Share your ENSDWI Experience
February 4th, 2020
Go to comments
The new ENSDWI 300-415 is going to come to replace the old CCNP exams (the last day to take CCNP exams is February 23, 2020) so we create the “Share your ENSDWI Experience” for everyone to share their experience to prepare for this new exam.
Please share with us your experience to prepare for the new ENSDWI 300-415 exam, your materials, the way you learned, your recommendations… But please DO NOT share any information about the detail of the exam or your personal information, your score, exam date and location, your email…
Note: To get the new CCNP Enterprise certificate, you need to pass the ENCOR 350-401 exam (core exam) and one of the concentration exam.
Your posts are warmly welcome! Hope you will find useful information here!
i passed today with spoto 192Q with 3 new questions .. thanks guys for being helpful almost ..
Guys, are you able to share Spoto dump please?
Got f*ck*d in the ass today. Completeley unrelevant questions and answers. Byebye Cisco certs, try to steal money from someone else.
@doode.
Some context would be good, care to explain what you mean?
Well… biggest issue. The dumps are not up to date. There are more complex and more twisted questionsww like before. You can easily rule out 2 answers but the other 2 are ver similar. I havent seen questions about adapting qos. The pictures are low resolution, not well detailed diagramms. WQuestion about which routing protocol can be used. OSPF, EIGRP, ISIS, BGP on vEdge… damn which one is a good answer!? What service VPN is mandatory for vmanage… vpn0, vpn512,vpn10, vpn02-519. Usual Cisco exam with bad wording… since I didn’t have any advantage of having Cisco exam in my 10 year old career I stop having pain in my ass for it. I dont care anymore….
Can somebody pls share the official cert guide for ENSDWI
Can anybody please share the ENSDWI CISCO pdf official cert guide !? Over telegram or any app please
@axxo90 im also searching for the pdf without luck if you got it coulld you send it by telegram? my user is bluethunder76
best regards
@certprep do you have any update?
do i have to be a premium member to view latest question?
I did the exam recently and PASSED. I only saw around 5 new questions. Everything else was on this Website as of today.
The resources I used were:
– Read the whole official book: Cisco Software-Defined Wide Area Networks: Designing, Deploying and Securing Your Next Generation WAN with Cisco SD-WAN
https://www.ciscopress.com/store/cisco-software-defined-wide-area-networks-designing-9780136533146
– Took CBT Nuggets for SD-WAN but this page offers the same and for free:
https://www.networkacademy.io/ccie-enterprise/sdwan/why-do-we-need-sd-wan
– Paid the premium version of cerprepare to see the 300+ questions they have
– Read this Cisco Validated Design guide:
https://www.cisco.com/c/en/us/td/docs/solutions/CVD/SDWAN/cisco-sdwan-design-guide.html
– Read this Cisco Extended Enterprise SD-WAN Design Guide (mostly the multi-domain part)
https://www.cisco.com/c/en/us/td/docs/solutions/Verticals/EE/DG/ee-WAN-dg.pdf
– During my labs I also read this Cisco SD-WAN: WAN Edge Onboarding:
https://www.cisco.com/c/dam/en/us/td/docs/solutions/CVD/SDWAN/sdwan-wan-edge-onboarding-deploy-guide-2020nov.pdf
– Something extra good to read Implement QoS in Cisco SD-WAN:
https://www.cisco.com/c/en/us/support/docs/routers/vedge-router/213408-implement-qos-in-cisco-sd-wan.html
– Read Track Static Routes for Service VPNs
https://www.cisco.com/c/en/us/td/docs/routers/sdwan/configuration/system-interface/ios-xe-17/systems-interfaces-book-xe-sdwan/track-static-route-ios-xe.pdf
Other useful links:
– SD-WAN on Cisco IOS XE Routers
https://www.ciscolive.com/c/dam/r/ciscolive/us/docs/2019/pdf/BRKARC-1004.pdf
– Cisco SD-WAN Cloud scale architecture
https://www.cisco.com/c/dam/en/us/solutions/collateral/enterprise-networks/sd-wan/nb-06-cisco-sd-wan-ebook-cte-en.pdf
– Policies ConfigurationGuide for vEdge Routers
https://www.cisco.com/c/en/us/td/docs/routers/sdwan/configuration/policies/vedge-20-x/policies-book.pdf
– Bridging, Unicast Overlay Routing, Multicast Overlay Routing, Segmentation, Forwarding and QoS
https://www.cisco.com/c/en/us/td/docs/routers/sdwan/configuration/bridging-routing-segmentation-qos/vedge/bridging-routing-segmentation-qos-book/bridging.html
Personal opinion and experience:
Please read the whole book, watch all the CBT Nuggets videos, or use that free website, do every possible lab. If you do not have the budget to get a good PC, you can use GCP and mount vManage for free with 64GB of RAM.
Once you have read everything up there and practiced every single question on cerprepare, you will have the ability to determine the correct answer for each question. Please read the below comment.
On New ENSDWI Questions – Part 5 I added my opinion of which were the correct answers for the following questions (Found between Pages 2 and 3 of comments):
Question 21
Question 37
Question 40
Question 41
Question 56
Question 58
Question 67
Question 68
Question 69
Question 70
Question 80
Question 84
The opinion I gave there was based on some sources and my own understanding of Cisco SD-WAN
====================================
Below you will find each of the questions:
Workflow to Configure QoS Using Cisco vManage
Map each forwarding class to an output queue.
Create localized policy.
Enable Cloud QoS and Cloud QoS on service side.
Configure QoS scheduler.
(Optional) Create re-write policy.
Apply localized policy to device template.
Apply QoS map and re-write policy (optional) to WAN interface feature template.
Define centralized Traffic Data QoS policy to classify traffic into proper queue.
Apply centralized policy.
====================================
Question 21
A company deploys a Cisco SD-WAN solution but has an unstable Internet connection. When the link to vSmart comes back up, the WAN Edge router routing table is not refreshed, and some traffic to the destination network is dropped. The headquarters is the hub site, and it continuously adds new sites to the SD-WAN network. An engineer must configure route refresh between WAN Edge and vSmart within 2 minutes.
Which configuration meets this requirement?
Answer D:
omp
no shutdown
graceful-restart
timers
eor-timer 120
rom Cisco:
End-of-RIB Timer:
Specifies how long to wait after an OMP session has gone down and then come back up to send an end-of-RIB (EOR) marker. After this marker is sent, any routes that weren’t refreshed after the OMP session came back up are considered to be stale and are deleted from the route table.
Holdtime Interval:
Specifies how long to wait before closing the OMP connection to a peer. If the peer doesn’t receive three consecutive keepalive messages within the specified hold time, the OMP connection to the peer is closed.
https://www.cisco.com/c/en/us/td/docs/routers/sdwan/command/iosxe/qualified-cli-command-reference-guide/m-omp-commands.html
====================================
Q37 – answer is PIM Interfaces.
If the router is just a multicast replicator and is not part of a local network that contains either multicast sources or receivers, you do not need to configure any PIM interfaces
https://www.cisco.com/c/en/us/td/docs/routers/sdwan/configuration/routing/vEdge-20-x/routing-book/m-multicast-routing.html#c_Multicast_Overlay_Routing_Overview_12198.xml
====================================
Question 40
Which two actions must be taken to allow certain department to require firewall protection when interacting with data center networks without including other departments? (Choose two)
A. Use classification, policing, and marking
B. Advertise to vSmart controllers.
C. The regional hub advertises the availability of the firewall service.
D. Apply data policies at vEdge.
E. Deploy a service-chained firewall service per VPN.
The correct answers are: C & E
Source:
https://www.ciscolive.com/c/dam/r/ciscolive/us/docs/2019/pdf/5eU6DfQV/TECCRS-2014.pdf
PAGE: 85
Problem: Certain departments require Firewall protection when interacting with data
center networks, while other departments do not
Solution: Deploy a service chained Firewall service per-VPN
Policy Details:
1. Regional hub advertises availability of Firewall service
2. Bi-directionally modify TLOC next hop attribute for VPN1 traffic between Site1 and Data Center to point at regional hub TLOCs
====================================
Question 41
Which REST API call checks the status of an action that is performed on a device?
A. admin status
B. troubleshoot status
C. configuration status
D. monitor status
Correct answer: D
Explanation:
In a REST API context, the “monitor” status refers to querying the current operational status of a device or system. When you initiate an action or task through a REST API call, such as deploying a configuration change or performing a specific operation on a device, you can use the “monitor status” API call to check the progress and current status of that action.
By making the “monitor status” API call, you can retrieve information about the ongoing or completed action, including its current state, completion status, success or failure status, and any relevant details or metrics associated with the task.
The other options (A. admin status, B. troubleshoot status, and C. configuration status) are not standard terms used in REST API calls to check the status of actions on a device. While they might be relevant in certain contexts, they are not specifically related to monitoring the status of actions performed on a device using REST APIs.
====================================
Question 56
Refer to the exhibit.
An engineer must block FTP traffic coming in from a particular Service VPN on a WAN Edge device. Which set of steps achieves this goal?
A. Create a localized policy and add it to the interface feature template.
B. Create a localized policy, add it to VPN template, and add an ACL to the interface feature template.
C. Create a prefix list, add it to the localized policy, and add it to the interface feature template.
D. Create a localized policy, add it to the device template, and add an ACL to the interface feature template.
The correct answer is: C
B: You cannot add a centralized/localized policy to a VPN Template. But you can to a interface templace and device template.
The exhibit already shows a localized policy created in VManage, there is no need to create a new one. You only need to create an ACL that blocks FTP traffic (Port 20/21) ingress on an interface (in VManage add it to the localized, then interface feature).
From Cisco documentation:
Localized data policy, so called because it is provisioned on the local Cisco vEdge device, is applied on a specific router interface and affects how a specific interface handles the data traffic that it is transmitting and receiving. Localized data policy is also referred to as access lists (ACLs). With access lists, you can provision class of service (CoS), classifying data packets and prioritizing the transmission properties for different classes. You can configure policing and provision packet mirroring.
For IPv4, you can configure QoS actions.
You can apply IPv4 access lists in any VPN on the router, and you can create access lists that act on unicast and multicast traffic. You can apply IPv6 access lists only to tunnel interfaces in the transport VPN (VPN 0).
Source:
https://www.cisco.com/c/en/us/td/docs/routers/sdwan/configuration/policies/vedge-20-x/policies-book/localized-policy.html#Cisco_Concept.dita_d90ce142-5a9a-463c-acf3-a33dc486d53c
====================================
Question 58
An engineer must configure the SD-WAN Edge router to identify DSCP 26 traffic coming from the router’s local site and then change the DSCP value to DSCP 18 before sending it over to the SD-WAN fabric. What are the two ways to create the required configuration? (Choose two)
The correct answers are: C & D
Correct due to being a localized specific policy!
Route policy is a control policy not data so it won’t affect QoS in any way.
Reference:
https://www.cisco.com/c/en/us/td/docs/routers/sdwan/configuration/qos/ios-xe-17/qos-book-xe/forwarding-qos.html#c_Forwarding_and_QoS_Overview_12257.xml
====================================
Question 67
Which two vRoute attributes should be matched or set in vSmart policies and modified by data policies? (Choose two)
A. VPN
B. preference
C. site ID
D. origin
E. TLOC
Answer is A & E
Only VPN and TLOC attributes can be set in vSmart policies and modified by data policies!
Check “Table 5” details vroute attributes being TLOC and VPN
https://www.cisco.com/c/en/us/td/docs/routers/sdwan/configuration/policies/vedge/policies-book/policy-framework.html#id_113316
====================================
Question 68
What is the default value for the number of paths advertised per prefix in the OMP feature template?
A. 4
B. 8
C. 12
D. 16
The default value is 4
Please see Cisco’s official guide:-
https://www.cisco.com/c/en/us/td/docs/routers/sdwan/configuration/routing/vEdge-20-x/routing-book/m-unicast-routing.html
“Table 14”
====================================
Question 69
A customer has 1 to 100 service VPNs and wants to restrict outbound updates for VPN1. Which control policy configuration restricts these updates?
The correct answer should be: D
policy
lists
vpn-list restricted_vpns
vpn 1
!
!
vpn-membership restrict_1
sequence 100
match vpn-list restricted_vpns
action reject
!
!
default-action accept
!
====================================
Question 70
Which NAT type must the engineer configure for the vEdge router to bring up the data plane tunnels?
A. Use private color on the TLOC.
B. Enable Full Cone NAT on the vEdge interface.
C. Enable Symmetric NAT on the vEdge interface.
D. Use public color on the TLOC.
The correct answer is: B
In most of the cases, your public colors like biz-internet or public-internet can be directly attached to the internet.
In other cases, there is a NAT device behind the vEdge WAN interface and the actual Internet Service Provider.
In this manner, the vEdge can have a private IP and the other device (Router, Firewall, etc) can be the device with the public facing IP addresses.
If you have an incorrect NAT type, then it could potentially be one of the most common reasons that do not allow the formation of Data Plane tunnels. These are the supported NAT types.
Source:
https://www.cisco.com/c/en/us/support/docs/routers/sd-wan/214510-troubleshoot-bidirectional-forwarding-de.html#anc19
====================================
Question 80
How many network interface cards are needed to add in virtual machine settings when installing vSmart controller on VMware vSphere ESXi Hypervisor software?
A. 1
B. 2
C. 3
D. 4
The correct answer is: A
Source:
https://www.cisco.com/c/en/us/td/docs/routers/sdwan/configuration/sdwan-xe-gs-book/cisco-sd-wan-overlay-network-bringup.html#c_Step_5__Deploy_the_vSmart_Controller_78730.xml
====================================
Question 84
What is one way an SD-WAN Edge router originates a vRoute?
A. learned from BGP
B. from TLOCs connected to the WAN transports
C. learned from OSPF intra-area
D. from the vBond controller
The correct answer is: B
Source:
https://www.cisco.com/c/en/us/td/docs/routers/sdwan/configuration/bridging-routing-segmentation-qos/vedge/bridging-routing-segmentation-qos-book/unicast-overlay-routing.html#concept_nt5_mc2_b3b
On Cisco vSmart Controllers and Cisco vEdge devices, OMP advertises to its peers the routes and services that it has learned from its local site, along with their corresponding transport location mappings, which are called TLOCs. These routes are called OMP routes or vRoutes to distinguish them from standard IP routes. The routes advertised are actually a tuple consisting of the route and the TLOC associated with that route. It is through OMP routes that the Cisco vSmart Controllers learn the topology of the overlay network and the services available in the network.
@certprepare, can you please review and update based on the feedback from iWanttoPass above? we need to ensure the answers are correct!
@iWanttoPass: Thank you for your information! We checked and updated all the questions you mentioned!
Questions are valid. There are a few question with more answers. For example how to create group of interest list similar to premium Part 5 Q3. There were 2 option to chose. Options were Localized policy/list and Centralized policy/list and few more. Not sure if that was right answer.
I have used premium account for ENCOR, is it worth to use premium for this also?
I passed the exam today, all questions here are valid. Get your exam on or before September 12, 2023. Cisco will release new exam versions.
Hi @Golteb,…I can see on Cisco portal stating that Cisco Enterprise exam updates
As part of our Certification Roadmaps review cycle, our CCNP Enterprise exams will be updating soon. The last date to test for the current exams is September 19, 2023. Candidates can expect to be tested on the new exam material starting September 20, 2023.
hi guys , where i can get the dump for this ? @certprepare
Hi guys! Does the premium access includes a pdf file with Q&A?
Hi friends, Can someone confirm for me if the dumps are reliable pls ?
Please could someone say me if the ENSDWI exmane has some lab? if how many?
Hi All, did someone passed the exam recently using the premium dumps? Just want to know if it is still valid.
Hi All,
I would advise you not to take the exam, there are loads of new questions, which aren’t on here. If anyone has taken the exam recently can you confirm if the exam was verison 1.1, or have they changed the questions already? i would say i got approx 10 or more new questions.
guys i took the exam last friday, it has like 10 new questions as stated above. They are doable based on the questions on this page.
@certprepare
Can you confirm when you will have the questions for version 1.2.
Thanks
@Mikeyeah
what dumps did you use?
Used the materials on here
Did it yesterday. Completely NOT up to date! Bought the premium access but, only like 8 questions from 66 came out… and with wrong answers…
As of today, Cisco have changed the exam to Verison 1.2, DO NOT take the exam, until you see an update on here, @Certperpare, please confirm when you will have the new questions..
Thanks.