to be included on the exam. However, other related topics may also appear on any specific delivery of the exam. In order to better reflect the contents of the exam and for clarity purposes, the guidelines below maybe updated at any time without notice.

1.0 Endpoint Threat Analysis & Computer Forensics 15%

2.0 Network Intrusion Analysis 22%

3.0 Incident Response 18%

4.0 Data and Event Analysis 23%

5.0 Incident Handling 22%

Click here to view complete Q&A of 210-255 exam
Certkingdom Review

Best Cisco 210-255 Certification, Cisco 210-255 Training at certkingdom.com

Thursday, 13 October 2016

300-365 WIDEPLOY Deploying Cisco Wireless Enterprise Networks

QUESTION 1
A network engineer for a college dormitory notices that student devices are filling up the SP-DB and are not allowing the shared wireless printers to be discovered. Which feature can be used to reserve space in the SP-DB for the printers?

A. mDNS-AP
B. LSS
C. Priority MAC
D. sso

Answer: C

QUESTION 2
By default, how long does a Mobility Services Engine wait for an echo response from a Wireless LAN Controller before declaring the neighbor dead?

A. 10 Seconds
B. 60 Seconds
C. 15 Seconds
D. 30 Seconds

Answer: D

QUESTION 3
Controllers WLC_1 and WLC_2 are in the same mobility group. A wireless client that does not have the same VLAN interface roams from WLC_1 to WLC_2. What happens to the client roaming?

A. The client context is deleted in controller WLC_1, and a new client context is created in WLC_2 to become the anchor controller
B. The client context is moved from controller WLC_1 to controller WLC_2. The result is that the WLC_1 client context is deleted and WLC_2 becomes the anchor controller.
C. The client context is copied from controller WLC_1 to controller WLC_2. The result is that WLC_1 becomes the foreign controller and WLC_2 becomes the anchor controller.
D. The client context is copied from controller WLC_1 to controller WLC_2. The result is
that WLC_1 becomes the anchor controller and WLC_2 becomes the foreign controller.

Answer: D

QUESTION 4
A network engineer must configure a 5 GHz network to allow for the greatest density of radios possible with the least amount of co-channel interference. Which configuration best fulfills this requirement?

A. Set 802.11 h Local Power constraint to 25 dBm.
B. Set DCA to 20 MHz channels and enable Extended UNII-2 channels.
C. Enable Event Driven RRM in 5 GHz with a sensitivity of High, n
D. Configure TPC Power Threshold to -80 dBm and set interference Optimal Mode (TPCv2).

Answer: B

Click here to view complete Q&A of 300-365 exam
Certkingdom Review

Best Cisco 300-365 Certification, Cisco 300-365 Training at certkingdom.com