Share your ENSDWI v1.2 Experience
September 22nd, 2023
Go to comments
The new ENSDWI 300-415 v1.2 has come to replace the old ENSDWI v1.1 exam so we create the “Share your ENSDWI v1.2 Experience” for everyone to share their experience to prepare for this new exam.
Please share with us your experience to prepare for the new ENSDWI 300-415 v1.2 exam, your materials, the way you learned, your recommendations… But please DO NOT share any information about the detail of the exam or your personal information, your score, exam date and location, your email…
Note: To get the new CCNP Enterprise certificate, you need to pass the ENCOR 350-401 exam (core exam) and one of the concentration exam (like this ENSDWI exam)
Your posts are warmly welcome! Hope you will find useful information here!
Hello everybody.
Yesterday I passed the test.
My test had 64 questions and 14 questions that are not in the premium area of the website, the rest of the questions were from the premium area.
Study everything there is in the premium and if you can, go more in-depth about the test, as you will need knowledge beyond this website to pass the test.
Good luck to everyone
passed my test and almost all the questions are from here but for 3 or 4 that seemed new. The traditional firewall and application firewall drag and drop had six fields to complete not 4 so @certprepare you need to fix that. One of the new questions was about advantages of sd-wan in Google cloud. Even though I passed and I am not thrilled by scores because I was expecting a higher score with most of the questions coming from here. Not sure if all answers are right here based on my score.
@No-name did you study everything or just v1.2 Part 1,Part 5 & 4 ?
@Sakza. I studied v1.2 part 1 and part 1-5. Like I said, only about 3 of the questions were new and everything was from this site including some of the questions they posted on 19th. During my practice, my lowest score of all the test was about 92% so I was expecting above 90% with over 60 of the 64 questions from this site. My scores however ranged from mid 60s to high 80s with most in the 70s and that is why I am confused on whether the answers provided here are all acurate. Good luck guys
@No-name was this the only dumpmyou used
@@No-name yes, this was the only dump I used in addition to my small lab on my eve-ng to practice some few config. This site has always been reliable for me in all my certs. I am just confused on why I got such low marks (even though I passed) despite all the questions coming from here.
Some new questions about QoS, trlphoney but still passed
I passed the exam today, but it was really hard. There were 8-10 new questions about OMP, QoS.
One question from ZTP 8.8.8.8.8 that I had read in the comments.
My drag and drop was only one, upgrade order vManage-vBond-vSmart-vEdge.
Go premium and do a lot of testing by theme and random.
good luck
@certprepare
can you please add these new 10 questions please?
I took the test i had about 15 new questions. Somehow i passed but with very low score. v1.2 part 1 and part5 is enough to learn. Wish you guys luck!
@Jozko
can you please share with the new 15 questions?
@certprepare
can you please add the new questions Please ?
I’m going to pass the exam on Tuesday.
I pass the exam few days ago. The questions on this website are valid. There were 3 new questions on the exam. Learn all questions on this website to pass.
@Drogba : Did you pass the exam on Tuesday ? Did you see any new questions ?
I have passed the exam today. There have been about 6 to 8 new questions not existing on this site in a total of 64 questions. For the moment the questions on this site are relevant just make sure you practice them really well and understand the answers as well ( be warned there are few questions with wrong answers). I cannot remember the new questions exactly but there have been two questions about Traffic engineering (TE) so take a look at that, and something about FIPS, TrustSec and SXP … Good luck
@SD-WAN guy : did you see any question related to google cloud ?
Plenty of new questions in the exam
some of them are as below
Q1. Google cloud to Cisco SDWAN which TLOC color
options
private1
private2
private3
etc
Q2. default BFD Multiplier for app aware routing
Answer should be 7
Q3. SGT data header size in umbrella SIG
options
8 bit
16 bit
24 bit
32 bit
Answer – 16 bit
Explanation :- Each security group in a Cisco TrustSec domain is assigned a unique 16 bit tag called the Security Group Tag (SGT)
Q4. SDWAN TCP optimization benefits and details – 2 questions
SACK
TCP optimization happens and then quality increases with excessive packet drops
TCP optimization happens and then quality increases with less packet drops
option-1 : TCP connections terminates at the source
option-2 : TCP connections terminates at the receiver
Q5. TCL -proxy
what is step-1
1> TCP session between client and proxy , proxy and server
2> authentication
3> certificates
Q6. vManage validates vsmart by what
1> organization name
2> vmanage system IP
3>
Q7.vmanage output (with Org-name, system IP. vBond IP )
q> what corrections required in Vbond for control connects to happen
Q8.If vsmart is acting like Route reflector , then
1> OMP advertisements happen inside TLS/DTLS tunnel
2> OMP advertisements happen outside TLS/DTLS tunnel
3> BGP advertisements
4>
Q9.multicast replicator >>>>>>>>> which protocol/details is not required betweeen receivers to vSmart in a specific scinario
Q10.redistribute advertised /redistributed option for OMP and one VPN 10 interface involved
Q11.Certificate serial number by vmanage
– sync with pnp
– smart account activated
– manual upload of serial numbers
– xx
Q12.Cloud on ramp for SaaS – 2 to 3 questions
Q13.Vmanage clustering question – how scalability and redundancy is achieved?
Option 1 – 2 clusters
Option 2 – 3 or more vmanage in a cluster
Option 3 – 2 or more vmanage in once cluster
Q14.Bgp no-export output question
Q15.As path propagate
Q16.bfd traffic put under which queue ?
queue-0
queue-1
queue-3
queue-7
Q17. Which configuration changes the packet loss priority from low to high?
-Correct Answer is B (Exceed remark)
packet loss priority (PLP bit) sets to high >>> Exceed Remark
packet loss priority (PLP bit) sets to low >>> Exceed drop
Q18.Which encryption algorithm is used for encrypting SD-WAN data plane traffic?
Options:
A. Triple DES
B. IPsec
C. AES-128
D. AES-256 GCM
Ans – D
Q19. Which feature delivers traffic to the Cisco Umbrella SIG cloud from a Cisco SD-WAN domain?
Options:
A.L2TPv3 tunnel
B.IPsec tunnel
C.local umbrella agent
D.source NAT
Ans – B. IPsec tunnel
Q20. Which policy tracks path characteristics such as loss, latency, and jitter in vManage?
A.VPN
B.control
C.app-route
D.data
Ans – C. app-route
Q21.Which website allows access to visualize the geography screen from vManager using the internet?
A. *.globalstreetmaps.org
B. *.fullstreetmaps.org
C. *.callstreetmaps.org
D. *.openstreetmaps.org
Ans – D*.openstreetmaps.org
Q22.Which set of elements are verified by the controller to confirm the identity of edge devices?
A. certificates, organization name and serial number of the device
B. organization name serial number and system IP of the device
C. certificates, organization name, and vBond domain
D. certificates, system IP, and vBond domain
Ans – A. certificates, organization name and serial number of the device
Q23. Question
A network administrator is configuring VRRP to avoid a traffic black hole when the transport side of the network is down on the master device.
What must be configured to get the fastest failover to standby?
A. OMP tracking
B. higher group ID number
C. prefix-list tracking
D. lower timer interval
Answer :C. prefix-list tracking
Q24.Which type of certificate is installed on vManage for a user to access vManage via a web browser?
A. Controller Certificate
B. Web Server Certificate
C. SD-AVC Certificate
D. WAN Edge Certificate
Answer: B
Explanation:
Used for web access to the vManage. Cisco installs a self-signed certificate by default. A Self-
signed certificate is a Secure Sockets Layer (SSL) certificate that is signed by its own creator.
Q25.How is the software managed in Cisco SD-WAN?
A. Software images must be uploaded to vManage through HTTP or FTP
B. Software downgrades are unsupported for vManage
C. Software images must be transferred through VPN 512 or VPN 0 of vManage
D. Software upgrade operation in the group must include vManage. vBond, and vSmart.
Ans – A (Software images must be uploaded to vManage through HTTP or FTP)
Q26.Question
A customer has MPLS and Internet as the TLOC colors An engineer must configure controllers with the Internet and not with MPLS
Which configuration achieves this requirement on vManage?
Ans – color public-internet >>>>>>>>>>>>>>> may not be the right answer
color default >>>>>>>>>>>>>>> could be right ; most documents suggest this answer
Q27.An engineer must block FTP traffic coming in from a particular Service VPN on a WAN Edge device.
Which set of steps achieves this goal?
A. Create a localized policy and add it to the interface feature template.
B. Create a localized policy, add it to VPN template, and add an ACL to the interface feature template.
C. Create a prefix list, add it to the localized policy, and add it to the interface feature template.
D. Create a localized policy, add it to the device template, and add an ACL to the interface feature template.
Ans – D
Q28.Which feature allows reachability to an organization’s internally hosted application for an active DNS security policy on a device?
A. local domain bypass
B. DHCP option 6
C. DNSCrypt configurator
D. data pokey with redirect
Answer: A
and lots of GUI output based questions
Q22.Which set of elements are verified by the controller to confirm the identity of edge devices?
A. certificates, organization name and serial number of the device
B. organization name serial number and system IP of the device
C. certificates, organization name, and vBond domain
D. certificates, system IP, and vBond domain
Ans – A. certificates, organization name and serial number of the device
Q23. Question
A network administrator is configuring VRRP to avoid a traffic black hole when the transport side of the network is down on the master device.
What must be configured to get the fastest failover to standby?
A. OMP tracking
B. higher group ID number
C. prefix-list tracking
D. lower timer interval
Answer :C. prefix-list tracking
Q24.Which type of certificate is installed on vManage for a user to access vManage via a web browser?
A. Controller Certificate
B. Web Server Certificate
C. SD-AVC Certificate
D. WAN Edge Certificate
Answer: B
Explanation:
Used for web access to the vManage. Cisco installs a self-signed certificate by default. A Self-
signed certificate is a Secure Sockets Layer (SSL) certificate that is signed by its own creator.
Q25.How is the software managed in Cisco SD-WAN?
A. Software images must be uploaded to vManage through HTTP or FTP
B. Software downgrades are unsupported for vManage
C. Software images must be transferred through VPN 512 or VPN 0 of vManage
D. Software upgrade operation in the group must include vManage. vBond, and vSmart.
Ans – A (Software images must be uploaded to vManage through HTTP or FTP)
Q26.Question
A customer has MPLS and Internet as the TLOC colors An engineer must configure controllers with the Internet and not with MPLS
Which configuration achieves this requirement on vManage?
Ans – color public-internet >>>>>>>>>>>>>>> may not be the right answer
color default >>>>>>>>>>>>>>> could be right ; most documents suggest this answer
Q27.An engineer must block FTP traffic coming in from a particular Service VPN on a WAN Edge device.
Which set of steps achieves this goal?
A. Create a localized policy and add it to the interface feature template.
B. Create a localized policy, add it to VPN template, and add an ACL to the interface feature template.
C. Create a prefix list, add it to the localized policy, and add it to the interface feature template.
D. Create a localized policy, add it to the device template, and add an ACL to the interface feature template.
Ans – D
Which two different states of a WAN Edge certificate are shown on vManage? (Choose two.)
A. active
B. inactive
C. staging
D. provisioned
E. invalid
Ans – C&E
Note > There are three different states of a WAN Edge certificate: Valid, Staging and Invalid.
Q28.Which feature allows reachability to an organization’s internally hosted application for an active DNS security policy on a device?
A. local domain bypass
B. DHCP option 6
C. DNSCrypt configurator
D. data pokey with redirect
Answer: A
Q29. What is the correct sequence of upgrades for the SDWAN components
Ans – vManage,vBond,vSmart and WAN Edge
GUI output question about google-apps ,
qoS is involved
3 colors available
how to configure without blackholing traffic ?
Q30.What is the purpose of a TLOC extension interface?
A. gives access to business Internet
B. provides access to the transport of its neighboring WAN Edge router
C. forms an alternate connection to connected transport
D. synchronizes the configuration with the neighboring WAN Edge router
Answer: B