What is the purpose of CA in a PKI? To validate the authenticity of a digital certificate To certify the ownership of a public key by the named subject To issue and revoke digital certificates To create the private key for a digital certificate.
Which standard is used to automate exchanging cyber threat information? IoC MITRE STIX TAXII.
An engineer adds a custom detection policy to a Cisco AMP deployment and encounters issues with the configuration. The simple detection mechanism is configured, but the dashboard indicates that the hash is not 64 characters and is non-zero. What is the issue? The engineer is attempting to upload a file instead of a hash. The hash being uploaded is part of a set in an incorrect format. The file being uploaded is incompatible with simple detections and must use advanced detections. The engineer is attempting to upload a hash created using MD5 instead of SHA-256.
Which network monitoring solution uses streams and pushes operational data to provide a near real time view of activity? SMTP Syslog SNMP Model-driven telemetry.
What are two examples of code injection vulnerabilities? (Choose two) Cross-site scripting Arbitrary command injection SQL injection XML external entity injection Session hijacking.
What are the components of endpoint protection against social engineering attacks? IPsec Firewall IDS ESA.
Which industry standard is used to integrate Cisco ISE and Cisco pxGrid to each other and with other interoperable security platforms? IEEE NIST ANSI IETF.
Which two services must remain as on premises equipment when a hybrid email solution is deployed? (Choose two) Encryption DLP Antivirus Antispam DDoS.
Due to a traffic storm on the network, two interfaces were error-disabled, and both interfaces sent SNMP traps. Which two actions must be taken to ensure that interfaces are put back into service? (Choose two) Enable the snmp-server traps command and wait 300 seconds. Enter the shutdown and not shutdown commands on the interfaces. Use EEM to have the ports return to service automatically in less than 300 seconds. Have Cisco Prime infrastructure issue an SNMP set command to re-enable the ports after the preconfigured interval. Ensure that interfaces are configured with the error-disable detection and recovery feature.
Refer to the exhibit Which statement about the authentication protocol used in the configuration is true? The authentication request contains only a username. The authentication request contains only a password. The authentication and authorization request are grouped in a single packet. There are separate authentication and authorization request packets.
Refer to the exhibit. An engineer must enable secure SSH protocols and enters this configuration. What are two results of running this set of commands on a Cisco router? (Choose two) Generates AES key pairs on the router. Labels the key pairs to be used for SSH. Uses the FQDN with the label command. Generates RSA key pairs on the router. Enables SSHv1 on the router.
What is a different between FlexVPN and DMVPN? FlexVPN uses IKEv1 or IKEv2. DMVPN uses only IKEv2. DMVPN uses only IKEv1. FlexVPN uses only IKEv2 DMVPN uses IKEv1 or IKEv2. FlexVPN uses only IKEv1. FlexVPN uses IKEv2. DMVPN uses IKEv1 or IKEv2.
Which statement describes a serverless application? The application is installed on network equipment and not on physical servers. The application runs from a containerized environment that is managed by Kubernets or Docker Swarm. The application runs from an ephemeral, event-triggered, and stateless container that is fully managed by a cloud provider. The application delivery controller in front of the server farm designates on which server the application runs each time.
An organization has a Cisco ESA set up with DLP policies and would like to customize the action assigned for violations. The organization wants a copy of the message to be delivered with a message added to flag it as a DLP violation. Which actions must be performed in order to provide this capability? Quarantine and alter the subject header with DLP violation. Quarantine and send a DLP violation notification. Deliver and send copies to other recipients. Deliver and add disclaimer text.
While using Cisco Firepower's Security Intelligence policies, which two criteria is blocking based upon? (Choose two) URLs Port numbers IP addresses MAC addresses Protocol IDs.
An organization has a Cisco Secure Cloud Analytics deployment in their environment. Cloud logging is working as expected, but logs are not being received from the on-premise network. What action will resolve this issue? Configure security appliance to send syslogs to Cisco Stealthwatch Cloud. Deploy a Cisco FTD sensor to send events to Cisco Stealthwatch Cloud. Configure security appliances to send Netflow to Cisco Stealthwatch Cloud. Deploy a Stealthwatch Cloud sensor on the network to send data to Stealthwatch Cloud.
Which term describes when the Cisco Firepower downloads threat intelligence updates from Cisco Talos? Consumption Authoring Analysis Sharing.
Which two products are used to forecast capacity needs accurately in real time? (Choose two) Cisco Cloudlock Cisco Umbrella Cisco Tetration Cisco AppDynamics Cisco Workload Optimization Manager.
Refer to the exhibit Which command was used to generate this output and to show which ports are authenticating with dot1x or mab? Show authentication method Show authentication sessions Show dot1x all Show authentication registrations.
What two mechanisms are used to redirect users to a web portal to authenticate to ISE for guest services? (Choose two) local web auth multiple factor auth TACACS+ single sign-on central web auth.
Which two solutions help combat social engineering and phishing at the endpoint level? (Choose two) Cisco Umbrella Cisco DNA Center Cisco ISE Cisco TrustSec Cisco Duo Security.
How does Cisco Umbrella protect clients when they operate outside of the corporate network? By using Active Directory group policies to enforce Umbrella DNS servers By forcing DNS queries to the corporate name servers By using the Umbrella roaming client By modifying the registry for DNS lookups.
Which Cisco security solution stops exfiltration using HTTPS? Cisco FTD Cisco ASA Cisco CTA Cisco AnyConnect.
Which type of DNS abuse exchanges data between two computers even when there is no direct connection? Data exfiltration Command-and-control communication Malware installation Network footprinting.
The main function of northbound APIs in the SDM architecture is to enable communication between which two areas of a network? SDN controller and the cloud Management console and the cloud Management console and the SDN controller SDN controller and the management solution.
An administrator needs to be able to have a router securely communicate with a network management system. The connections must be authenticated but not encrypted- While meeting there requirements, which command will create a group that allows a user on the network management system access to the router? snmp-server group <group name> v3 priv write <view name> snmp-server group <group name> v2c snmp-server group <group name> v3 auth snmp-server group <group name> v2c write <view name>.
What are two characteristics of the RESTful architecture used within Cisco DNA Center? (Choose two) REST uses HTTP to send a request to a web service. REST is a Linux platform-based architecture. REST uses methods such as GET, PUT, POST and DELETE. REST codes can be compiled with any programming language. The POST action replaces existing data at the URL path.
An organization is implementing URL blocking using Cisco Umbrella. The users are able to go to some sites but other sites are not accessible due to an error. Why is the error occurring? Client computers do not have the Cisco Umbrella Root CA certificate installed. Intelligent proxy and SSL decryption is disabled in the policy. Client computers do not have an SSL certificate deployed from an internal CA server. IP-Layer Enforcement is not configured.
Which feature must be configured before implementing NetFlow on a router? SNMPv3 VRF IP routing Syslog.
Which solution should be leveraged for secure access of a CI/CD pipeline? Duo Network Gateway Remote access client SSL WebVPN Cisco FTD network gateway.
Which two global commands must the network administrator implement to limit the attack surface of an internet-facing Cisco router? (Chose two) no service password-recovery no ip http server service top-keepalives-in ip ssh version 2 no cdp run.
Which solution combines Cisco IOS XE components to enable administrators to recognize applications, collect and send network metrics to Cisco Primer and other third-party management tools, and prioritize application traffic? Cisco DNA Center Cisco Model Driven Telemetry Cisco Application Visibility and Control Cisco Security Intelligence.
Which capability is provided by application visibility and control? deep packet inspection reputation filtering data encryption data obfuscation .
What does Cisco AMP for Endpoints use to help an organization detect different families of malware? Tetra Engine to detect malware when the endpoint is connected to the cloud. ClamAV Engine to perform email scanning. Ethos Engine to perform fuzzy fingerprinting. Spero Engine with machine learning to perform dynamic analysis.
Which solution protects hybrid cloud deployment workloads with application visibility and segmentation? Secure Workload Secure Firewall Nexus Secure Network Analytics.
An organization is using CSR1000 routers in their private cloud infrastructure. They must upgrade their code to address vulnerabilities within their running code version Who is responsible for these upgrades? The CSR1000 is upgrades automatically as new code becomes available. The cloud provider must be asked to perform the upgrade. The cloud vendor is responsible for updating all code hosted in the cloud. The organization must update the code for the devices they manage.
Which action must be taken in the AMP for Endpoints console to detect specific MD5 signatures on endpoints and then quarantine the files? Configure a simple custom detection list. Configure an advanced custom detection list. Configure an application custom detection list. Configure an IP Block & Allow custom detection list.
What are two advantages of using Cisco AnyConnect over DMVPN? (Choose two) It allows customization of access policies based on user identity. It allows different routing protocols to work over the tunnel. It enables VPN access for individual users form their machines. It allows multiple sites to connect to the data center. It provides spoke-to-spoke communications without traversing the hub.
Which function is included when Cisco AMP is added to web security? detailed analytics of the unknown file's behavior phishing detection on emails threat prevention on an infected endpoint multifactor, authentication-based user identity.
Which security mechanism is designed to protect against "offline brute-force" attacks? MFA Salt Token CAPTCHA.
Which two application layer preprocessors are used by Firepower Next Generation Intrusion Preventions System? (Choose two) SIP SSL packet decoder Modbus Inline Normalization.
What is the purpose of the certificate signing request when adding a new certificate for a server? It provide the server information so a certificate can be created and signed. It is the password for the certificate that is needed to install it with. It is the certificate that will be loaded onto the server. It provides the certificate client information so the server can authenticate against it when installing.
What is a characteristic of a bridge group in Cisco ASA Firewall running in transparent mode? It includes multiple interfaces and access rules between interfaces are customizable. It has an IP address on its BVI interface and is used for management traffic. It is a Layer 3 segment and includes one port and customizable access rules. It allows ARP traffic with a single access rule.
Which DDoS attack uses fragmented packets in an attempt to crash a target machine? smurf teardrop LAND SYN flood.
Which command enables 802.1X globally on a Cisco switch? dot1x pae authenticator dot1x system-auth-control authentication port-control auto aaa new-model.
Which feature is used in a push model to allow for session identification, host authentication, and session termination? AAA attributes CoA request carrier-grade NAT AV pair.
Which configuration methos provides the option to prevent physical and virtual endpoint devices that are in the same base EPG or uSeg from being able to communicate with each other VMware VDS or Microsoft vSwitch placement in separate EPGs inter-VLAN security inter-EPG isolation intra-EPG isolation.
What does Cisco ISE use to collect endpoint attributes that are used in profiling? Cisco pxGrid posture assessment Cisco AnyConnect Secure Mobility Client probes.
Which entity is responsible for encrypting data in transit using an IaaS model versus a SaaS model? Cloud Service Customer for IaaS and Cloud Service Provider for SaaS Cloud Application Developer for IaaS and Cloud SLA Manager for SaaS Cloud Service Provider for IaaS and Cloud Service Customer for SaaS Cloud SLA Manager for IaaS and Cloud Application Developer for SaaS.
Which feature is used to restrict communication between interfaces on a Cisco ASA? security levels traffic zones VLAN subinterfaces VXLAN interface.
|
