Share your CCIE v5 Written Experience

@True

INE have some videos to study for CCIE, including lab.

@Charlie
i have made up my mind for spoto

Another incorrect answer shared by SHA spoto.

57: WHICH STATEMENT ABOUT CONTROL PLANE POLICING IS TRUE?

A- it queues egress packets that would otherwise be discarded.
b- it applies to packets that are generated locally.
c- it queues ingress packets that would otherwise be discarded
d- ip applies, to packets that are punted to the router processor.

B is incorrect, D is correct.

Control Plane Policing (CoPP) – CoPP is the Cisco IOS-wide route processor protection mechanism. As illustrated in Figure 2, and similar to rACLs, CoPP is deployed once to the punt path of the router. However, unlike rACLs that only apply to receive destination IP packets, CoPP applies to all packets that punt to the route processor for handling.

Another wrong question on Spoto provided by SHA…

Which feature can you implement to most effectively protect customer traffic in a rate-limited WAN Ethernet service?
A. HCBWFQ
B. IntServ with RSVP
C. DiffServ
D. The IPsec VTI qos pre-classify command
E. Q-in-Q

The correct answer is A, HCBWFQ provide a rate-limit to the customer not exceed this.

https://books.google.com.br/books?id=YhDGDQAAQBAJ&pg=PT1036&lpg=PT1036&dq=HCBWFQ&source=bl&ots=hNUQyaz_qC&sig=YhVcHc_lgs_y0mtnY_wQyyIlv3I&hl=en&sa=X&ved=0ahUKEwjHk96Ftr3TAhWT14MKHf_HAJkQ6AEITTAG#v=onepage&q=HCBWFQ&f=false

I will take the test tomorrow, has anyone taken the exam today that can validate that the spoto is still valid?

Good Luck JP!

@ JP can you share Spoto please, upload it to mega.nz

I can do it, but i will do it tomorrow night when I’m at home, can’t do it right now, i will also let you know guys if the files i have are valid enough to pass.

@JP, it would be really helpful if you could share the feedback on your written exam..And all the best buddy!

Refer to the exhibit.Which two statements about the given NetFlow configuration are
true?(Choose two)
A. It supports both IPv4 and IPv6 flows.
B. It uses the default port to send flows to the exporter.
C. It supports only IPv6 flows.
D. It supports only IPv4 flows.
E. It supports a maximum of 2048 entres.

is DE or BD

@oka

BD are correct, there is no document saying about the maximum entries is 2048…

thanks

what about this

Which IS-IS metric style is most suitable for MPLS traffic engineering?
A. Transtion
B. Wide
C. Narrow
D. Flat

B OR C

Which statement about Control Plane Policing is true?
A. It queues egress packets that would otherwise be discarded.
B. It applies to packets that are generated locally.
C. It queues ingress packets that would otherwise be discarded.
D. It applies to packets that are punted to the route processor.

B OR D

Control Plane Policing Overview
To protect the CP on a router from DoS attacks and to provide fine-control over the traffic to or from the CP, the Control Plane Policing feature treats the CP as a separate entity with its own interface for ingress (input) and egress (output) traffic. This interface is called the punt/inject interface, and it is similar to a physical interface on the router. Along this interface, packets are punted from the FP to the RP (in the input direction) and injected from the RP to the FP (in the output direction). A set of quality of service (QoS) rules can be applied on this interface in order to achieve CoPP.

These QoS rules are applied only after the packet has been determined to have the CP as its destination or when a packet exits from the CP. You can configure a service policy (QoS policy map) to prevent unwanted packets from progressing after a specified rate limit has been reached; for example, a system administrator can limit all TCP/SYN packets that are destined for the CP to a maximum rate of 1 megabit per second.

Figure 1 Abstract Illustration of a Cisco ASR 1000 Series Router with Dual RPs and Dual FPs

Figure 1 provides an abstract illustration of a Cisco ASR 1000 series router with dual RPs and dual FPs. Only one RP and one FP are active at any time. The other RP and FP are in stand-by mode and do not receive traffic from the carrier card (CC). Packets destined to the CP come in through the carrier card, and then go through the active FP before being punted to the active RP. When an input QoS policy map is configured on the CP, the active FP performs the QoS action (for example, a transmit, drop, or set action) before punting packets to the active RP, in order to achieve the best protection of the control-plane in the active RP.

On the other hand, packets exiting the CP are injected to the active FP, and then go out through the carrier card. When an output QoS policy map is configured on the CP, the active FP performs the QoS action after receiving the injected packets from the RP. Again this saves the valuable CPU resource in the RP.

@ Charlie

Refer to the exhibit.Which two statements about the given NetFlow configuration are
true?(Choose two)
A. It supports both IPv4 and IPv6 flows.
B. It uses the default port to send flows to the exporter.
C. It supports only IPv6 flows.
D. It supports only IPv4 flows.
E. It supports a maximum of 2048 entres.

As per spoto and PL ans is D and E

@I have configurated netflow in ipv4 and ipv6 in the network, why you say is only ipv4?

I think IPV6 would require Netflow ver9

Maybe is for that, I need to check the exhibit. Thanks

Refer to the exhibit.Which two statements about the given NetFlow configuration are
true?

msl qos map cos-dscp 0 0 16 24 40 32 46 48

a. 0
b. 32
c. 40
d. 46
e. 48

PL and spoto mentions b as answer but according to documentation d is correct. please help with this one

@mohammmed.

32

@mohammmed

The answer is definitely(B) 32 because the question tries to trick you by adding two zeros. If you match the numbers up with how COS-DSCP work you get

CoS value 0 = DCSP 0

CoS value 1 = DCSP 0

CoS value 2 = DSCP 16

CoS value 3 = DCSP 24

CoS value 4 = DCSP 40

CoS value 5 = DSCP 32 <— which is what the question is asking for

-CCIE Kam

SPOTO valid , only some answers are not correct please take care

@CCIE

please share please

everyone has spoto and says that are valid, but nobody share it….lol

because spoto is used via remote login, @ majesty you post yesterday new dump, i studied it & it is enough to pass

but it has some mistakes in answers

@CCIE
@Shikima

i agree with Shikima !!
i’m very confused !!!!

@ majesty you dump has almost 90% of exam

Yeah it’s remote login, but you can screenshoot or record a video.

@CCIE

Did you use that to pass ??? when??
your score please ??? because you said there are some mistakes in answers

@Shikima

yeah i agree with Shikima
@CCIE you can do that to help everyone here !!!

I already studied CCIE , so i knew the wrong answers i corrected them, i got above 900

@CCIE

Could you list these questions with correct answers ????

in your dump Q10, 17 18 40 49 71 94 , maybe 95 … believe it is same like spoto but with correct answers except what i mention .. good luck

all what listed are wrong, check the correct answers for them

@oka

Wide should be correct, according to cisco doc…. Wide is using new style metric for mpls te.

@oka @Charlie

You are right it is Wide.

http://www.cisco.com/c/en/us/td/docs/ios/12_0s/feature/guide/TE_1208S.html#wp49409

Do a search for “metric-wide” and you’ll see the answer right there.

-CCIE Kam

@ccie
i do not believe all of those questions are incorrect.

Ccie
I have correct some on previously posts…. Make urself useful, and help the others… I have passed on the exam already.

can any one share the last agreed dumps please, it is so urgent

Which two statements about IS-IS authentication are true? (Choose two.)
A. Level 2 LSPs transmit the password encrypted inside the IS-IS PDU.
B. Area and domain authentication must be configured together.
C. Passwords can be configured on a per-interface basis.
D. If LSP authentication is in use, unauthorized devices can form neighbor adiacencies.
E. Lever 1 LSPs use the domain password.

AD are correct, but C is also valid… You have to guess what cisco wants.

Reference:
http://www.csc.kth.se/utbildning/kth/kurser/DD2490/ipro1-09/insys_wp.pdf

@Charlie,

I’m confused here, Which ISAKMP feature can proctect a GDOI from a hacker using a network sniffer while a security association is established?

An ISAKMP phase 1 security association

An ISAKMP phase 2 Groupkey-pull exhange

@Peter,

To me this question is not clear, according RFC 6407 GDOI – The correct answer should be Groupkey-pull exchange…. SA is established on phase 1 and rekeys on phase protected by phase 1 SA.

The GROUPKEY-PULL exchange allows a group member to request SAs and
keys from a GCKS. It runs as a Phase 2 protocol under protection of
the Phase 1 security association.

https://tools.ietf.org/html/rfc6407#section-7.2

@Charley,

Thanks Charley! You’re a big help to us.

spoto have updated the latest report with amazing score.

http://cciers.spoto.net/en/index.html/#Latest

sorry for that above one is wrong link
http://cciers.spoto.net/en/index.html#Latest

@Charlie
Another wrong question on Spoto provided by SHA…
Which feature can you implement to most effectively protect customer traffic in a rate-limited WAN Ethernet service?
A. HCBWFQ
B. IntServ with RSVP
C. DiffServ
D. The IPsec VTI qos pre-classify command
E. Q-in-Q
The correct answer is A, HCBWFQ provide a rate-limit to the customer not exceed this.
https://books.google.com.br/books?id=YhDGDQAAQBAJ&pg=PT1036&lpg=PT1036&dq=HCBWFQ&source=bl&ots=hNUQyaz_qC&sig=YhVcHc_lgs_y0mtnY_wQyyIlv3I&hl=en&sa=X&ved=0ahUKEwjHk96Ftr3TAhWT14MKHf_HAJkQ6AEITTAG

For this question, I am confused if the question is for QOS on the service provider side or the enterprise side. If its on the enterprise side, you are right, but for the service provider side will Diffserv not be a correct answer?

guys, who has got the spoto 120 q plz ???

Hi,everyone who has passed ccie 400-101 written exam PLEASE CAN YOU TELL ME WHICH IS VALID DUMPS FOR 400-101 WRITTEN EXAM ???

SPOTO HAS WRONG ANSWERS………

&

PASSLEADER IS ENOUGH FOR PASSING???

PLEASE HELP

Anyone here for CCIE Security? or is there any website similar to this one..

Cheers