• Home
  • Cisco
  • 642-637
  • Cisco.ActualTests.642-637.v2013-04-03.by.azazredhat.135q.vce

Pass Your Cisco 642-637 Exam Easy!

Get 100% Real Exam Questions, Accurate & Verified Answers By IT Experts

Fast Updates & Instant Download!

Certification Exam: 642-637 (Securing Networks with Cisco Routers and Switches (SECURE))

Download Free 642-637 Exam Questions

Exam 642-637 - Securing Networks with Cisco Routers and Switches (SECURE)
Size: 6.1 MB
Posted Date: Wednesday, April 3, 2013
# of downloads: 4
Free Download: This file is outdated. Browse other 642-637 VCE Files
Exam
642-637 - Securing Networks with Cisco Routers and Switches (SECURE)
Size
6.1 MB
Posted Date
Wednesday, April 3, 2013
# of downloads
4
Free Download
This file is outdated. Browse other 642-637 VCE Files
Comments
* The most recent comment are at the top
  • Nikhil
  • Canada
  • Jun 29, 2013

Can anybody please share the link to download "Scalable VPN Authentication" Nugget, It is missing . Thanks

  • Jun 29, 2013
  • hide-one
  • United Kingdom
  • Jun 28, 2013

@ Rakesh
Please contact me spiro.chete my skype ID i will provide You I having 10 of my students will appear tomorrow in different locations

  • Jun 28, 2013
  • rakesh
  • India
  • Jun 25, 2013

i don't have dnd questions and simulation what to do?
if i download this dump and it is showing only 105 questions but it as 135
any one can help me please

  • Jun 25, 2013
  • rakesh
  • India
  • Jun 25, 2013

hey guys i have downloaded this dump but it shows only 107 questions what to do ? can any one tell me whether it is 107 or 135 questions

  • Jun 25, 2013
  • Faizul
  • Bangladesh
  • Jun 16, 2013

Passed the Exam on 15th June. Dump is very much valid. lots of DD. Lab and SIM is also same.

  • Jun 16, 2013
  • doka
  • Germany
  • Jun 03, 2013

Thanks to user!
You are right.

@all
I have tested both models on GNS3
There are two routers R1 and R2
N1
On R1:
crypto ipsec transform-set myset esp-3des esp-sha-hmac
On R2:
crypto ipsec transform-set myset esp-aes esp-sha-hmac

On R2 (IKE-Respüonder)
#debug crypto isakmp

Jun 3 23:50:40.575: ISAKMP:(0):atts are acceptable. Next payload is 0
*Jun 3 23:50:40.575: ISAKMP:(0):Acceptable atts:actual life: 0
*Jun 3 23:50:40.575: ISAKMP:(0):Acceptable atts:life: 0
..
*Jun 3 23:50:40.939: ISAKMP: transform 1, ESP_3DES
*Jun 3 23:50:40.943: ISAKMP: attributes in transform:
*Jun 3 23:50:40.943: ISAKMP: encaps is 1 (Tunnel)
*Jun 3 23:50:40.943: ISAKMP: SA life type in seconds
*Jun 3 23:50:40.947: ISAKMP: SA life duration (basic) of 3600
*Jun 3 23:50:40.947: ISAKMP: SA life type in kilobytes
*Jun 3 23:50:40.9
R2#47: ISAKMP: SA life duration (VPI) of 0x0 0x46 0x50 0x0
*Jun 3 23:50:40.947: ISAKMP: authenticator is HMAC-SHA
*Jun 3 23:50:40.947: ISAKMP:(1003):atts are acceptable.

N2
On R1:
crypto isakmp policy 1
encr 3des
authentication pre-share
group 2
crypto isakmp key cisco address 172.16.0.2

On R2:
crypto isakmp policy 1
encr aes
authentication pre-share
group 2
crypto isakmp key cisco address 172.16.0.1

On R2 (IKE-Responder)
#deb crypto isakmp
*Jun 4 00:35:32.943: ISAKMP:(0):Encryption algorithm offered does not match policy!
*Jun 4 00:35:32.943: ISAKMP:(0):atts are not acceptable. Next payload is 0
*Jun 4 00:35:32.943: ISAKMP:(0):no offers accepted!

And finaly :)
https://supportforums.cisco.com/community/netpro/security/vpn/blog/2011/06/14/ipsec-troubleshooting-problem-scenarios-part-1

Also, the correct answer is:
"A. verify matching ISAKMP policies on each peer"

  • Jun 03, 2013
  • user
  • Russian Federation
  • Jun 01, 2013

Hi all. I have found another mistake.

QUESTION NO: 34
You are troubleshooting an IPsec VPN problem. During debug
the message "attributes not acceptable" on the IKE responder
isakmp command. Which step should you take next?
A. verify matching ISAKMP policies on each peer
B. verify that an IKE security association has been established
C. verify that IPsec transform sets match on each peer
D. verify if default IPsec attributes are in place on each peer

imho corret answer A, not C

  • Jun 01, 2013
  • Wangnaw
  • United States
  • May 31, 2013

Passed with 87X . Valid dump

  • May 31, 2013
  • doka
  • Germany
  • May 27, 2013

@Sec. Guy
No need to define class-default in ZBFW lab because of the default drop action that applied to all class.
After the configuration verify this with #sh run or #sh policy-map type inspect

  • May 27, 2013
  • doka
  • Germany
  • May 27, 2013

Q9
The advantages of virtual tunnel interfaces (VTIs) over GRE VPN solutions are which three of the following? (Choose three.)
A. VTI can support QoS.
B. VTI provides a routable interface.
C. VTI supports nonencrypted tunnels.
D. VTI is more scalable than a GRE-based VPN solution.
E. IPsec VTIs need fewer established SAs to cover different types of traffic, both unicast and multicast, thus enabling improved scaling
F. IPsec VTIs require a loopback interface for configuration.

The dump says: BCE. I think the correct answers are ABE
http://www.cisco.com/en/US/technologies/tk583/tk372/technologies_white_paper0900aecd8029d629.pdf
"Quality of service (QoS)
---QoS can be used to improve the performance of di
fferent applications across the network. In this co
nfiguration, traffic
shaping is used between the two sites to limit the
total amount of traffic that should be transmitted
between the two sites. Additionally, the QoS
configuration can support any combination of QoS fe
atures offered in Cisco IOS Software to support any
of the voice, video, or data applications. "

http://www.firewall.cx/cisco-technical-knowledgebase/cisco-services-tech/945-cisco-comparing-vpn-technologies.html
"Comparison Between Policy-Based and Route-Based VPNs
QoS is fully supported"


"

  • May 27, 2013
  • doka
  • Germany
  • May 27, 2013

Thanks a lot Trescool !

  • May 27, 2013
  • Trescool
  • Portugal
  • May 27, 2013

I have uploaded a new vce file with some corrected answers.it will be available in 2 or 3 days.
Best of luck

  • May 27, 2013
  • Sec. Guy
  • Albania
  • May 26, 2013

In LAB 6, viewing that the question is:
-Use the "match protocol" classification option to statefully inspect HTTP traffic and drop all other traffic

On policy map config I thing must be added even:
Router(config-pmap-c)# class class-default
Router(config-pmap-c)# drop

So, the policy-map will looks like this:
Router(config)# policy-map type inspect IN-TO-OUT-POLICY
Router(config-pmap)# class type inspect HTTP_POLICY
Router(config-pmap-c)# inspect
Router(config-pmap-c)# class class-default
Router(config-pmap-c)# drop
Router(config-pmap-c)# exit

  • May 26, 2013
  • user
  • Russian Federation
  • May 26, 2013

Hi all.
I have found a mistake in answer of DND #4 802.1x port states
Correct answer is
auto=in this mode allows only EAPOL, CDP,STP at first
force-auth=def port state when 802.1x is not globally enabled
force-unauth=port ignores all traffic

Chapter 5: 802.1X and Cisco Identity-Based Networking Services (IBNS) 101

  • May 26, 2013
  • Nyi Nyi Min
  • Myanmar
  • May 25, 2013

Dear Mazhar,
you need only ccna(security) for ccnp(security) . I'd to advise firstly you should pass ccnp(routing and switching) and ccie.After finishing ccnp or ccie, more easy ccna(sec),ccnp(sec) or something.Good luck.

  • May 25, 2013
  • mazhar
  • India
  • May 25, 2013

Hi,

I am completed ccna (640-802) certification ,i wanted to give CCNP security exm,so my
qusn: is it requier to give CCNA security or CCSA security exam .befor giving ccsp i am bit confuse in this .Plz tell me the correct procedure for this.

thanks in advance.

  • May 25, 2013
  • dumper
  • Ukraine
  • May 24, 2013

all question from dump. exam's date is 24.05

  • May 24, 2013
  • joy
  • India
  • May 24, 2013

In this .vce file i got 22 D&D.But out of them 13 are note complete- means i can see only left side option, all right side options are blank for 13 items.help me on this.

  • May 24, 2013
  • doka
  • Germany
  • May 24, 2013

@ Trescool
Thanks!
"and you cannot have 2 interfaces with the same subnet"
Yes, i agree with you :lol:
Were all questions from this dump, any modifications?

  • May 24, 2013
  • Trescool
  • Portugal
  • May 24, 2013

@Doka
Labs and sims the same!

  • May 24, 2013
  • Trescool
  • Portugal
  • May 24, 2013

@doka - In the exam i assure you that this is the correct one ;) believe me! and you cannot have 2 interfaces with the same subnet ;)

Question 68 - I think B it´s wrong

If a host in the INSIDE zone attempts to communicate via SSH with another host on a different interface within the INSIDE zone, communications must pass through the router self zone using the INTRAZONE policy.

I think it should be A

Hosts in the INSIDE zone, with addresses in the 10.10.10.0/24 network, can access any host in the 10.10.10.0/24 network using the SSH protocol.

  • May 24, 2013
  • doka
  • Germany
  • May 22, 2013

Based on this document
http://www.cisco.com/en/US/docs/security/asa/asa72/asdm52/user/guide/csc.html

  • May 22, 2013
  • doka
  • Germany
  • May 22, 2013

When configuring URL filtering with the Trend Micro filtering service, which of these steps must
you take to prepare for configuration?
A. define blacklists and whitelists
B. categorize traffic types
C. install the appropriate root CA certificate on the router
D. synchronize clocks via NTP to ensure accuracy of URL filter updates from the service
This is a tricky question
The correct answer is IMHO D
In this document https://supportforums.cisco.com/docs/DOC-8028
we read:
"First check the system clock and make sure it is correct. It needs to be correct so that the router can accept and validate the certificate it will pull from the Trend server during registration.

show clock

If it's not, correct it by pointing it to an NTP source or manually setting it
clock set 16:00:00 SEPT 21 2009"
Also nothing about "URL filter updates"
BUT this first step have two functions for the Trend Micro software (IOS based and GUI based)
" Step 4 In ASDM, verify time settings on the adaptive security appliance. Time setting accuracy is important for logging of security events and for automatic updates of CSC SSM software.

•If you manually control time settings, verify the clock settings, including time zone. Choose Configuration > Properties > Device Administration > Clock.

•If you are using NTP, verify the NTP configuration. Choose Configuration > Properties > Device Administration > NTP. "

  • May 22, 2013
  • doka
  • Germany
  • May 22, 2013

@Trescool
Congrats bro !!! :)
Were all questions from this dump?
Lab and simlet are the same?
Thanks!

  • May 22, 2013
  • Trescool
  • Portugal
  • May 22, 2013

Hello guys passed with 928..there are still wrong questions??!!!but i think i´ve corrected some i wiil upload a new vce..but not everything will be correct
@Abu Hazem thank you very much for the information..lets try and wait ..

  • May 22, 2013
  • Abu Hazem
  • United Arab Emirates
  • May 22, 2013

@Trescool,

I wish you the best in your exam.

To find work in UAE, you need to know people here to get you a job.

If you depends on the certifications, you need to have a lot of them in Cisco, Microsoft, Linux etc. as much as you have as high chance for you to find.

Good experience will help too.

But the most important is to have connections here and not to ask high salary, since you compete with Indians and Pakistanies who has a lot of certifications (thanks to dumps) and ask for little salary and have a huge connection here.

If you are a fresh, then it is better to have a good experience from your country first.

  • May 22, 2013
  • Trescool
  • Portugal
  • May 21, 2013

I´m going to do the exam tomorrow i still have some doubts but then i will edit und upload a new exam vce with some corrected answers..and hoppe that help you guys in the future. If you have some doubts sapint@gmail.com!

@ Abu Hazem, how to get a job as Network Engineer in United Arab Emirates.? can you give me some advices?! Thanks to you all for the crowdsourcing ;)

  • May 21, 2013
  • Riya
  • India
  • May 21, 2013

Thanks Abu for your valuable outputs.

Doka and Trescool thanks a lot for your comments

@Trescool:
All the very best for your exam.Do suggest us after the exams

  • May 21, 2013
  • Abu Hazem
  • United Arab Emirates
  • May 20, 2013

I used the same answer as per doka

@all
Q4 D&D

uRPF is not Control plane but Data plane Mitigation Technique

Correct answer should be
Routing Protocol Authentication
Rate Limiting
VTP Authentication
Spanning Tree Protection

  • May 20, 2013
  • Abu Hazem
  • United Arab Emirates
  • May 20, 2013

Hi All,

Use these pages in the cisco official book
43, 44, 45, 49, 50, 95, 96, 100, 101, 113, 339, 340, 374, 453

they can help you in some D&D, for example
Force Unauth --> doesn't allow any traffic as per the book, but in the dump it is something else.

  • May 20, 2013
  • Abu Hazem
  • United Arab Emirates
  • May 20, 2013

Hi All,

sorry, for the delay, here are all your answers:

@Trescool

Yes, same lab and sim, and I answered the same in the dump.

Q:43, I answere "enable SCEP"

@doka

Thank you, I wish you to success in the exam.
All questions came from the dump. I got 70 questions including all the drag and drop, sim, lab.

@Riya,
All questions came from the dump, about the sections, I don't have the result paper now.

  • May 20, 2013
  • bugs
  • India
  • May 20, 2013

@Doka,

No 1000, which actually points to the fact that answers are not correct in dumps.
But there were 5 questions out of the dumps as well.

  • May 20, 2013
  • doka
  • Germany
  • May 20, 2013

@bugs
Congrats!
Why not 1000? :)
In what sections you lost marks?
Thanks

  • May 20, 2013
  • bugs
  • India
  • May 20, 2013

Passed my exam today with 888.
DUMPS ARE VALID.
Get VPN and ZBFW simulations were exactly same.

  • May 20, 2013
  • Riya
  • India
  • May 20, 2013

@ Abu
Can you please mention what all sections were in exam and in which sections you lost marks

@bugs
All the best for your exams.Please help us to know what all sections are their in exam

  • May 20, 2013
  • doka
  • Germany
  • May 19, 2013

@Abu Hazem
Congratulations!
Were there new/modified questions?
Thanks

  • May 19, 2013
  • Trescool
  • Portugal
  • May 19, 2013

Q:43 Cisco router to act as a certificate server, but the server won´t start.all CA parameters are correct?

Should D be the correct one? Verify that the correct time is being used and source is reachable?

  • May 19, 2013
  • Trescool
  • Portugal
  • May 19, 2013

@Abu Hazem .labs and sims?! valid?

  • May 19, 2013
  • Abu Hazem
  • United Arab Emirates
  • May 19, 2013

Hi all,

I passed today with 908 score.

If you have a question, just put there and I will tell you what I answered.

  • May 19, 2013
  • doka
  • Germany
  • May 18, 2013

@all
Q4 D&D

uRPF is not Control plane but Data plane Mitigation Technique

Correct answer should be
Routing Protocol Authentication
Rate Limiting
VTP Authentication
Spanning Tree Protection

  • May 18, 2013
  • bugs
  • India
  • May 18, 2013

@doka

I think u r right. Following all your comments.
I am giving my exam on Monday. Will update my results.

  • May 18, 2013
  • doka
  • Germany
  • May 18, 2013

@Trescool,mindblown
:lol: all 3 answers are correct .
difficult-difficult .

  • May 18, 2013
  • Trescool
  • Portugal
  • May 18, 2013

@mindblown

http://www.cisco.com/en/US/docs/routers/access/cisco_router_and_security_device_manager/25/software/user/guide/DMVPN.html

This is used for NBMA network." would be "NHRP Network ID".

  • May 18, 2013
  • mindblown
  • United States
  • May 18, 2013

@doka et all, I think the correct answer for: "This is used for NBMA network" is NHRP Registration because the registration process is what provides support for NBMA Networks. The NHRP Registration process includes the components NHRP NHS and NHRP Client. A snip from: http://www.cisco.com/en/US/docs/ios/ios_xe/ipaddr/configuration/guide/iad_cfg_nhrp_xe.pdf is below:

NHRP allows two functions to help support these NBMA networks:
NHRP Registration: 1. NHRP allows Next Hop Clients (NHCs) to dynamically register with Next Hop Servers (NHSs). This registration function allows the NHCs to join the NBMA network without configuration changes on the NHSs , especially in cases where the NHC has a dynamic physical IP address or is behind a Network Address Translation (NAT) router that dynamically changes the physical IP address. In these cases, it would be impossible to preconfigure the logical virtual private network (VPN IP) to physical (NBMA IP) mapping for the NHC on the NHS.
Thanks.

  • May 18, 2013
  • doka
  • Germany
  • May 17, 2013

@Trescool
Off Cert Guide Page 300
"Prior to IOS Release 15.0.1M, all traffic that was sourced and destined for devices inside the same zone was freely permitted. With this IOS release, the ability to configure a zone pair with the same zone as both source and destination is possible; this enables you to apply policies for traffic traveling within the same zone across the device, as illustrated in Figure 12-4"
AND Page 309
"With the release of IOS 15.0.1M, it is also possible to control the traffic within the same zone; this is referred to as intrazone. This is configured by creating a zone pair with the same two zone names as both source and destination."

  • May 17, 2013
  • Trescool
  • Portugal
  • May 17, 2013

@ Doka
My question here is: "communications must pass through the router self zone using the INTRAZONE policy" is this true? must pass through router self zone?!..i don´t think so..

  • May 17, 2013
  • doka
  • Germany
  • May 16, 2013

Hi Trescool
I think the answer:
"If a host in the INSIDE zone attempts to communicate via SSH with another host on a different interface within the INSIDE zone, communications must pass through the router self zone using the INTRAZONE policy. "
is correct
in IOS 15.0.1M Cisco added a feature to give ability to configure policies between interfaces in same zone; so if IOS is of this level or above I would say B is correct (C) DD :)

  • May 16, 2013
  • Trescool
  • Portugal
  • May 16, 2013

Question 83 - I think B it´s wrong

An attacker has sent a spoofed ARP response that violates a static mapping. (in the image it´s a request...)

I would bet on C - The MAC address has matched a deny rule within the ACL.

  • May 16, 2013
  • Trescool
  • Portugal
  • May 16, 2013

Question 68 - I think B it´s wrong

If a host in the INSIDE zone attempts to communicate via SSH with another host on a different interface within the INSIDE zone, communications must pass through the router self zone using the INTRAZONE policy.

I think it should be A

Hosts in the INSIDE zone, with addresses in the 10.10.10.0/24 network, can access any host in the 10.10.10.0/24 network using the SSH protocol.

I don´t see anyware that traffic must pass through self zone ... in the intrazone conection..

  • May 16, 2013
  • Trescool
  • Portugal
  • May 16, 2013

IPS DRAG DROP is wrong

Checked 3 books!

False Positive
A false positive means that an alert has been triggered, but it was for traffic that does not constitute an actual attack. This type of traffic is often called benign traffic.

False Negative
A false negative occurs when attack traffic does not trigger an alert on the IDS/IPS device. This is often viewed as the worst type of false alarm—for obvious reasons.

True Positive
A true positive means that the IDS/IPS device recognized and responded to an attack.

True Negative
This means that nonoffending or benign traffic did not trigger an alarm

  • May 16, 2013
  • Trescool
  • Portugal
  • May 15, 2013

@ Congratulations Pablo
Any advice..?
Lab and Sims are valid?!

  • May 15, 2013
  • doka
  • Germany
  • May 15, 2013

@pablo
Congratulations !!!
Please more details about D&Ds.
Thanks in advance!

  • May 15, 2013
  • pablo
  • United States
  • May 15, 2013

Just passed the exam an hour ago. 949/1000
This dump is still valid.
Thanks everyone for your active collaboration during my study period. Next stop: FIREWALL

  • May 15, 2013
  • doka
  • Germany
  • May 15, 2013

Drag and Drop question: Force-Unauthorized - wrong answer in this dump. The correct answer is "In this state, the port ignores all traffic". Check the official manual.

  • May 15, 2013
  • doka
  • Germany
  • May 15, 2013

I think the answer:
NHRP NHS: This is used for NBMA network
is correct.
http://www.cisco.com/en/US/docs/ios/ios_xe/ipaddr/configuration/guide/iad_cfg_nhrp_xe.pdf
S.2
"NHRP allows two functions to help support these NBMA networks:
1.
NHRP Registration. NHRP allows Next Hop Clients (NHCs) to dynamically register with Next Hop
Servers (NHSs). This registration function allows the NHCs to join the NBMA network without
configuration changes on the NHSs
, especially in cases where the NHC has a dynamic physical IP
address or is behind a Network Address Translation (NAT) router that dynamically changes the
physical IP address. In these cases, it would be impossible to preconfigure the logical virtual private
network (VPN IP) to physical (NBMA IP)
mapping for the NHC on the NHS. "

  • May 15, 2013
  • Trescool
  • Portugal
  • May 15, 2013

@ Pablo
Well noticed...do you have any more doubts concerning to the questions?!

  • May 15, 2013
  • Pablo
  • United States
  • May 15, 2013

@Trescool:

Thanks a lot for your input. You pointed to the right document. However, when looking at it I noticed that the right answer for the "This is used for NBMA network." would be "NHRP Network ID".

Thanks a lot to all of you. I'm taking the exam in exactly 2 hours and 20 minutes. I'll post my results when I get back and let you know how valid this dump still is... wish me luck.

  • May 15, 2013
  • doka
  • Germany
  • May 15, 2013

Thanks Trescool. I think you are right.

  • May 15, 2013
  • Trescool
  • Portugal
  • May 15, 2013

@ Pablo and to all
I think the answer to this question should be: based on:
http://www.cisco.com/en/US/docs/routers/access/cisco_router_and_security_device_manager/25/software/user/guide/DMVPN.html
and

Statically Configuring a Next Hop Server

A NHS normally uses the network layer forwarding table to determine where to forward NHRP packets and to find the egress point from an NBMA network. A NHS may also be statically configured with a set of IP address prefixes that correspond to the IP addresses of the stations it serves, and their logical NBMA network identifiers.

Perform this task to statically configure a Next Hop Server.
Associate the correct DMVPN parameter information on the left with the associated description on the right.

NHRP Hold time : When this expires, the network ID is no longer valid

Tunnel key: This needs to be same for all mGRE tunnels on the network

NHRP NHS: This is used for NBMA network.

Authentication String: This is used for DMVPN tunnel hubs and spokes to authenticate themselves.

I´m going to take the exam 22th of May

  • May 15, 2013
  • Pablo
  • United States
  • May 13, 2013

Can you please help me confirm the answer on drag & drop question about DMVPN parameter information. I have my doubts on the answer provided in the dump.

Associate the correct DMVPN parameter information on the left with the associated description on the right.

NHRP Hold time : When this expires, the network ID is no longer valid

Tunnel key: This needs to be same for all mGRE tunnels on the network

Authentication String: This is used for NBMA network.

NHRP Registration: This is used for DMVPN tunnel hubs and spokes to authenticate themselves.

  • May 13, 2013
  • Cid
  • Benin
  • May 11, 2013

Please what is the vtp=Get Vpn? is it the lab? (Which question number)
And what is the LAB = ZBFW ? (Which question number)
Thanks.

  • May 11, 2013
  • Piton
  • Russian Federation
  • May 06, 2013

Material is valid.
There are some wrong answers .
I passed the exam
Big Thanks.

  • May 06, 2013
  • Doug
  • United States
  • May 06, 2013

I passed today with 898! Thanks.

  • May 06, 2013
  • ARMAN
  • India
  • May 06, 2013

there are some answers are wrong. so please verify it I passed it on Saturday with 890. simulators have some problem in Get vpn simulator some commands are not working in exam, so prepare it properly and when configure zone base firewall all commands are must type manually do not use tab or ? mark bcoz it have some negative marking so Best of Luck to all...

  • May 06, 2013
  • Ibra
  • Senegal
  • May 03, 2013

Passed the exam today with score 9xx. This dump is still valid.
LAB=ZBFW
VTP=GET VPN
Thanks to everyone.

  • May 03, 2013
  • ARMAN
  • India
  • May 03, 2013

Dump is valid but there are some drag & drops are wrong in this dumps. verify it with another dump.

  • May 03, 2013
  • duze
  • Saudi Arabia
  • May 02, 2013

finally I passed the exam today, the dump is valid
many thanks for all

  • May 02, 2013
  • steviekabslov@gmail.com
  • Uganda
  • May 02, 2013

The dump is 100% valid. passed today and I am very grateful for this dump and all who contributed to it.

  • May 02, 2013
  • Jaff
  • Australia
  • May 02, 2013

Q4 D&D

uRPF is not Control plane but Data plane Mitigation Technique

Correct answer should be
Routing Protocol Authentication
Rate Limiting
VTP Authentication
SPanning Tree Protection

Please correct me if I'm wrong
Reference Page 43 Secure Book

  • May 02, 2013
  • Sean
  • United States
  • May 01, 2013

Guys what is the vtp=Get Vpn? is it the lab?

  • May 01, 2013
  • tito
  • United States
  • Apr 30, 2013

Still valid, no new question and VTP had diffrent configs, I passed with 849 ,I got all drag-and-drops in dump, I almost got all 22

  • Apr 30, 2013
  • jp
  • Canada
  • Apr 28, 2013

Reviewing questions have question:

Q regarding results of an attacker performing a DHCP server spoofing attack
Answers (BC) DOS and Confidentialty breach. I strongly believe its AB DHCP snooping and DOS, anyone feels differently?

  • Apr 28, 2013
  • a
  • Canada
  • Apr 26, 2013

Can someone pls let us know if the answers (MCQ, D&D, SIMs) correct in this VCE. Not to offend azazredhat, there are some discussions here that mention some of the questions may have incorrect answers.
Thanks a bunch

  • Apr 26, 2013
  • X
  • Canada
  • Apr 25, 2013

It's ok, I now have the correct suite version to open the VCE - thanks again for this great forum - good luck to all!

  • Apr 25, 2013
  • X
  • Canada
  • Apr 25, 2013

which version of VCE was this most useful upload created with as I am getting the error, "this file was created with an older version ov Visual CE.." (I am using ver 1.9.815), many thanks!

  • Apr 25, 2013
  • Cisco-P
  • South Africa
  • Apr 24, 2013

Still valid, got 2 MCQ that is not in this dump and VTP had diffrent configs / ip's but passed with 8xx. Know all drag-and-drops in dump, I almost got all 22

  • Apr 24, 2013
  • Panama Jack
  • United Kingdom
  • Apr 23, 2013

I agree still Valid pass 9xx 70 question 776 pass mark GETVPN and ZBFW sims.

  • Apr 23, 2013
  • Sam
  • United States
  • Apr 23, 2013

Dumps 100% Valid
same labs as in dumps as well as same questions asked.
I scored 8xx
Passing score is 776
Exam contains 70 questions

  • Apr 23, 2013
  • duze
  • Saudi Arabia
  • Apr 22, 2013

Guys the font in questions part for simulation labs (questions 130-135) are not clear, Is there any website that has a same questions with explanation like 9tut.com ?
any advice
thanks

  • Apr 22, 2013
  • Walter
  • United States
  • Apr 22, 2013

Good luck Sam!

  • Apr 22, 2013
  • Sam
  • India
  • Apr 21, 2013

exam contains any changes ???
I have scheduled my exam on 22nd Apr.

  • Apr 21, 2013
  • Juggy
  • United States
  • Apr 21, 2013

Still valid. Passed with 8xx marks.

  • Apr 21, 2013
  • azazredhat
  • India
  • Apr 20, 2013

@roam--

vtp question means you have to answer the mcq and prove it by commands

  • Apr 20, 2013
  • siva
  • Malaysia
  • Apr 17, 2013

@azazredhat
Thanks alot for the dump. today i passed the exam with score 900.
This dumb is 100% valid.

LAB: ZBFW
VTP: GETVPN

  • Apr 17, 2013
  • roam
  • Canada
  • Apr 17, 2013

VTP is GET VPN...what is VTP ? please let me know

  • Apr 17, 2013
  • dude
  • India
  • Apr 16, 2013

passed with 9xx,this dump is 100% valid..thanx azazredhat.ditto question in xam no change at all

  • Apr 16, 2013
  • SEC
  • United States
  • Apr 16, 2013

@twinhead

ty for the answer azazredhat, just a comment about twinhead,
checking that cert guide, it seemed that question 4 D&D is indeed wrong acording to that cert guide just to let u know,

thank you for the dump, taking my test anytime son now, i let u know how it goes.

  • Apr 16, 2013
  • azazredhat
  • India
  • Apr 15, 2013

@sec = correct answer is attacker has sent a spoofed ARP response that violates a static mapping.

@mallet = mcq is alternate and lab is ZBFW and VTP is GET VPN

@twinhead = if you are confused then refer any other dump for solving your confusion.
Dont take anything negative buddy,just solve every single confusion before exam for better score

  • Apr 15, 2013
  • mallet
  • Thailand
  • Apr 13, 2013

In real exam
Is it MCQ alternate or same vce?
lab only zone base firewall right?

  • Apr 13, 2013
  • SEC
  • United States
  • Apr 12, 2013

in question83, MCQ

the correct answer is the MACaddress has matched a deny rule within the ACL? or an attacker has sent a spoofed ARP response that violates a static mapping.

thanks in advance, great dump btw

  • Apr 12, 2013
  • twinhead
  • Bolivia
  • Apr 12, 2013

question 4 Drag and drops, i think is wrong, acording to oficial cert guide this is the correct:
■ True positives: The IPS or IDS sensor triggered because of legitimate malicious activity.This is normal, desired operation.
■ False positives: The IPS or IDS sensor triggered because of nonmalicious activity.This is usually because of errors caused by signatures that are configured to be too relaxed or broad in scope. In other words, the sensor mistook normal traffic patterns to be malicious.
■ True negatives: The IPS or IDS sensor failed to trigger when there was no malicious activity. This is normal, desired operation.
■ False negatives: The IPS or IDS sensor failed to trigger when there was malicious activity. This is usually because of errors caused by signatures that are configured to be too specific.

and im confused, in Q1 MCQ, refer to the exhibit, the correct answer is the peer has not matched any offered profiles??

  • Apr 12, 2013
  • anas
  • India
  • Apr 12, 2013

@Nannes
this dumps is 100% valid
i passed today

  • Apr 12, 2013
  • 097
  • India
  • Apr 09, 2013

got 963
dump 100% valid
thanks to azazredhat,Neil
lab=ZBFW
vtp=Get Vpn

  • Apr 09, 2013
  • Meera
  • India
  • Apr 07, 2013

Finally i cleared this exam by 9xx.
This dump is 100% valid.
Thanks

  • Apr 07, 2013
  • securitytycoon
  • India
  • Apr 06, 2013

thank you
great upload

  • Apr 06, 2013

Add Comments

Introducing The New!

Exam Collection

Premium Membership
Premium

Get Unlimited Access to all
ExamCollection’s PREMIUM files

Learn More
Download Quality. ExamCollection Certified

Site Search:

Only Registered Members Can Download VCE Files or View Training Courses

Please fill out your email address below in order to Download VCE files or view Training Courses. Registration is Free and Easy - you simply need to provide an email address.

  • Trusted By 1.2M IT Certification Candidates Every Month
  • VCE Files Simulate Real Exam Environment
  • Instant Download After Registration.
Please provide a correct e-mail address
A confirmation link will be sent to this email address to verify your login.
Already Member? Click Here to Login

Log into your ExamCollection Account

Please Log In to download VCE file or view Training Course

Please provide a correct E-mail address

Please provide your Password (min. 6 characters)

Only registered Examcollection.com members can download vce files or view training courses.

Registration is free and easy - just provide your E-mail address. Click Here to Register

Autumn Sale: 20% OFF!

ExamCollection Premium

ExamCollection Premium Files

Get Unlimited Access to all ExamCollection's PREMIUM files!

  • ExamCollection Certified Safe Files
  • Guaranteed to have ACTUAL Exam Questions
  • Up-to-Date Exam Study Material - Verified by Experts
  • Instant Downloads
Enter Your Email Address to Receive Your 20% OFF Discount Code
A Confirmation Link will be sent to this email address to verify your login
We value your privacy. We will not rent or sell your email address

Autumn Sale: 20% OFF!

Use Discount Code:

EXAM2020

A confirmation link was sent to your e-mail.
Please check your mailbox for a message from support@examcollection.com and follow the directions.

Next

Download Free Demo of VCE Exam Simulator

Experience Avanset VCE Exam Simulator for yourself.

Simply submit your e-mail address below to get started with our interactive software demo of your free trial.

Free Demo Limits: In the demo version you will be able to access only first 5 questions from exam.