810-502 LVCI Leading Virtual Classroom Instruction

Exam Number 810-502
Associated Certifications Virtual Classroom Instruction Specialist
Duration 75 minutes (55-65 questions)
Available Languages English

The 810-502 Leading Virtual Classroom Instruction written exam is required for Cisco WebEx Virtual Classroom Instruction Specialist. The computer-based, multiple-choice exam tests the candidate's knowledge of how to prepare and manage a virtual classroom environment and use collaboration tools to maximize student participation and comprehension. Candidates can prepare for the exam by taking the Cisco WebEx Leading Virtual Classroom Instruction course (LVCI) v2.0.

The 810-502 Leading Virtual Classroom Instruction written exam is required for Cisco WebEx Virtual Classroom Instruction Specialist certification. The computer-based, multiple-choice exam tests the candidate's knowledge of how to prepare and manage a virtual classroom environment and use collaboration tools to maximize student participation and comprehension. Candidates can prepare for the exam by taking the Cisco WebEx Leading Virtual Classroom Instruction course.

The following topics are general guidelines for the content likely to be included on the exam. However, other related topics may also appear on any specific delivery of the exam. In order to better reflect the contents of the exam and for clarity purposes, the guidelines below may change at any time without notice.

1.0 Describe Synchronous eLearning Environments to Include Characteristics, Roles and Responsibilities 5%
1.1 Describe the characteristics of synchronous eLearning — definitions and terms used in the industry
1.2 Describe the function and benefits of interactivity in a virtual classroom environment
1.3 Describe the general roles and responsibilities when implementing a virtual delivery program

2.0 Manage Program and Logistics 5%
2.1 Plan and execute effective participant communication before, during and after scheduled virtual sessions
2.2 Given a scenario identify and describe the steps to coordinate and schedule a virtual session
2.3 Given a scenario, determine the appropriate pre-session activities necessary (including scheduling, registration, and reporting)
2.4 Assess your needs against the program goals and determine whether to augment the virtual classroom with blended learning options
2.5 Identify recording and playback capabilities, purposes and considerations

3.0 Prepare Yourself and Your Physical and Virtual Environment for Conducting an Effective Virtual Classroom Session 11%
3.1 Set up the trainer's physical and virtual environment including preparing the attendee environment
3.2 Prepare yourself for facilitating in a virtual training environment
3.3 Develop contingency plans for common difficulties
3.4 Review course materials and address any areas that are unclear or may lead to learner confusion

4.0 Demonstrate Effective Classroom Management Skills in a Virtual Classroom Setting 33%
4.1 Implement contingency plans to manage disruptions
4.2 Keep sessions on track by responding to questions, keeping participants focused, and encouraging participation
4.3 Apply time management strategies effectively
4.4 Maintain a safe and positive learning environment that is conducive to the learning process
4.5 Build rapport with students
4.6 Establishes and maintains credibility with learners
4.7 Checks in at regular intervals and adjusts instruction based on feedback and/or behavioral cues from participants
4.8 Provide clear instruction and guidance to learners on how to meet the learning objective
4.9 Manage small group work, labs, and independent work
4.10 Employ effective questioning skills to involve learners (e.g., open-ended questions, wait after asking questions, let people self-select, etc.)
4.11 Ensure most participants are responding and interacting at the desired level
4.12 Gauge when to control the facilitation process versus when to let interaction flow
4.13 Facilitate interaction between participants to achieve balanced participation among class members
4.14 Defines how participants should participate and reinforces desired behavior (e.g., use chat, raise hand icon, speak up)
4.15 Guide learners through the lesson content to achieve deeper understanding
4.16 Guide learners through the process of using online tools in activities

5.0 Demonstrate Effective Presentation Skills in a Virtual Classroom Setting 8%
5.1 Present content in a logical flow and order
5.2 Use a pace appropriate for students, learning objectives and learning material
5.3 Describe concepts in a clear and complete manner, using relevant examples
5.4 Transition effectively between topics/instructional elements

6.0 Select and Effectively Use Tools for Presentation and Collaboration that Are Appropriate for Achieving Intended Learning Objective or Desired Result 15%
6.1 Use annotation tools to focus attention to relevant content
6.2 Use sharing features when appropriate, including application, presentation, desktop, etc.
6.3 Use white boarding or white space to enhance instruction or group process
6.4 Use collaboration tools when appropriate, including annotation, chat, Q&A, polling, video, pass presenter role, remote control

7.0 Demonstrate Use of Voice Modulation and Effective Audio Techniques 5%
7.1 Uses appropriate modulation, vocal inflection, tone, and volume (e.g., varies pitch and emphasis to avoid speaking in monotone)
7.2 Conveys energy and enthusiasm (e.g., puts a smile in his/her voice)
7.3 Makes appropriate vocal adjustments (e.g., adjusts pace or volume) in response to participant feedback
7.4 Creates an effective audio environment (e.g., ensures a quiet presentation space, and that participants have audio as they join)
7.5 Limit use of filler words (e.g., um, ah, you know, etc.)

8.0 Apply Fundamental Virtual Classroom Content Design Concepts 11%
8.1 Identify and describe effective synchronous training design principle
8.2 Create/update effective synchronous presentation materials (e.g., updates presentation materials following leading practices for graphics, text, color and font)
8.3 Identifies and develops/chooses effective learning activities

9.0 Assess Student Comprehension and Evaluate the Effectiveness of Training 7%
9.1 Develop a strategy for evaluating effectiveness of the training and student skills and knowledge
9.2 Create effective test questions and surveys to measure participant reaction and learning gains
9.3 Assess whether the training was effective based on reviewing test results, survey results, and attendee feedback through online tools such as polls
9.4 Reviews content or adjusts pace of delivery to enhance comprehension if required

Click here to view complete Q&A of 810-502 exam
Certkingdom Review

Best Cisco 810-502 Certification, Cisco 810-502 Training at certkingdom.com

200-125 CCNA Cisco Certified Network Associate Exam

Exam Number 200-125 CCNA
Associated Certifications CCNA Routing and Switching
Duration 90 Minutes (50-60 questions)
Available Languages English, Japanese

This exam tests a candidate's knowledge and skills related to network fundamentals, LAN switching technologies, IPv4 and IPv6 routing technologies, WAN technologies, infrastructure services, infrastructure security, and infrastructure management.

The Cisco Certified Network Associate (CCNA) Routing and Switching composite exam (200-125) is a 90-minute, 50–60 question assessment that is associated with the CCNA Routing and Switching certification. This exam tests a candidate's knowledge and skills related to network fundamentals, LAN switching technologies, IPv4 and IPv6 routing technologies, WAN technologies, infrastructure services, infrastructure security, and infrastructure management.

The following topics are general guidelines for the content likely to be included on the exam. However, other related topics may also appear on any specific delivery of the exam. In order to better reflect the contents of the exam and for clarity purposes, the guidelines below may change at any time without notice.

Subscribe to Cisco Learning Network Premium and access the most comprehensive e-learning training, resources and tools you’ll need to prepare for your CCENT, CCNA and CCNP Routing and Switching certifications.

1.0 Network Fundamentals 15%

1.1 Compare and contrast OSI and TCP/IP models

1.2 Compare and contrast TCP and UDP protocols

1.3 Describe the impact of infrastructure components in an enterprise network

1.3.a Firewalls
1.3.b Access points
1.3.c Wireless controllers

1.4 Describe the effects of cloud resources on enterprise network architecture

1.4.a Traffic path to internal and external cloud services
1.4.b Virtual services
1.4.c Basic virtual network infrastructure

1.5 Compare and contrast collapsed core and three-tier architectures

1.6 Compare and contrast network topologies

1.6.a Star
1.6.b Mesh
1.6.c Hybrid

1.7 Select the appropriate cabling type based on implementation requirements

1.8 Apply troubleshooting methodologies to resolve problems

1.8.a Perform and document fault isolation
1.8.b Resolve or escalate
1.8.c Verify and monitor resolution

1.9 Configure, verify, and troubleshoot IPv4 addressing and subnetting

1.10 Compare and contrast IPv4 address types

1.10.a Unicast
1.10.b Broadcast
1.10.c Multicast

1.11 Describe the need for private IPv4 addressing

1.12 Identify the appropriate IPv6 addressing scheme to satisfy addressing requirements in a LAN/WAN environment

1.13 Configure, verify, and troubleshoot IPv6 addressing

1.14 Configure and verify IPv6 Stateless Address Auto Configuration

1.15 Compare and contrast IPv6 address types

1.15.a Global unicast
1.15.b Unique local
1.15.c Link local
1.15.d Multicast
1.15.e Modified EUI 64
1.15.f Autoconfiguration
1.15.g Anycast

2.0 LAN Switching Technologies 21%

2.1 Describe and verify switching concepts

2.1.a MAC learning and aging
2.1.b Frame switching
2.1.c Frame flooding
2.1.d MAC address table

2.2 Interpret Ethernet frame format

2.3 Troubleshoot interface and cable issues (collisions, errors, duplex, speed)

2.4 Configure, verify, and troubleshoot VLANs (normal/extended range) spanning multiple switches

2.4.a Access ports (data and voice)
2.4.b Default VLAN

2.5 Configure, verify, and troubleshoot interswitch connectivity

2.5.a Trunk ports
2.5.b Add and remove VLANs on a trunk
2.5.c DTP, VTP (v1&v2), and 802.1Q
2.5.d Native VLAN

2.6 Configure, verify, and troubleshoot STP protocols

2.6.a STP mode (PVST+ and RPVST+)
2.6.b STP root bridge selection

2.7 Configure, verify and troubleshoot STP related optional features

2.7.a PortFast
2.7.b BPDU guard

2.8 Configure and verify Layer 2 protocols

2.8.a Cisco Discovery Protocol
2.8.b LLDP

2.9 Configure, verify, and troubleshoot (Layer 2/Layer 3) EtherChannel

2.9.a Static
2.9.b PAGP
2.9.c LACP

2.10 Describe the benefits of switch stacking and chassis aggregation

3.0 Routing Technologies 23%

3.1 Describe the routing concepts

3.1.a Packet handling along the path through a network
3.1.b Forwarding decision based on route lookup
3.1.c Frame rewrite

3.2 Interpret the components of a routing table

3.2.a Prefix
3.2.b Network mask
3.2.c Next hop
3.2.d Routing protocol code
3.2.e Administrative distance
3.2.f Metric
3.2.g Gateway of last resort

3.3 Describe how a routing table is populated by different routing information sources

3.3.a Admin distance

3.4 Configure, verify, and troubleshoot inter-VLAN routing

3.4.a Router on a stick
3.4.b SVI

3.5 Compare and contrast static routing and dynamic routing

3.6 Compare and contrast distance vector and link state routing protocols

3.7 Compare and contrast interior and exterior routing protocols

3.8 Configure, verify, and troubleshoot IPv4 and IPv6 static routing

3.8.a Default route
3.8.b Network route
3.8.c Host route
3.8.d Floating static

3.9 Configure, verify, and troubleshoot single area and multi-area OSPFv2 for IPv4 (excluding authentication, filtering, manual summarization, redistribution, stub, virtual-link, and LSAs)

3.10 Configure, verify, and troubleshoot single area and multi-area OSPFv3 for IPv6 (excluding authentication, filtering, manual summarization, redistribution, stub, virtual-link, and LSAs)

3.11 Configure, verify, and troubleshoot EIGRP for IPv4 (excluding authentication, filtering, manual summarization, redistribution, stub)

3.12 Configure, verify, and troubleshoot EIGRP for IPv6 (excluding authentication, filtering, manual summarization, redistribution, stub)

3.13 Configure, verify, and troubleshoot RIPv2 for IPv4 (excluding authentication, filtering, manual summarization, redistribution)

3.14 Troubleshoot basic Layer 3 end-to-end connectivity issues

4.0 WAN Technologies 10%

4.1 Configure and verify PPP and MLPPP on WAN interfaces using local authentication

4.2 Configure, verify, and troubleshoot PPPoE client-side interfaces using local authentication

4.3 Configure, verify, and troubleshoot GRE tunnel connectivity

4.4 Describe WAN topology options

4.4.a Point-to-point
4.4.b Hub and spoke
4.4.c Full mesh
4.4.d Single vs dual-homed

4.5 Describe WAN access connectivity options

4.5.a MPLS
4.5.b Metro Ethernet
4.5.c Broadband PPPoE
4.5.d Internet VPN (DMVPN, site-to-site VPN, client VPN)

4.6 Configure and verify single-homed branch connectivity using eBGP IPv4 (limited to peering and route advertisement using Network command only)

4.7 Describe basic QoS concepts

4.7.a Marking
4.7.b Device trust
4.7.c Prioritization
4.7.c. [i] Voice
4.7.c. [ii] Video
4.7.c. [iii] Data
4.7.d Shaping
4.7.e Policing
4.7.f Congestion management

5.0 Infrastructure Services 10%

5.1 Describe DNS lookup operation

5.2 Troubleshoot client connectivity issues involving DNS

5.3 Configure and verify DHCP on a router (excluding static reservations)

5.3.a Server
5.3.b Relay
5.3.c Client
5.3.d TFTP, DNS, and gateway options

5.4 Troubleshoot client- and router-based DHCP connectivity issues

5.5 Configure, verify, and troubleshoot basic HSRP

5.5.a Priority
5.5.b Preemption
5.5.c Version

5.6 Configure, verify, and troubleshoot inside source NAT

5.6.a Static
5.6.b Pool
5.6.c PAT

5.7 Configure and verify NTP operating in a client/server mode

6.0 Infrastructure Security 11%

6.1 Configure, verify, and troubleshoot port security

6.1.a Static
6.1.b Dynamic
6.1.c Sticky
6.1.d Max MAC addresses
6.1.e Violation actions
6.1.f Err-disable recovery

6.2 Describe common access layer threat mitigation techniques

6.2.a 802.1x
6.2.b DHCP snooping
6.2.c Nondefault native VLAN

6.3 Configure, verify, and troubleshoot IPv4 and IPv6 access list for traffic filtering

6.3.a Standard
6.3.b Extended
6.3.c Named

6.4 Verify ACLs using the APIC-EM Path Trace ACL analysis tool

6.5 Configure, verify, and troubleshoot basic device hardening

6.5.a Local authentication
6.5.b Secure password
6.5.c Access to device
6.5.c. [i] Source address
6.5.c. [ii] Telnet/SSH
6.5.d Login banner

6.6 Describe device security using AAA with TACACS+ and RADIUS

7.0 Infrastructure Management 10%

7.1 Configure and verify device-monitoring protocols

7.1.a SNMPv2
7.1.b SNMPv3
7.1.c Syslog

7.2 Troubleshoot network connectivity issues using ICMP echo-based IP SLA

7.3 Configure and verify device management

7.3.a Backup and restore device configuration
7.3.b Using Cisco Discovery Protocol or LLDP for device discovery
7.3.c Licensing
7.3.d Logging
7.3.e Timezone
7.3.f Loopback

7.4 Configure and verify initial device configuration

7.5 Perform device maintenance

7.5.a Cisco IOS upgrades and recovery (SCP, FTP, TFTP, and MD5 verify)
7.5.b Password recovery and configuration register
7.5.c File system management

7.6 Use Cisco IOS tools to troubleshoot and resolve problems

7.6.a Ping and traceroute with extended option
7.6.b Terminal monitor
7.6.c Log events
7.6.d Local SPAN

7.7 Describe network programmability in enterprise network architecture

7.7.a Function of a controller
7.7.b Separation of control plane and data plane
7.7.c Northbound and southbound APIs

---

QUESTION 22
A receiving host computes the checksum on a frame and determines that the frame is damaged. The frame is then discarded. At which OSI layer did this happen?
A. session
B. transport
C. network
D. data link
E. physical

Answer: D
Explanation:
The Data Link layer provides the physical transmission of the data and handles error notification, network topology, and flow control. The Data Link layer formats the message into pieces, each called a data frame, and adds a customized header containing the hardware destination and source address. Protocols Data Unit (PDU) on Datalink layer is called frame. According to this question the frame is damaged and discarded which will happen at the Data Link layer.

---

QUESTION 23
A router has two Fast Ethernet interfaces and needs to connect to four VLANs in the local network. How can you accomplish this task, using the fewest physical interfaces and without decreasing network performance?
A. Use a hub to connect the four VLANS with a Fast Ethernet interface on the router.
B. Add a second router to handle the VLAN traffic.
C. Add two more Fast Ethernet interfaces.
D. Implement a router-on-a-stick configuration.

Answer: D
Explanation:
A router on a stick allows you to use sub-interfaces to create multiple logical networks on a single physical interface.

---

QUESTION 25
In an Ethernet network, under what two scenarios can devices transmit? (Choose two.)
A. when they receive a special token
B. when there is a carrier
C. when they detect no other devices are sending
D. when the medium is idle
E. when the server grants access

Answer: C,D
Explanation:
Ethernet network is a shared environment so all devices have the right to access to the medium. If more than one device transmits simultaneously, the signals collide and cannot reach the destination.
If a device detects another device is sending, it will wait for a specified amount of time before attempting to transmit.
When there is no traffic detected, a device will transmit its message. While this transmission is occurring, the device continues to listen for traffic or collisions on the LAN. After the message is sent, the device returns to its default listening mode.

---

QUESTION 28
VLAN 3 is not yet configured on your switch. What happens if you set the switchport access vlan 3 command in interface configuration mode?
A. The command is rejected.
B. The port turns amber.
C. The command is accepted and the respective VLAN is added to vlan.dat.
D. The command is accepted and you must configure the VLAN manually.

Answer: C
Explanation:
The “switchport access vlan 3” will put that interface as belonging to VLAN 3 while also updated the VLAN database automatically to include VLAN 3.

---

QUESTION 29
Which term describes a spanning-tree network that has all switch ports in either the blocking or forwarding state?
A. converged
B. redundant
C. provisioned
D. spanned

Answer: A
Explanation:
Spanning Tree Protocol convergence (Layer 2 convergence) happens when bridges and switches have transitioned to either the forwarding or blocking state. When layer 2 is converged, root bridge is elected and all port roles (Root, Designated and Non-Designated) in all switches are selected.

Click here to view complete Q&A of 200-125 exam
Certkingdom Review

Best Cisco 200-125 Certification, Cisco 200-125 Training at certkingdom.com

210-250 SECFND Understanding Cisco Cybersecurity Fundamentals

Exam Number 210-250 SECFND
Available for testing: November 2016
The availability date is subject to change without notice.
Associated Certifications CCNA Cyber Ops
Duration 90 Minutes (55-60 questions)
Available Languages English
Register Pearson VUE

This exam is the first of the two required exams to achieve the CCNA Cyber Ops certification and is aligned with the job role of an associate-level Security Operations Center (SOC) Security Analyst. The SECFND exam tests candidates understanding of cybersecurity’s basic principles, foundational knowledge, and core skills needed to grasp the more advanced associate-level materials in the second required exam, "Implementing Cisco Cybersecurity Operations (SECOPS)".

The 210-250 SECFND "Understanding Cisco Cybersecurity Fundamentals" (SECFND) is a 1.5-hour exam with 50−60 questions and is associated with the Cisco CCNA Cyber Ops certification. Candidates can prepare for this exam by taking the course, "Understanding Cisco Cybersecurity Fundamentals (SECFND) v1.0”. This exam tests a candidate's understanding of cybersecurity’s basic principles, foundational knowledge, and core skills needed to grasp the more advanced associate-level materials in the second required exam, "Implementing Cisco Cybersecurity Operations (SECOPS)". The exam is closed book and no outside reference materials are allowed.

The following topics are general guidelines for the content likely to be included on the exam. However, other related topics may also appear on any specific delivery of the exam. In order to better reflect the contents of the exam and for clarity purposes, the guidelines below may be updated at any time without notice.


1.0 Network Concepts  12%

2.0 Security Concepts 17%

3.0 Cryptography 12%

4.0 Host Based Analysis 19%

5.0 Security Monitoring 19%

6.0 Attack Methods 21%

Click here to view complete Q&A of 210-250 exam
Certkingdom Review

Best Cisco 210-250 Certification, Cisco 210-250 Training at certkingdom.com

210-255 SECOPS Implementing Cisco Cybersecurity Operations

Exam Number 210-255 SECOPS
Available for testing: December 2016
The availability date is subject to change without notice.
Associated Certifications CCNA Cyber Ops
Duration 90 Minutes (55-60 questions)
Available Languages English

This exam is the second of the two required exams in achieving the associate-level CCNA Cyber Ops certification and prepares candidates to begin a career within a Security Operations Center (SOC), working with Cybersecurity Analysts at the associate level. The SECFND exam tests a candidate's knowledge and skills needed to successfully handle the tasks, duties, and responsibilities of an associate-level Security Analyst working in a SOC.

The 210-255 "Implementing Cisco Cybersecurity Operations" (SECOPS) is a 1.5-hour exam with 50−60 questions and is associated with the Cisco CCNA Cyber Ops certification. Candidates can prepare for this exam by taking the Implementing Cisco Cybersecurity Operations v1.0 (SECOPS) course. This exam tests a candidate's knowledge and skills needed to successfully assist with the tasks, duties, and responsibilities of an associate-level Security Analyst working in a Security Operations Center (SOC).The exam is closed book and no outside reference materials are allowed.

The following topics are general guidelines for the content likely to be included on the exam. However, other related topics may also appear on any specific delivery of the exam. In order to better reflect the contents of the exam and for clarity purposes, the guidelines below maybe updated at any time without notice.

1.0 Endpoint Threat Analysis & Computer Forensics 15%

2.0 Network Intrusion Analysis 22%

3.0 Incident Response 18%

4.0 Data and Event Analysis 23%

5.0 Incident Handling 22%

Click here to view complete Q&A of 210-255 exam
Certkingdom Review

Best Cisco 210-255 Certification, Cisco 210-255 Training at certkingdom.com

300-365 WIDEPLOY Deploying Cisco Wireless Enterprise Networks

---

QUESTION 1
A network engineer for a college dormitory notices that student devices are filling up the SP-DB and are not allowing the shared wireless printers to be discovered. Which feature can be used to reserve space in the SP-DB for the printers?

A. mDNS-AP
B. LSS
C. Priority MAC
D. sso

Answer: C

---

QUESTION 2
By default, how long does a Mobility Services Engine wait for an echo response from a Wireless LAN Controller before declaring the neighbor dead?

A. 10 Seconds
B. 60 Seconds
C. 15 Seconds
D. 30 Seconds

Answer: D

---

QUESTION 3
Controllers WLC_1 and WLC_2 are in the same mobility group. A wireless client that does not have the same VLAN interface roams from WLC_1 to WLC_2. What happens to the client roaming?

A. The client context is deleted in controller WLC_1, and a new client context is created in WLC_2 to become the anchor controller
B. The client context is moved from controller WLC_1 to controller WLC_2. The result is that the WLC_1 client context is deleted and WLC_2 becomes the anchor controller.
C. The client context is copied from controller WLC_1 to controller WLC_2. The result is that WLC_1 becomes the foreign controller and WLC_2 becomes the anchor controller.
D. The client context is copied from controller WLC_1 to controller WLC_2. The result is
that WLC_1 becomes the anchor controller and WLC_2 becomes the foreign controller.

Answer: D

---

QUESTION 4
A network engineer must configure a 5 GHz network to allow for the greatest density of radios possible with the least amount of co-channel interference. Which configuration best fulfills this requirement?

A. Set 802.11 h Local Power constraint to 25 dBm.
B. Set DCA to 20 MHz channels and enable Extended UNII-2 channels.
C. Enable Event Driven RRM in 5 GHz with a sensitivity of High, n
D. Configure TPC Power Threshold to -80 dBm and set interference Optimal Mode (TPCv2).

Answer: B

Click here to view complete Q&A of 300-365 exam
Certkingdom Review

Best Cisco 300-365 Certification, Cisco 300-365 Training at certkingdom.com

300-370 WITSHOOT Troubleshooting Cisco Wireless Enterprise Networks

Exam Number 300-370
Associated Certifications CCNP Wireless
Duration 90 Minutes (60 - 70 questions)
Available Languages English

This exam tests a candidate's knowledge of troubleshooting and optimizing Enterprise wireless infrastructure and related services plus the tools and methodologies needed to identify and resolve client connectivity, performance, and RF issues.

The Troubleshooting Cisco Wireless Enterprise Networks (WITSHOOT) exam (300-370) is a 90-minute, 60-70 question assessment that is associated with the CCNP Wireless certification. This exam tests a candidate's knowledge of troubleshooting and optimizing Enterprise wireless infrastructure and related services plus the tools and methodologies needed to identify and resolve client connectivity, performance, and RF issues. Candidates can prepare for this exam by taking the Troubleshooting Cisco Wireless Enterprise Networks (WITSHOOT) course.

The following topics are general guidelines for the content that is likely to be included on the exam. However, other related topics may also appear on any specific instance of the exam. To better reflect the contents of the exam and for clarity purposes, these guidelines may change at any time without notice.

1.0 Troubleshooting Methodology 10%

1.1 Apply the appropriate trouble shooting methods to identify an issue

1.1.a Bottom up
1.1.b Top down
1.1.c Divide and Conquer
1.1.d Shoot from the hip

1.2 Utilize the appropriate tools to assist in isolating an issue

1.2.a Interpret Show commands
1.2.b Interpret Debug commands
1.2.c Interpret Config analyzer output
1.2.d Interpret Sniffer traces
1.2.e Interpret Spectrum analysis
1.2.f Interpret Ekahau output

2.0 Troubleshoot AP Joining Issues 15%

2.1 Resolve controller discovery issues

2.1.a Compare controller discovery methods
2.1.b Analyze Controller selection method

2.2 Resolve DTLS session establishment issues

2.3 Resolve AP Joining issues

2.3.a Analyze join phase issues
2.3.b Analyze configuration phase issues

3.0 Troubleshoot Client Connectivity Issues 20%

3.1 Identify and resolve authentication issues

3.1.a Identify 802.11 issues
3.1.b Analyze external EAP issues
3.1.c Resolve local EAP issues
3.1.d Resolve WebAuth issues

3.2 Identify RF signal issues

3.2.a Analyze poor RSSI/SNR issues due to AP-client positions
3.2.b Evaluate degraded RF conditions in the cell
3.2.c Evaluate excessive retries
3.2.d Resolve poor roaming performances (client stickiness or cell overlap issues)

3.3 Resolve supplicant configuration issues – (iOS, Android, Windows, MAC OS, year 2013+)

3.4 Troubleshooting autonomous AP links

3.4.a Troubleshooting work group bridge connectivity
3.4.b Troubleshoot WGB roaming issues
3.4.c Evaluate AP to AP EAP authentication issues
3.4.d Resolve root and non-root connectivity issues

4.0 Identify and Locate RF Interferences 13%

4.1 Identify and mitigate rogues

4.1.a Characterize rogue clients and rogue access point
4.1.b Implement rogue mitigation techniques

4.2 Manage non-802.11 interferences

4.2.a Detect and characterize non-802.11 interferences
4.2.b Evaluate interference zone of impact
4.2.c Assess interference security severity

5.0 Troubleshoot Client Performance Issues 17%

5.1 Characterize roaming issues

5.1.a Identify client stickiness
5.1.b Mitigate ping pong effect
5.1.c Resolve cross-band roaming issues

5.2 Evaluate throughput and data rate issues

5.2.a Identify rate shifting issues
5.2.b Evaluate incompatible client requirements vs AP settings

5.3 Identify the source of poor user experience

5.3.a Evaluate L2 issues vs upper Layer issues
5.3.b Identify cell design issues
5.3.c Mitigate Overlapping Basic Service Sets (OBSS) issues in high density designs
5.3.d Resolve channel planning issues

6.0 Identify Common Wired Infrastructure Issues Based on the Output From Common Troubleshooting Tools 15%

6.1 Identify DHCP - DHCPv4 / DHCPv6 issues

6.2 Identify DNS issues

6.3 Identify VLAN issues

6.4 Analyze end to end IP connectivity issues

6.5 Assess POE issues

6.6 Describe stacking as it related to wireless licenses and WCM role

7.0 Troubleshoot WLC and AP High Availability Issues 10%

7.1 Troubleshoot primary, secondary, tertiary controller join issues

7.1.a Resolve configuration mismatch
7.1.b Address capacity and capability mismatch

7.2 Troubleshoot Stateful Switch Over (SSO) issues

7.2.a Resolve primary and backup communication issues
7.2.b Assess primary and backup unsynchronized elements
7.2.c Analyze AP and client failover process
QUESTION 1
What is the maximum number of 1080p30 HD Conference Participants if an MSE 8000 has fourMSE8710 blades clustered?

A. 48.
B. 180
C. 720
D. 800

Answer: A
Reference:
Page 389
CIPTV110SG_Vol1

---

QUESTION 2
Which two options are IOS conference bridge types in CUCM? (Choose two)

A. CiscoIOS Enhanced Conference Bridge
B. CiscoIOS Standard Conference Bridge
C. CiscoIOS Software Conference Bridge
D. CiscoIOS Hardware Conference Bridge
E. Cisco IOS Conference Bridge

Answer: A,E
Reference:
Page 367
Cisco Unified Communications Manager Administration Guide, Release 10.0(1)

---

QUESTION 3
Which protocol is recommended to be used between Cisco Unified Communications Manager and thevoice gateway to simplify the dial plan?

A. SIP.
B. SCCP.
C. H323.
D. RSVP.
E. MGCP.

Answer: E

---

QUESTION 4
When implementing a global dial plan, which digit manipulation feature in CUCM does Ciscorecommend for adding +1 to all outbound calls?

A. Called party transformation.
B. Calling party transformation.
C. Translation pattern.
D. External phone mask.

Answer: A

Click here to view complete Q&A of 300-370 exam
Certkingdom Review

Best Cisco 300-370 Certification, Cisco 300-370 Training at certkingdom.com

300-375 WISECURE Securing Wireless Enterprise Networks

Exam Number 300-375
Associated Certifications CCNP Wireless
Duration 90 Minutes (60 - 70 questions)
Available Languages English

This exam tests a candidate's knowledge of implementing client device security, identity based authentication and services, along with securing and monitoring the Enterprise wireless infrastructure.

The 300-375 Securing Wireless Enterprise Networks (WISECURE) exam is a 90-minute, 60-70 question assessment that is associated with the CCNP Wireless certification. This exam tests a candidate's knowledge of implementing client device security, identity based authentication and services, along with securing and monitoring the Enterprise wireless infrastructure. Candidates can prepare for this exam by taking the Securing Wireless Enterprise Networks (WISECURE) course.

The following topics are general guidelines for the content that is likely to be included on the exam. However, other related topics may also appear on any specific instance of the exam. To better reflect the contents of the exam and for clarity purposes, these guidelines may change at any time without notice.

1.0 Integrate Client Device Security 19%

1.1. Describe Extensible Authentication Protocol (EAP) authentication process

1.2. Configure client for secure EAP authentication

1.2.a. Native OS (iOS, Android, Windows, MAC OS, year 2013+) or AnyConnect client

1.3. Describe the impact of security configurations on application and client roaming

1.3.a. Key caching
1.3.b. 802.11r

1.4. Implement 802.11w Protected Management Frame (PMF) on the WLAN

1.4.a. Client support
1.4.b. PMF modes
1.4.c. Relevant timer settings

1.5. Implement Cisco Management Frame Protection (MFP)

1.5.a. Cisco Compatible Extensions (CCX)
1.5.b. Infrastructure mode
1.5.c. Client and infrastructure mode

1.6. Describe and configure client profiling

1.6.a. ISE
1.6.b. WLC

2.0 Implement Secure Distribution System Connectivity Services on the Wireless Infrastructure 24%

2.1. Describe the impact of BYOD on wireless security

2.1.a Additional security risks
2.1.b Loss of device control
2.1.c Increased complexity of policy enforcement

2.2. Implement BYOD policies

2.2.a. Single vs dual SSID
2.2.b.Self registration
2.2.c. mDNS sharing
2.2.d.Wi-Fi Direct

2.3. Implement AAA based Layer 3 security on the controller

2.3.a. Local Web Auth (LWA)
2.3.a.[i] External authentication)
2.3.a.[ii] Locally significant certificates
2.3.a.[iii] Pre-authentication ACL
2.3.a.[iv] Pass through configuration

2.4. Describe regulatory compliance considerations for protecting data and access and providing accountability

2.4.a. PCI

2.5. Utilize security audit tools for Distribution Systems

2.5.a. PI reports
2.5.b. PCI audit

3.0 Implement Secure Client Connectivity Services on the Wireless Infrastructure 27%

3.1. Implement 802.1x wireless client authentication

3.1.a. AireOS
3.1.a.[i] Local
3.1.a.[ii] Central
3.1.b. IOS-XE
3.1.c. Autonomous
3.1.c.[i] Local authentication
3.1.c.[ii] Remote authentication
3.1.d. FlexConnect
3.1.d.[i] Local authentication
3.1.d.[ii] Remote authentication

3.2. Implement Identity Based Networking (IBN)

3.2.a. AireOS
3.2.a.[i] VLANs
3.2.a.[ii] QoS
3.2.a.[iii] ACLs
3.2.b. IOS-XE
3.2.b.[i] VLANs
3.2.b.[ii] QoS
3.2.b.[iii] ACLs
3.2.c. Autonomous
3.2.c.[i] VLAN
3.2.d. FlexConnect
3.2.d.[i] VLAN
3.2.d.[ii] ACLs
3.2.d.[iii] QoS

3.3. Implement ISE AAA parameters for integration with the wireless network

3.3.a. Network device
3.3.b. IBN profile

3.4. Implement AAA based Layer 3 security using ISE

3.4.a. Utilizing ISE as AAA service
3.4.a.[i] Locally significant certificates on ISE
3.4.a.[ii] Using captive portal capabilities for guest access
3.4.b. Central Web Auth (CWA
3.4.b.[i] Returned values and overrides
3.4.b.[ii] Access accept
3.4.b.[iii] AAA override statement

3.5. Configure MSE based web authentication

3.6. Utilize security audit tools for client connectivity

3.6.a. PI reports
3.6.b. PCI audit

4.0 Implement Secure Management Access on the WLAN Infrastructure 14%

4.1. Controlling administrative access to the wireless infrastructure

4.1.a. RADIUS
4.1.b. TACACS
4.1.c. Controller and ISE integration
4.1.d. Access point administration credentials

4.2. Configure APs and switches for 802.1x access to the wired infrastructure

4.2.a. Controller based
4.2.b. Autonomous

4.3. Implement SNMPv3 on the wireless infrastructure

4.3.a. AireOS
4.3.b. IOS-XE
4.3.c. Autonomous

5.0 Monitoring Security on the WLAN Infrastructure 16%

5.1. Execute Security reports on PI

5.2. Perform Rogue Management

5.2.a. Rogue Containment on WLC and PI
5.2.b. RLDP on WLC and PI
5.2.c. SwitchPort tracing on PI
5.2.d. Location on PI
5.2.e. Rogue Rules on WLC and PI

5.3. Monitor rogue APs and clients

5.3.a. PI Maps
5.3.b. Controller

5.4. Monitor Alarms

5.4.a. 2 items
5.4.b. PI Security Tab
5.4.c. Controller Trap Logs

5.5. Identify RF related Security interferers on WLC and PI Maps

5.5.a. Jammers
5.5.b. Inverted Wi-Fi
5.5.c. Wi-Fi invalid channel

5.6. Implement wIPS

5.6.a. Enhanced Local Mode (ELM)

---

QUESTION 1
An engineer configures the wireless LAN controller to perform 802.1x user authentication. Which option must be enabled to ensure that client devices can connect to the wireless, even when WLC cannot communicate with the RADIUS?

A. local EAP
B. authentication caching
C. pre-authentication
D. Cisco Centralized Key Management

Answer: A

---

QUESTION 2
When you configure BYOD access to the network, you face increased security risks and challenges. Which challenge is resolved by deploying digital client certificates?

A. managing the increase connected devices
B. ensuring wireless LAN performance and reliability
C. providing device choice and support
D. enforcing company usage policies

Answer: D

---

QUESTION 3
Which two events are possible outcomes of a successful RF jamming attack? (Choose two.)

A. unauthentication association
B. deauthentication multicast
C. deauthentication broadcast
D. disruption of WLAN services
E. physical damage to AP hardware

Answer: D,E

Click here to view complete Q&A of 300-375 exam
Certkingdom Review

Best Cisco 300-375 Certification, Cisco 300-375 Training at certkingdom.com

400-251 CCIE Security

Exam Number 400-251 CCIE Security
Associated Certifications CCIE Security
Duration 120 minutes (90 - 110 questions)
Available Languages English

The written exam validates experts who have the knowledge and skills to architect, engineer, implement, troubleshoot, and support the full suite of Cisco security technologies and solutions using the latest industry best practices to secure systems and environments against modern security risks, threats, vulnerabilities, and requirements.

Topics include network functionality and security-related concepts and best practices, as well as Cisco network security products, solutions, and technologies in areas such as next generation intrusion prevention, next generation firewalls, identity services, policy management, device hardening, and malware protection.

The written exam utilizes the unified exam topics which includes emerging technologies, such as Cloud, Network Programmability (SDN), and Internet of Things (IoT).

Unified Written and Lab Exam Topics v5.0 (Recommended for candidates scheduled to take the test ON January 31, 2017 and beyond)

Exam Description
The CCIE Security Version 5.0 exam unifies written and lab exam topics documents into a unique curriculum, while explicitly disclosing which domains pertain to which exam, and the relative weight of each domain.

The Cisco CCIE Security Written Exam (400-251) version 5.0 is a two-hour test with 90–110 questions that validate professionals who have the expertise to describe, design, implement, operate, and troubleshoot complex security technologies and solutions. Candidates must understand the requirements of network security, how different components interoperate, and translate it into the device configurations. The exam is closed book and no outside reference materials are allowed.

The Cisco CCIE Security Lab Exam version 5.0 is an eight-hour, hands-on exam that requires a candidate to plan, design, implement, operate, and troubleshoot complex security scenarios for a given specification. Knowledge of troubleshooting is an important skill and candidates are expected to diagnose and solve issues as part of the CCIE lab exam.

The following topics are general guidelines for the content likely to be included on the exam. However, other related topics may also appear on any specific delivery of the exam. In order to better reflect the contents of the exam and for clarity purposes, the guidelines below may change at any time without notice.

1.0 Perimeter Security and Intrusion Prevention 21%

1.1 Describe, implement, and troubleshoot HA features on Cisco ASA and Cisco FirePOWER Threat Defense (FTD)

1.2 Describe, implement, and troubleshoot clustering on Cisco ASA and Cisco FTD

1.3 Describe, implement, troubleshoot, and secure routing protocols on Cisco ASA and Cisco FTD

1.4 Describe, implement, and troubleshoot different deployment modes such as routed, transparent, single, and multicontext on Cisco ASA and Cisco FTD

1.5 Describe, implement, and troubleshoot firewall features such as NAT (v4,v6), PAT, application inspection, traffic zones, policy-based routing, traffic redirection to service modules, and identity firewall on Cisco ASA and Cisco FTD

1.6 Describe, implement, and troubleshoot IOS security features such as Zone-Based Firewall (ZBF), application layer inspection, NAT (v4,v6), PAT and

TCP intercept on Cisco IOS/IOS-XE

1.7 Describe, implement, optimize, and troubleshoot policies and rules for traffic control on Cisco ASA, Cisco FirePOWER and Cisco FTD

1.8 Describe, implement, and troubleshoot Cisco Firepower Management Center (FMC) features such as alerting, logging, and reporting

1.9 Describe, implement, and troubleshoot correlation and remediation rules on Cisco FMC

1.10 Describe, implement, and troubleshoot Cisco FirePOWER and Cisco FTD deployment such as in-line, passive, and TAP modes

1.11 Describe, implement, and troubleshoot Next Generation Firewall (NGFW) features such as SSL inspection, user identity, geolocation, and AVC (Firepower appliance)

1.12 Describe, detect, and mitigate common types of attacks such as DoS/DDoS, evasion techniques, spoofing, man-in-the-middle, and botnet

2.0 Advanced Threat Protection and Content Security 17%

2.1 Compare and contrast different AMP solutions including public and private cloud deployment models

2.2 Describe, implement, and troubleshoot AMP for networks, AMP for endpoints, and AMP for content security (CWS, ESA, and WSA)

2.3 Detect, analyze, and mitigate malware incidents

2.4 Describe the benefit of threat intelligence provided by AMP Threat GRID

2.5 Perform packet capture and analysis using Wireshark, tcpdump, SPAN, and RSPAN

2.6 Describe, implement, and troubleshoot web filtering, user identification, and Application Visibility and Control (AVC)

2.7 Describe, implement, and troubleshoot mail policies, DLP, email quarantines, and SenderBase on ESA

2.8 Describe, implement, and troubleshoot SMTP authentication such as SPF and DKIM on ESA

2.9 Describe, implement, and troubleshoot SMTP encryption on ESA

2.10 Compare and contrast different LDAP query types on ESA

2.11 Describe, implement, and troubleshoot WCCP redirection

2.12 Compare and contrast different proxy methods such as SOCKS, Auto proxy/WPAD, and transparent

2.13 Describe, implement, and troubleshoot HTTPS decryption and DLP

2.14 Describe, implement, and troubleshoot CWS connectors on Cisco IOS routers, Cisco ASA, Cisco AnyConnect, and WSA

2.15 Describe the security benefits of leveraging the OpenDNS solution.

2.16 Describe, implement, and troubleshoot SMA for centralized content security management

2.17 Describe the security benefits of leveraging Lancope

3.0 Secure Connectivity and Segmentation 17%

3.1 Compare and contrast cryptographic and hash algorithms such as AES, DES, 3DES, ECC, SHA, and MD5

3.2 Compare and contrast security protocols such as ISAKMP/IKEv1, IKEv2, SSL, TLS/DTLS, ESP, AH, SAP, and MKA

3.3 Describe, implementc and troubleshoot remote access VPN using technologies such as FLEXVPN, SSL-VPN between Cisco firewalls, routers, and end hosts

3.4 Describe, implement, and troubleshoot the Cisco IOS CA for VPN authentication

3.5 Describe, implement, and troubleshoot clientless SSL VPN technologies with DAP and smart tunnels on Cisco ASA and Cisco FTD

3.6 Describe, implement, and troubleshoot site-to-site VPNs such as GETVPN, DMVPN and IPsec

3.7 Describe, implement, and troubleshoot uplink and downlink MACsec (802.1AE)

3.8 Describe, implement, and troubleshoot VPN high availability using Cisco ASA VPN clustering and dual-hub DMVPN deployments

3.9 Describe the functions and security implications of cryptographic protocols such as AES, DES, 3DES, ECC, SHA, MD5, ISAKMP/IKEv1, IKEv2, SSL, TLS/DTLS, ESP, AH, SAP, MKA, RSA, SCEP/EST, GDOI, X.509, WPA, WPA2, WEP, and TKIP

3.10 Describe the security benefits of network segmentation and isolation

3.11 Describe, implement, and troubleshoot VRF-Lite and VRF-Aware VPN

3.12 Describe, implement, and troubleshoot microsegmentation with TrustSec using SGT and SXP

3.13 Describe, implement, and troubleshoot infrastructure segmentation methods such as VLAN, PVLAN, and GRE

3.14 Describe the functionality of Cisco VSG used to secure virtual environments

3.15 Describe the security benefits of data center segmentation using ACI, EVPN, VXLAN, and NVGRE

4.0 Identity Management, Information Exchange, and Access Control 22%

4.1 Describe, implement, and troubleshoot various personas of ISE in a multinode deployment

4.2 Describe, implement, and troubleshoot network access device (NAD), ISE, and ACS configuration for AAA

4.3 Describe, implement, and troubleshoot AAA for administrative access to Cisco network devices using ISE and ACS

4.4 Describe, implement, verify, and troubleshoot AAA for network access with 802.1X and MAB using ISE.

4.5 Describe, implement, verify, and troubleshoot cut-through proxy/auth-proxy using ISE as the AAA server

4.6 Describe, implement, verify, and troubleshoot guest life cycle management using ISE and Cisco network infrastructure

4.7 Describe, implement, verify, and troubleshoot BYOD on-boarding and network access flows with an internal or external CA

4.8 Describe, implement, verify, and troubleshoot ISE and ACS integration with external identity sources such as LDAP, AD, and external RADIUS

4.9 Describe ISE and ACS integration with external identity sources such as RADIUS Token, RSA SecurID, and SAML

4.10 Describe, implement, verify, and troubleshoot provisioning of AnyConnect with ISE and ASA

4.11 Describe, implement, verify, and troubleshoot posture assessment with ISE

4.12 Describe, implement, verify, and troubleshoot endpoint profiling using ISE and Cisco network infrastructure including device sensor

4.13 Describe, implement, verify, and troubleshoot integration of MDM with ISE

4.14 Describe, implement, verify, and troubleshoot certificate based authentication using ISE

4.15 Describe, implement, verify, and troubleshoot authentication methods such as EAP Chaining and Machine Access Restriction (MAR)

4.16 Describe the functions and security implications of AAA protocols such as RADIUS, TACACS+, LDAP/LDAPS, EAP (EAP-PEAP, EAP-TLS, EAP-TTLS, EAP-FAST, EAP-TEAP, EAP- MD5, EAP-GTC), PAP, CHAP, and MS-CHAPv2

4.17 Describe, implement, and troubleshoot identity mapping on ASA, ISE, WSA and FirePOWER

4.18 Describe, implement, and troubleshoot pxGrid between security devices such as WSA, ISE, and Cisco FMC

5.0 Infrastructure Security, Virtualization, and Automation 13%

5.1 Identify common attacks such as Smurf, VLAN hopping, and SYNful knock, and their mitigation techniques

5.2 Describe, implement, and troubleshoot device hardening techniques and control plane protection methods, such as CoPP and IP Source routing.

5.3 Describe, implement, and troubleshoot management plane protection techniques such as CPU and memory thresholding and securing device access

5.4 Describe, implement, and troubleshoot data plane protection techniques such as iACLs, uRPF, QoS, and RTBH

5.5 Describe, implement, and troubleshoot IPv4/v6 routing protocols security

5.6 Describe, implement, and troubleshoot Layer 2 security techniques such as DAI, IPDT, STP security, port security, DHCP snooping, and VACL

5.7 Describe, implement, and troubleshoot wireless security technologies such as WPA, WPA2, TKIP, and AES

5.8 Describe wireless security concepts such as FLEX Connect, wIPS, ANCHOR, Rogue AP, and Management Frame Protection (MFP)

5.9 Describe, implement, and troubleshoot monitoring protocols such as NETFLOW/IPFIX, SNMP, SYSLOG, RMON, NSEL, and eSTREAMER

5.10 Describe the functions and security implications of application protocols such as SSH, TELNET, TFTP, HTTP/HTTPS, SCP, SFTP/FTP, PGP, DNS/DNSSEC, NTP, and DHCP

5.11 Describe the functions and security implications of network protocols such as VTP, 802.1Q, TCP/UDP, CDP, LACP/PAgP, BGP, EIGRP, OSPF/OSPFv3, RIP/RIPng, IGMP/CGMP, PIM, IPv6, and WCCP

5.12 Describe the benefits of virtualizing security functions in the data center using ASAv, WSAv, ESAv, and NGIPSv

5.13 Describe the security principles of ACI such as object models, endpoint groups, policy enforcement, application network profiles, and contracts

5.14 Describe the northbound and southbound APIs of SDN controllers such as APIC-EM

5.15 Identify and implement security features to comply with organizational security policies, procedures, and standards such as BCP 38, ISO 27001, RFC 2827, and PCI-DSS

5.16 Describe and identify key threats to different places in the network (campus, data center, core, edge) as described in Cisco SAFE

5.17 Validate network security design for adherence to Cisco SAFE recommended practices

5.18 Interpret basic scripts that can retrieve and send data using RESTful API calls in scripting languages such as Python

5.19 Describe Cisco Digital Network Architecture (DNA) principles and components.

6.0 Evolving Technologies 10%

6.1 Cloud
6.1.a Compare and contrast Cloud deployment models
6.1.a [i] Infrastructure, platform, and software services (XaaS)
6.1.a [ii] Performance and reliability
6.1.a [iii] Security and privacy
6.1.a [iv] Scalability and interoperability
6.1.b Describe Cloud implementations and operations
6.1.b [i] Automation and orchestration
6.1.b [ii] Workload mobility
6.1.b [iii] Troubleshooting and management
6.1.b [iv] OpenStack components

6.2 Network Programmability (SDN)
6.2.a Describe functional elements of network programmability (SDN) and how they interact
6.2.a [i] Controllers
6.2.a [ii] APIs
6.2.a [iii] Scripting
6.2.a [iv] Agents
6.2.a [v] Northbound vs. Southbound protocols
6.2.b Describe aspects of virtualization and automation in network environments
6.2.b [i] DevOps methodologies, tools and workflows
6.2.b [ii] Network/application function virtualization (NFV, AFV)
6.2.b [iii] Service function chaining
6.2.b [iv] Performance, availability, and scaling considerations

6.3 Internet of Things (IoT)
6.3.a Describe architectural framework and deployment considerations for Internet of Things
6.3.a [i] Performance, reliability and scalability
6.3.a [ii] Mobility
6.3.a [iii] Security and privacy
6.3.a [iv] Standards and compliance
6.3.a [v] Migration
6.3.a [vi] Environmental impacts on the network

Click here to view complete Q&A of 400-251 exam
Certkingdom Review

Best Cisco 400-251 Certification, Cisco 400-251 Training at certkingdom.com