Pass Your Cisco 642-617 Exam Easy!

@ns
i have passed 647 , sorry man !

@jack
do u have any plans for 648 (VPN) ?

thanks jack for making things clear
now i will go with this dump for 618.

@ns
i'm talking about 618
617 is not availabe any more since 28th May
618 has few 8.3 later NAT / Feature questions but this old dump is still useful

hello jack !
many congrats.
did u appear in 642-618 or 642-617 ?
reply soon
thanks

passed 642-618 today , this dump is still vaild , few new NAT questions. good luck guys !

Hi all
I am planning to take FIREWALL exam but confused.
As 642-617 is no more tested by cisco, so i have to apear in 642-618 exam.
Please tell me that are these dumps are also valid for 642-618 and i can go with this
or what should I do ?
waiting for replys
thanks

any with certification guide for 642-618 and vce plz share.
thanks

Passed yesterday with 978/100. 4-5 new questions, simlet had different answers. Thank you guys. Hope the 642-648 will be soon available

Exactly the same, 1 new question, passed 988, soooo helpful, last day for exam today

Dump is 100% valid.. Just passed the exam an hour back with 957. labs are same and 2-3 questions from outside but easy ones..

I'm takin the exam today, I sure hope the lab is valid cauz i had no time to practice on any other thing, I always work with CLI so ASDM is new and weird to me.. Wish me luck guys

Passed on Saturday, 100 % Valid Dumps. Only 5-6 New questions. Today is last day so hurru up. Best luck.

Thank you all for all the help.

Thanks to this Dump. The Dump is still 100% valid. Passed with 886. LAB's are same. 2 or 3 new ques.

Time is till Monday only. So hurry up and get the exam done.

failed today dumps not valid 650
40 q came from from the dumps out of 70
2 simulations not avail
don,t use this dump

Passed the exam today - 100% valid (snmp question only 3 choices - so no local engine ID). had few new questions. but most are from this dump. last day on Monday - hurry!!!

I passed also today with 925. Exam is still valid. I have only about 3-5new questions but all explaind ealier and not very diffucult. Take it quick before it will expire and have fun.

Passed today with 925. Exam still valid about 3-5new questions. There is only one simulation which is the exact same question. The simulation came as the last questions, so do not waste time. This exam will expire on 28th May 2012. Be quick!!!

can anyone tell me how many labs are coming in the test ? this dump has 2 of them & they both have same questions but different ways. so which one to follow?

Still Valid. Passed today w/ 925. 5 new questions, this but definitely helped.

I passed today with 9XX , same lab and simlet , thanks guys for sharing , wish you all the best.
only two new question one for FTP and other one i don't remember

ya sorry to post passed the exam with 9@@ marks same as dumps new about strict ftp

Is the lab in the dumps correct or is the lab correct on the site that Muhammad Umar references correct? Thanks for the help.

http://www.scribd.com/doc/72346393/83/QUESTION-NO-83-CORRECT-TEXT

I passed today 97% , Dumps are vaild but there are two new questions .. Simlet & Lab are the same.

I passed the exam yesterday. Total 70 questions with 02 new questions. Lab and Simlet are the same.

pass today 963 dump still valid
only 3 new questions (1 hard and 2 easy)
same lab
one of new question is about Threat-detection statistics

Dump still valid as of yesterday. Had 2-3 questions not on the dump.

Pass today with 9XX. 4 new questions. Dump still valid.

Hi,
pass today with 95%. Dump still valid.

@Bob,

The code changed a bit since 8.3 came out, so the new test will be based on the new commands. And the 28th is the last day to take the test based on the old commands.

Passed with 9xx.... 3 new ques

Hi @ Mors what do you mean it will be changed to a new version 8.4 and when will be the last date for this exam man ?please answer me asap because am planning to take the exam on 28 so please let me know whether it will be different till then

Passed this today, 3 new questions. So pretty much spot on. Only a few weeks left of this exam before it's replaced by a slightly modified one for the 8.3-8.4 ASA code and a complete NAT rework.

Password today but 5 new questions that were easy and still valid...

Dump valid! 3 new questions that are easy.

had 4 nw qstns..enough to get the pass mark.
labs are same

Still Valid, got 904. 2 new questions, labs still the same.

today i passd..i got 883

Valid, Passed Yesterday got 883 marks.

Assalamalikum! @ Ahmed Abdel Rauf

Just open given link, all labs options are explained very well
and also download ASDM DEMO for practicing the lab simulations.


For clear Lab Sim

check out this link:
http://www.scribd.com/doc/72346393/83/QUESTION-NO-83-CORRECT-TEXT

@ Misbah Ul Haq
Cool! Did you get any of the questions that have caused confusion in this thread? i.e.
Which URI regular expression would match any webpage with the welcome.jpg ?
A. ?/welcome*.jpg
B. ?/welcome.jpg
C. ^*/welcome.jpg
D. ./welcome.jpg
E. ^*/welcome.jpg

Which statement about the policy map named test is true?
class-map http
match port tcp eq 21
class-map ftp
match port tcp eq 21
policy-map test
class http
inspect http
class ftp
inspect ftp

A. Only HTTP inspection will be applied to the TCP port 21 traffic
B. Only FTP inspection will be applied to the TCP port 21 traffic
C. Both HTTP and FTP inspections will be applied to the TCP port 21 traffic.
D. No inspection will be applied to the tCP port 21 traffic, because the http class map configuration conflicts with the ftp class map
E. All FTP traffic will be denied, because the FTP traffic will fail the HTTP inspection

Or any others?

Alhamdulelah, Passed today with 9xx marks

I passed today with 967. 3 new questions. Dumps totally valid.

Thanks Muhammed Umar!!! I'm sitting for the exam on the 28th!

For clear Lab Sim

check out this link:
http://www.scribd.com/doc/72346393/83/QUESTION-NO-83-CORRECT-TEXT

Passed today i.e., 26th Apr 2012.
Dumps are still valid, thanks VARUN Mutreja

Hi everybody, I need the material for this exam, ca anyone advice me where to find this material? Also, i have the material of SNAF is it the same?

Hi,
Just Passed Firewall Exam. 100% Valid 4 to 5 new Question.
Anyone can feel free contact me 0092-321-4698177

hi , all is there any simulation for the lab that i can use? please advise. thank you

Passed this Saturday with 968/1000. Dumps still valid but there are a couple of wrong answers in the dump. Lab is the same(HTTP-Inspect). 3-4 new questions appeared in the exam.

1) GUI screenshot of TCP map with parameters. (Question) What does it do? I selected TCP normalizer. Other options were HTTP-inspect, etc.

2) SNMP v3 related question. Selected snmp host, group, and user. I did not select local engine ID option(only 3 options to be selected).

Based on my study of the forum and cisco resources, please take note of the below questions too:

Q. What protocols have to be transferred to CSC-SSM
A. FTP, POP3, SMTP, HTTP

Q. Which command enables Advanced threat detection
A. Threat-detection statistics

Q. Configuration in order to allow a /20 network on the inside interface access to ASDM
A. http x.x.x.x 255.255.240.0 inside

Q. What does the sequence do:
hw-module module 1 reset
hw-module module 1 reload
A. Reset command shuts down and resets the SSM hardware, Reload command reloads the intelligent SSM software(for example, AIP SSM)

Q. Strict FTP
A. The strict option may break FTP sessions from clients that do not comply with the RFC standards; however, it provides more security features.

@Ahmed
simulations in the exam as the dump

how many simulations in the exam? I am about to write the exam??

Dumps are still valid. Scored 904. 1 new question !
The new question about a picture show a "tcp map" setting
I forgot some option , I member TCP nomizer , AIP-SSM , HTTP-inspect

and under the question fixed to "choose three" !! so I choose "C,D,F" !!
Which of the following configurations are needed to enable SNMPv3 on Cisco ASA (choose three) ?
A. SNMPv3 local Engine ID
B. SNMPv3 remote Engine ID
C. SNMP user
D. SNMP group
E. SNMP Communitz Strings
F. SNMP host

Dumps valid, pased today 960 only 3 new questions, 1 of them about hw-module

@Rahul
By default, if an ASA tests and finds that at least one of its monitored interfaces has failed, it declares itself failed. In that case, if the ASA was in active mode, the other unit takes over the active role.

Q .with cisco ASA active/stand by failover ,by default ,how many monitered interface failovers will cause failover to occure ?

A.1
B . 2
C. 3
D.4
E. 5

Dumps are still valid. Scored 904.

Passed today.. ^^
This Dump is good.. No problem.

I have others answers exams. And have 973.
Q 1. exhibit (_default_GoToMyPC-tunnel, _default_aim-messenger)
Answers:
b. These class maps are all type http class maps. (Request/response/URI - in class-map type http <name>.
c. These class maps classify traffic using regular expressions (URI use regex!)

Q 2. Which statement about NAT/PAT is true?
A. (true) Dynamic PAT is used for any traffic that is sourced from the dmz_emailserver to the outside
B (false) Dynamic PAT is used for any traffic that is sourced from any host on the inside (10.0.0.0/8, 172.16.0.0/12, 192.168.0.0/16) network to the outside.
(Exhibit Only host in object group "inside-network/24" can pass any traffic to outside)
Q 3. Which statement about the Cisco ASA 5505 configuration is true?
B. (False) With the default factory configuration, the management interface (management 0/0) is configured with the 192.168.1.1/24 IP address (In exhibition picture see words READ: "The ASA5505, however DOESN`T have dedicated MANAGEMENT interface. Instead, it uses VLAN 1 for the secure "inside" network, which is assigned to phisical interfaceces Ethernet0/1 through 0/7")

P.S. NAT Control is enabled only if UNCHECKED Firewall-NAT Rules "Enable traffic though the firewall without address translation".

Dump still ok but new questions are coming in. I got 4-5 new questions. One of them was the ccnp-2b http x.x.x.x 255.255.240.0 question. I got 965/1000. Sims are the same. The Botnet Sim and the http inspect sim. The Botnet q number 1. u need to see which is true. Please know how to search for them as the scenario will be different. The http inspect map Sim, very simple, once done, click ok all the way out and finally click apply. I cannot save it but that worked. Good luck :). Please see securitytut under 642-617 for some answer corrections in this vce.

Passed the exam today. Dump still valid. Passing score was 769.
2 new questions though.
1 new question regarding the configuration in order to allow a /20 network on the inside interface access to ASDM. Answer is:
http x.x.x.x 255.255.240.0 inside

1 new question regarding modules asking what does the sequence do:
hw-module module 1 reset
hw-module module 1 reload
I do not remember the options, but if you check out what the commands do, you can figure out the right answer.

The LAB was the same listed on this dump.

Hi people regards to this dumps the lab bit is not very clear for me, can anyone give me a tip or somewhere else to go and have a look..my exam is this coming saturday..

Hi Sobia Khan, please canyou share contact so i can ask you something regarding Exam.
my contact # 0092-300-8416509

Hi Everyone,
I want to do this exam 642-617. Sobia khan i see your posts, ca you share your contact so i can ask you something regarding exam.
and please every pakistai share the Contact number

Totally valid, same sim,LAB. few new questions , but again they are easy to answer. One of it i could remember, what protocols have to be transferred to CSC-SSM, i selected FTP,DNS, SMTP,HTTP..

just do enough reading before you rely on dump, because they are few MCQ interchanged with options.

also there was a question related to Advanced threat detection , Q is something like, which command enables the Adv threat detection ? i have selected threat-detection statstics.

ok friends, thats all from me. just left one more to become CCNP-Sec.

all the best friends.

thanks/s v

Today I passed this exam. Dumps still valid. Only 1 new question of tcp-map.

Dump still valid with 3 new questions. Passed Yesterday.. thanks guys.

Dear Friend,

The paper 642-617 get expired on 31-may after we have to give new paper as per CISCO, paper code is 642-618 Ver 2.0

passed yestrday 946 . 4 new questions . faced a problem in saving the http lab configuration . dump still valid .

Passed today. Except for 3 questions all were from dumps. Faced a prob that was unable to save the config of HTTP lab. when moved from config to home tab , the config i made were erased. Friends also faced the same. But i don't think tht caused much prob ..
Anyways DUMPS still valid.

I took the exam - I had no problems..
Regarding the labs, the labs were the same but a couple of answer were different. Verify which answers are true by navigating thru ASDM. These are the labs that I saw:
1. The one regarding Botnets, know how to check if the botnet client and botnet updatge are checked, if a black and while list are being used, if the DNS Snooping box is checked and botnet traffic applied on the interface (all under Config->Firewall->Botnet Traffic Filter
2. The one with 5505 and ASDM.. know how to:
a) Enable http inspection globally
b) Create inspection map "http-inspect-map"
c) Enable dropping and logging of Http connections..
3. The lab with the following answers.. know how to check if these answers are true (verify if they are enabled/disabled or checked)..
- Nat Control is enable (disable in my case)? - Is DHCP enable on inside/outside interface (only inside)? Is ALL traffic being permitted from inside to outside (watch the first ACL regarding inside net -- protocol FTP -- outside)?Is the ASDM enabled inside//outside (I think both were enabled..)? Access to CLI enabled - LOCAL db? Check if the selfsigned cert is there?
4. the one with threat detection - SHUN.. Config->Firewall->Threat Detection (configured for 600 seconds NOT the DEFAULT of 3600)
Regarding NEW questions: I didn't recognize two - one very easy and the other one ok:
1. http 192.168.12.0 255.255.240.0 outside (can't remember the net, i do remember the /20 for the mask)
2. Output of a class-map, policy-map and service policy to review.. something to do with strict FTP (action) -- answers regarding strict FTP NonRFC, RFC application (sorry can't remember exactly.)

Hopefully this helps someone else out there.

Passed today with 946/1000, still valid. only two different questions one for redundant interfaces and one of NAT configuration.

Hello Syed,

Yes he passed with 960 marks but he was unable to provide me with new questions. I see that people mentioned that dumps are still valid but i wonder why my friend got a different lab.
I am just waiting for anyone to help me out as i am gonna write on this sat.

This Dump is valid..Good luck

Still valid Passed with 915 yesterday 05-03-2012

Thanks guys this dump is still valid passed today 830/1000.

@arun

did ur frnd clear his exam?? m gnna take exam on 8th march. wat r d new questions/?

Hello All,
My friend just wrote yesterday and he got a different lab question which was on Dynamic Natting and not on HTTP. Along with that there were 10 new question.
There is some change in question along with Lab. If any one has any update please update as it will be very usefull.

A new question how to config inside user 10.10.24.0/20 to allow asscess asdm
answer: http 10.10.24.0 255.255.240.0 inside

the file is valid to pass, goodluck all

Can anyone who has recently cleared this exam can share about 7 new questions which are not available in this file. It would be great help.

Just passed with 957 this morning, dump is valid in South Africa

After downloading chips dumps, it's only showing 5 Questions. Can anyone help me to see all the 105 questions.

Thanks a lot in advance.
Dipak jaiswal

i passed the exam with score 904 it is almost the same, 70 question and has about 7 new questions.
good luck for you all

Guys, pls is there a valid link where i can get ASDM demo mode? Thanks

Passed with 9XX study guide still valid. believe I saw 3 new questions but with some work experience u can answer them. make sure u know where to go to check the answers for the hot spot questions. mine had the same questions but the settings are different. Good luck everyones!

Hi @ krupal

All question from Chips 105. Still Valid. Passed. Cheer!!!

Hello Anug, How did it go ? Any questions not from these QB ?

Congratulation !!! @ Michael

Tomorrow Morning I will sit this exam.

Cheer!

@ aung : That's good.

Also I have good news for you.

I wrote the exam today and passed with 890.
Dumps still valid and is the best time to pass the exam.

Good luck mate.
Cheers.

Thanks Michael :-) , I will do with ASDM.I'm going to exam on Monday.

@ aung : use the ASDM.
That's what cisco prefers us to do .

Hi,

please help me to answer, for the simulation question; Can I use CLI or ASDM?

thanks all

Hi, I am going to exam on next week, can you help me,how many simulation
questions in this exam? Thanks

Passed the test today and i found this dump is very valid
. If you are preparing to take the exams make sure you work well on the ASDM

Exam is 100% valid.

Hi John
My cert guide has this info on page 20.
ISBN-13: 978-1-58714-279-6
If you don't have this edition just do a find on the words below.

ASA 5550
The ASA 5550 is designed to support large enterprises and service provider networks.Figure 1-9 shows both front and rear views. Notice that the ASA 5550 looks identical to the ASA 5510, 5520, and 5540 models. The most noticeable difference is that the ASA 5550 has one fixed four-port Gigabit Ethernet (4GE-SSM) module in the SSM slot, which cannot be removed or changed.

The ASA 5510, 5520, and 5540 chassis have one SSM slot that can be populated with one of the following:
■ Four-port Gigabit Ethernet SSM:
■ Advanced Inspection and Prevention (AIP) SSM:
■ Content Security and Control (CSC) SSM:

Hi Steak. First I want to thank Steak and Chips for their efforts. My post implied that FTP (answer B) was the correct answer. Is it?

Question about ASA Model that has 4 port module that is not removable. Looks like the 5520 and 5540 matches the question. The 5550 has 2 4 port modules. Using Official Cert Guide. Help is appreciated.

@abzulman please share the new questions. Taking the exam early next week.

Sorry Dennis - think you are off target a little and does not follow on like the cisco.com asa8.0 reference pages give a more detailed explanation specifically for this misconfigured example.

http://www.cisco.com/en/US/docs/security/asa/asa80/configuration/guide/mpc.html#wp1134755

The match default-inspection-traffic command, which is used in the default global policy, is a special CLI shortcut to match the default ports for all inspections. When used in a policy map, this class map ensures that the correct inspection is applied to each packet, based on the destination port of the traffic. For example, when UDP traffic for port 69 reaches the security appliance, then the security appliance applies the TFTP inspection; when TCP traffic for port 21 arrives, then the security appliance applies the FTP inspection. So in this case only, you can configure multiple inspections for the same class map. Normally, the security appliance does not use the port number to determine the inspection applied, thus giving you the flexibility to apply inspections to non-standard ports, for example.
An example of a misconfiguration is if you configure multiple inspections in the same policy map and do not use the default-inspection-traffic shortcut. In Example 16-1, traffic destined to port 21 is mistakenly configured for both FTP and HTTP inspection. In Example 16-2, traffic destined to port 80 is mistakenly configured for both FTP and HTTP inspection. In both cases of misconfiguration examples, only the FTP inspection is applied, because FTP comes before HTTP in the order of inspections applied.

Order of inspections applied is more relevant than anything else.