Camilo 109-144

109. Which technology must be used to implement secure VPN connectivity among company branches over a private IP cloud with any-to-any scalable connectivity. FlexVPN. DMVPN. GET VPN. IPsec DVTI.

110. An engineer must modify a policy to block specific addresses using Cisco Umbrella. The policy is created already and is actively used by devices, using many of the default policy elements. What else must be done to accomplish this task?. Use content categories to block or allow specific addresses. Modify the application settings to allow only applications to connect to required addresses. Create a destination list for addresses to be allowed or blocked. Add the specified addresses to the identities list and create a block action.

111. An organization uses Cisco FMC to centrally manage multiple Cisco FTD devices. The default management port conflicts with other communications on the network and must be changed. What must be done to ensure that all devices can communicate together?. Change the management port on Cisco FMC so that it pushes the change to all managed Cisco FTD devices. Set the sftunnel to go through the Cisco FTD. Set the sftunnel port to 8305. Manually change the management port on Cisco FMC and all managed Cisco FTD devices.

112. An engineer is configuring Cisco WSA and needs to ensure end clients are protected against DNS spoofing attacks. Which deployment method accomplishes this goal?. transparent mode. single-context mode. Web Cache Communication Protocol. explicit forward.

113. Which type of API is being used when a security application notifies a controller within a software-defined network architecture about a specific security threat?. southbound API. eastbound API. northbound API. westbound API.

114. Which two request methods of REST API are valid on the Cisco ASA Platform?(Choose two). get. push. options. put. connect.

115. What is a required prerequisite to enable malware file scanning for the Secure Internet Gateway?. Active SSL decryption. Enable Intelligent Proxy. Active the Advanced Malware Protection license. Enable IP Layer enforcement.

116. Which feature requires a network discovery policy on the Cisco Firepower NGIPS?. security intelligence. health monitoring. URL filtering. impact flags.

117. When MAB is configured for use within the 802. 1X environment, an administrator must create a policy that allows the devices onto the network. Which information is used for the username and password?. The MAB uses the IP address as username and password. The MAB uses the Call-Station-ID as username and password. The MAB uses the MAC address as username and password. Each device must be set manually by the administrator C.

118. What is the concept of CI/CD pipelining?. The project is split into time-limited cycles and focuses on pair programming for continuous code review. Each project phase is independent from other phases to maintain adaptiveness and continual improvement. The project code is centrally maintained, and each code change should trigger an automated build and test sequence. The project is split into several phases where one phase cannot start before the previous phase finishes successfully.

119. Which method must be used to connect Cisco Secure Workload to external orchestrators at a client site when the client does not allow incoming connections?. source NAT. reverse tunnel. GRE tunnel. destination NAT.

120. Which feature is used to configure an encrypted route-based site-to-site VPN from a Cisco router to a cloud environment?. IKE profile based selection. FlexVPN Mixed mode. Tunnel Mode Auto Selection. virtual tunnel interface.

121. What is an advantage of using a next-generation firewall compared to a traditional firewall?. Next-generation firewalls use intrusion prevention policies, and traditional firewalls use intrusion detection policies. Next-generation firewall have stateless inspection capabilities, and traditional firewalls use stateful inspection. Next-generation firewalls have threat intelligence feeds, and traditional firewalls use signature detection. Next-generation firewalls use dynamic packet filtering, and traditional firewalls use static packet filtering.

122. What must be configured on Cisco Secure Endpoint to create a custom detection file list to detect and quarantine future files?. Configure an application control allowed applications list to block the files. Add a network IP block allowed list to the configuration and add the blocked files. Use the simple custom detection feature and add each detection to the list. Create an advanced custom detection and upload the hash of each file.

123. Which action configures the IEEE 802.1X Flexible Authentication feature to support Layer 3 authentication mechanisms?. Modify the Dot1X configuration on the VPN server to send Layer 3 authentications to an external authentication database. Identify the devices using this feature and create a policy that allows them to pass Layer 2 authentication. Add MAB into the switch to allow redirection to a Layer 3 device for authentication. Configure WebAuth so the hosts are redirected to a web page for authentication.

124. Which open standard creates a framework for sharing threat intelligence in a machine-digestible format?. OpenC2. STIX. CybOX. OpenIOC.

125. Refer to the exhibit. Which command was used to display this output. show dot1x all summary. show dot1x. show dot1x interface gi1/0/12. show dot1x all.

126. Which two probes are configured to gather attributes of connected endpoints using Cisco identity Services Engine? (Choose two.). RADIUS. SMTP. DHCP. sFlow. TACACS+.

127. When wired 802.1X authentication is implemented, which two components are required? (Choose two.). authenticator: Cisco identity Services Engine. authenticator: Cisco Catalyst switch. supplicant: Cisco AnyConnect ISE Posture module. authentication server: Cisco Prime Infrastructure. authentication server: Cisco identity Service Engine.

128. What is a commonality between DMVPN and FlexVPN technologies?. IOS routers run the same NHRP code for DMVPN and FlexVPN. FlexVPN and DMVPN use IS-IS routing protocol to communicate with spokes. FlexVPN and DMVPN use the new key management protocol, IKEv2. FlexVPN and DMVPN use the same hashing algorithms.

129. Refer to the exhibit. Traffic is not passing through IPsec site-to-site VPN on the Secure Firewall Threat Defense appliance. What is causing this issue?. The access control policy is not allowing VPN traffic in. Site-to-site VPN peers are using different encryption algorithms. No split-tunnel policy is defined on the Firepower Threat Defense appliance. Site-to-site VPN preshared keys are mismatched.

130. A switch with Dynamic ARP Inspection enabled has received a spoofed ARP response on a trusted interface.How does the switch behave in this situation?. It forwards the packet without validation. It drops the packet without validation. It forwards the packet after validation by using the IP& MAC Binding Table. It drops the packet after validation by using the IP & MAC Binding Table.

131. In which two ways does Easy Connect help control network access when used with Cisco TrustSec? (Choose two.). It creates a dashboard in Cisco ISE that provides full visibility of all connected endpoints. It allows for managed endpoints that authenticate to AD to be mapped to Security Groups (PassiveID). It allows for the assignment of Security Group Tags and does not require 802.1X to be configured on the switch or the endpoint. It allows multiple security products to share information and work together to enhance security posture in the network. It integrates with third-party products to provide better visibility throughout the network.

132. An administrator has been tasked with configuring the Cisco Secure Emall Gateway to ensure there are no viruses before quarantined emails are dellvered. In addiion, dellvery of mall from known bad mall servers must be prevented. Which two actions must be taken order to meet these requirements? (Choose two.). Configure a recipient access table. Deploy the Cisco ESA in the DMZ. Use outbreak filters from SenderBase. Enable a message tracking service. Scan quarantined emails using AntiVirus signatures.

133. An organization wants to use Cisco FTD or Cisco ASA devices. Specific URLs must be blocked from being accessed via the firewall, which requires that the administrator input the bad URL categories that the organization wants blocked into the access policy. Which solution should be used to meet this requirement?. Cisco FTD because it includes URL filtering in the access control policy capabilities, whereas Cisco ASA does not. Cisco ASA because it enables URL filtering and blocks malicious URLS by default, whereas Cisco FTD does not. Cisco FTD because it enables URL filtering and blocks. malicious URLs by default, whereas Cisco ASA does not. Cisco ASA because it includes URL filtering in the access control policy capabilities, whereas Cisco FTD does not.

134. Cisco AMP for Endpoints administrator configures a custom detection policy to add specific MD5 signatures. The configuration is created in the simple detection policy section, but it does not work. What is the reason for this. The administrator must upload the file instead of the hash for Cisco AMP to use. The MD5 hash uploaded to the simple detection policy is in the incorrect format. Detections for MD5 signatures must be configured in the advanced custom detection policies. The APK must be uploaded for the application that the detection is intended.

135. An organization wants to implement a cloud-delivered and SaaS based solution to provide visibility and threat detection across the AWS network. The solution must be deployed without software agents and rely on AWS VPC flow logs instead Which solution meets these requirements?. Cisco Secure Cloud Analytics. Cisco Cloudlock. NetFlow collectors. Cisco Umbrella.

136. What are two functionalities of SDN Northbound APIs? (Choose two.). Northbound APIs form the interface between the SDN controller and business applications. Northbound APIs use the NETCONF protocol to communicate with applications. Northbound APIs provide a programmable interface for applications to dynamically configure the network. Northbound APIs form the interface between the SDN controller and the network switches or routers. OpenFlow is a standardized northbound API protocol.

137. An organization has DHCP servers set up to allocate IP addresses to clients on the LAN. What must be done to ensure the LAN switches prevent malicious DHCP traffic while also distributing IP addresses to the correct endpoints. Configure Dynamic ARP Inspection and add entries in the DHCP snooping database. Configure DHCP snooping and set a trusted interface for the DHCP server. Configure Dynamic ARP Inspection and antispoofing ACLs in the DHCP snooping database,. Configure DHCP snooping and set trusted interfaces for all client connections.

138. Which solution for remote workers enables protection, detection, and response on the endpoint against known and unknown threats?. Cisco Secure Client. Cisco Umbrella. Cisco Duo. Cisco Secure Endpoint.

139. Which Cisco solution extends network visibility, threat detection, and analytics to public cloud environments?. Cisco Stealthwatch Cloud. Cisco CloudLock. Cisco AppDynamics. Cisco Umbrella.

140. Which action controls the amount of URI text that is stored in Cisco WSA log files?. Configure the advancedproxyconfig command with the HTTPS subcommand. Configure a maximum packet size. Configure a small log-entry size. Configure the datasecurityconfig command.

141. What is the difference between EPP and EDR?. EPP focuses primarily on threats that have evaded front-line defenses that entered the environment. Having an EPP solution allows an engineer to detect, investigate, and remediate modern threats. EDR focuses solely on prevention at the perimeter. Having an EDR solution gives an engineer the capability to flag offending files at the first sign of malicious behavior.

142. Which two fields are defined in the NetFlow flow? (Choose two.). destination port. class of service bits. type of service byte. output logical interface. layer 4 protocol type.

143. An engineer is configuring cloud logging on Cisco ASA and needs events to compress. Which component must be configured to accomplish this goal?. Cisco analytics. SDC VM. SDC event viewer. SWC service.

144. What is the process in DevSecOps where all changes in the central code repository are merged and synchronized?. QA. CI. EP. CD.