option
Questions
ayuda
daypo
CREATE TEST
search.php

ERASED TEST, YOU MAY BE INTERESTED ON gurutzeza

COMMENTS STATISTICS RECORDS
TAKE THE TEST
Title of test:
gurutzeza

Description:
Gut1 to do so things happen

Author:
TugdoiW
Other tests from this author

Creation Date: 18/01/2025

Category: Others

Number of questions: 139
Share the Test:
New CommentNuevo Comentario
No comments about this test.
Content:
Which functions of an SDN architecture require southbound APIs to enable communication? SDN controller and the network elements management console and the SDN controller management console and the cloud SDN controller and the cloud.
Which two request methods of REST API are valid on the Cisco ASA Platform? (Choose two.) put options get push connect.
The main function of northbound APIs in the SDN architecture is to enable communication between which two areas of a network? SDN controller and the cloud management console and the SDN controller management console and the cloud SDN controller and the management solution.
Which Cisco security solution provides patch management in the cloud? Cisco Umbrella Cisco ISE Cisco CloudLock Cisco Tetration.
An organization is using DNS services for their network and want to help improve the security of the DNS infrastructure. Which action accomplishes this task? Use DNSSEC between the endpoints and Cisco Umbrella DNS servers. Modify the Cisco Umbrella configuration to pass queries only to non-DNSSEC capable zones Integrate Cisco Umbrella with Cisco CloudLock to ensure that DNSSEC is functional. Configure Cisco Umbrella and use DNSSEC for domain authentication to authoritative servers.
Drag and drop the Cisco CWS redirection options from the left onto the capabilities on the right. Cisco AnyConnect client ISR with CWS connector NGFW with CWS connector WSAv with CWS connector.
What is the purpose of the Cisco Endpoint IoC feature? It is an incident response tool It provides stealth threat prevention It is a signature-based engine It provides precompromise detection.
Which two protocols must be configured to authenticate end users to the Cisco WSA? (Choose two.) TACACS+ CHAP NTLMSSP RADIUS Kerberos.
What is the target in a phishing attack? perimeter firewall IPS web server endpoint.
Which action must be taken in the AMP for Endpoints console to detect specific MD5 signatures on endpoints and then quarantine the files? Configure an advanced custom detection list. Configure an IP Block & Allow custom detection list Configure an application custom detection list Configure a simple custom detection list.
A university policy must allow open access to resources on the Internet for research, but internal workstations are exposed to malware. Which Cisco AMP feature allows the engineering team to determine whether a file is installed on a selected few workstations? file prevalence file discovery file conviction file manager.
Which Cisco security solution secures public, private, hybrid, and community clouds? Cisco ISE Cisco ASAv Cisco Cloudlock Cisco pxGrid.
Which two commands are required when configuring a flow-export action on a Cisco ASA? (Choose two.) flow-export event-type policy-map access-list flow-export template timeout-rate 15 access-group.
Which threat intelligence standard contains malware hashes? advanced persistent threat open command and control structured threat information expression trusted automated exchange of indicator information.
What does Cisco ISE use to collect endpoint attributes that are used in profiling ? probes posture assessment Cisco AnyConnect Secure Mobility Client Cisco pxGrid.
Client workstations are experiencing extremely poor response time. An engineer suspects that an attacker is eavesdropping and making independent connections while relaying messages between victims to make them think they are talking to each other over a private connection. Which feature must be enabled and configured to provide relief from this type of attack? Link Aggregation Reverse ARP private VLANs Dynamic ARP Inspection.
What are two workload security models? (Choose two.) SaaS PaaS off-premises on-premises IaaS.
()An engineer needs to configure a Cisco Secure Email Gateway (SEG) to prompt users to enter multiple forms of identification before gaining access to the SEG. The SEG must also join a cluster using the preshared key of cisc421555367. What steps must be taken to support this? Enable two-factor authentication through a RADIUS server, and then join the cluster via the SEG GUI. Enable two-factor authentication through a TACACS+ server, and then join the cluster via the SEG CLI. Enable two-factor authentication through a RADIUS server, and then join the cluster via the SEG CLI Enable two-factor authentication through a TACACS+ server, and then join the cluster via the SEG GUI.
Which DoS attack uses fragmented packets in an attempt to crash a target machine? teardrop smurf LAND SYN flood.
Why should organizations migrate to a multifactor authentication strategy ? Multifactor authentication methods of authentication are never compromised Biometrics authentication leads to the need for multifactor authentication due to its ability to be hacked easily Multifactor authentication does not require any piece of evidence for an authentication mechanism Single methods of authentication can be compromised more easily than multifactor authentication.
What is the concept of Cl/CD pipelining? The project is split into several phases where one phase cannot start before the previous phase finishes successfully. The project code is centrally maintained and each code change should trigger an automated build and test sequence The project is split into time-limited cycles and focuses on pair programming for continuous code review Each project phase is independent from other phases to maintain adaptiveness and continual improvement.
An organization uses Cisco FMC to centrally manage multiple Cisco FTD devices The default management port conflicts with other communications on the network and must be changed What must be done to ensure that all devices can communicate together? Set the sftunnel to go through the Cisco FTD Change the management port on Cisco FMC so that it pushes the change to all managed Cisco FTD devices Set the sftunnel port to 8305 Manually change the management port on Cisco FMC and all managed Cisco FTD devices.
Which feature is used in a push model to allow for session identification, host reauthentication, and session termination ? AAA attributes CoA request AV pair carrier-grade NAT.
An engineer is configuring Cisco WSA and needs to deploy it in transparent mode. Which configuration component must be used to accomplish this goal ? MDA on the router PBR on Cisco WSA WCCP on switch DNS resolution on Cisco WSA.
Which two configurations must be made on Cisco ISE and on Cisco TrustSec devices to force a session to be adjusted after a policy change is made? (Choose two) posture assessment aaa authorization exec default local tacacs-server host 10.1.1.250 key password aaa server radius dynamic-author CoA.
A company recently discovered an attack propagating throughout their Windows network via a file named abc428565580xyz exe. The malicious file was uploaded to a Simple Custom Detection list in the AMP for Endpoints Portal and the currently applied policy for the Windows clients was updated to reference the detection list. Verification testing scans on known infected systems shows that AMP for Endpoints is not detecting the presence of this file as an indicator of compromise. What must be performed to ensure detection of the malicious file? Upload the malicious file to the Blocked Application Control List Use an Advanced Custom Detection List instead of a Simple Custom Detection List Check the box in the policy configuration to send the file to Cisco Threat Grid for dynamic analysis Upload the SHA-256 hash for the file to the Simple Custom Detection List.
Which Cisco Firewall solution requires zone definition? CBAC Cisco AMP ZBFW Cisco ASA.
An engineer must set up 200 new laptops on a network and wants to prevent the users from moving their laptops around to simplify administration Which switch port MAC address security setting must be used? sticky static aging maximum.
For a given policy in Cisco Umbrella, how should a customer block website based on a custom list? by specifying blocked domains in me policy settings by specifying the websites in a custom blocked category by adding the websites to a blocked type destination list by adding the website IP addresses to the Cisco Umbrella blocklist.
An engineer is configuring cloud logging using a company-managed Amazon S3 bucket for Cisco Umbrella logs. What benefit does this configuration provide for accessing log data? It is included m the license cost for the multi-org console of Cisco Umbrella It can grant third-party SIEM integrations write access to the S3 bucket No other applications except Cisco Umbrella can write to the S3 bucket Data can be stored offline for 30 days.
With regard to RFC 5176 compliance, how many IETF attributes are supported by the RADIUS CoA feature? 3 5 10 12.
An engineer needs to detect and quarantine a file named abc424400664 zip based on the MD5 signature of the file using the Outbreak Control list feature within Cisco Advanced Malware Protection (AMP) for Endpoints The configured detection method must work on files of unknown disposition Which Outbreak Control list must be configured to provide this? Blocked Application Simple Custom Detection Advanced Custom Detection Android Custom Detection.
An engineer is trying to decide whether to use Cisco Umbrella, Cisco CloudLock, Cisco Stealthwatch, or Cisco AppDynamics Cloud Monitoring for visibility into data transfers as well as protection against data exfiltration Which solution best meets these requirements? Cisco CloudLock Cisco AppDynamics Cloud Monitoring Cisco Umbrella Cisco Stealthwatch.
Refer to the exhibit When configuring this access control rule in Cisco FMC, what happens with the traffic destined to the DMZ inside zone once the configuration is deployed? All traffic from any zone to the DMZ_inside zone will be permitted with no further inspection No traffic will be allowed through to the DMZ_inside zone regardless of if it's trusted or not All traffic from any zone will be allowed to the DMZ_inside zone only after inspection No traffic will be allowed through to the DMZ_inside zone unless it's already trusted.
Which feature requires that network telemetry be enabled? per-interface stats SNMP trap notification Layer 2 device discovery central syslog system.
An engineer is implementing DHCP security mechanisms and needs the ability to add additional attributes to profiles that are created within Cisco ISE Which action accomplishes this task? Define MAC-to-lP address mappings in the switch to ensure that rogue devices cannot get an IP address Use DHCP option 82 to ensure that the request is from a legitimate endpoint and send the information to Cisco ISE Modify the DHCP relay and point the IP address to Cisco ISE. Configure DHCP snooping on the switch VLANs and trust the necessary interfaces.
A network engineer is configuring NetFlow top talkers on a Cisco router Drag and drop the steps in the process from the left into the sequence on the right configure the ip flow-top-talkers command configure the ip flow command on an interface configure IP Routing and enable Cisco Express Forwarding set the top-talkers sorting criterion specify the maximum number of top talkers.
What is an advantage of the Cisco Umbrella roaming client? the ability to see all traffic without requiring TLS decryption visibility into IP-based threats by tunneling suspicious IP connections the ability to dynamically categorize traffic to previously uncategorized sites visibility into traffic that is destined to sites within the office environment.
In which form of attack is alternate encoding, such as hexadecimal representation, most often observed? Smurf distributed denial of service cross-site scripting rootkit exploit.
Which flaw does an attacker leverage when exploiting SQL injection vulnerabilities? user input validation in a web page or web application Linux and Windows operating systems database web page images.
Which two prevention techniques are used to mitigate SQL injection attacks? (Choose two) Check integer, float, or Boolean string parameters to ensure accurate values. Use prepared statements and parameterized queries. Secure the connection between the web and the app tier. Write SQL code instead of using object-relational mapping libraries. Block SQL code execution in the web application database login.
Which two endpoint measures are used to minimize the chances of falling victim to phishing and social engineering attacks? (Choose two) Patch for cross-site scripting Perform backups to the private cloud Protect against input validation and character escapes in the endpoint. Install a spam and virus email filter. Protect systems with an up-to-date antimalware program.
Which two mechanisms are used to control phishing attacks? (Choose two) Enable browser alerts for fraudulent websites. Define security group memberships Revoke expired CRL of the websites. Use antispyware software. Implement email filtering techniques.
Which two behavioral patterns characterize a ping of death attack? (Choose two) The attack is fragmented into groups of 16 octets before transmission The attack is fragmented into groups of 8 octets before transmission Short synchronized bursts of traffic are used to disrupt TCP connections. Malformed packets are used to crash systems. Publicly accessible DNS servers are typically used to execute the attack.
Which two preventive measures are used to control cross-site scripting? (Choose two) Enable client-side scripts on a per-domain basis. Incorporate contextual output encoding/escaping. Disable cookie inspection in the HTML inspection engine Run untrusted HTML input through an HTML sanitization engine Same Site cookie attribute should not be used.
What is the difference between deceptive phishing and spear phishing? Deceptive phishing is an attacked aimed at a specific user in the organization who holds a C-level role. A spear phishing campaign is aimed at a specific person versus a group of people. Spear phishing is when the attack is aimed at the C-level executives of an organization Deceptive phishing hijacks and manipulates the DNS server of the victim and redirects the user to a false webpage.
Which attack is commonly associated with C and C++ programming languages? cross-site scripting water holing DDoS buffer overflow.
What is a language format designed to exchange threat intelligence that can be transported over the TAXII protocol? STIX XMPP pxGrid SMTP.
Which two capabilities does TAXII support? (Choose two) Exchange Pull messaging Binding Correlation Mitigating.
Which two risks is a company vulnerable to if it does not have a well-established patching solution for endpoints? (Choose two) exploits ARP spoofing denial-of-service attacks malware eavesdropping.
Which PKI enrollment method allows the user to separate authentication and enrollment actions and also provides an option to specify HTTP/TFTP commands to perform file retrieval from the server? url terminal profile selfsigned.
What are two rootkit types? (Choose two) registry virtual bootloader user mode buffer mode.
Which form of attack is launched using botnets? EIDDOS Virus DDOS TCP flood.
Which threat involves software being used to gain unauthorized access to a computer system? virus NTP amplification ping of death HTTP flood.
Which type of attack is social engineering? trojan phishing malware MITM.
Which two key and block sizes are valid for AES? (Choose two) 64-bit block size, 112-bit key length 64-bit block size, 168-bit key length 128-bit block size, 192-bit key length 128-bit block size, 256-bit key length 192-bit block size, 256-bit key length.
Which two descriptions of AES encryption are true? (Choose two) AES is less secure than 3DES AES is more secure than 3DES. AES can use a 168-bit key for encryption. AES can use a 256-bit key for encryption AES encrypts and decrypts a key three times in sequence.
Which algorithm provides encryption and authentication for data plane communication? AES-GCM SHA-96 AES-256 SHA-384.
Elliptic curve cryptography is a stronger more efficient cryptography method meant to replace which current encryption technology? 3DES RSA DES AES.
What is the result of running the crypto isakmp key ciscXXXXXXXX address 172.16.0.0 command? authenticates the IKEv2 peers in the 172.16.0.0 range by using the key ciscXXXXXXXX authenticates the IP address of the 172.16.0.0 peer by using the key ciscXXXXXXXX authenticates the IKEv1 peers in the 172.16.0.0 range by using the key ciscXXXXXXXX secures all the certificates in the IKE exchange by using the key ciscXXXXXXXX.
Which technology must be used to implement secure VPN connectivity among company branches over a private IP cloud with any-to-any scalable connectivity? DMVPN FlexVPN IPsec DVTI GET VPN.
Which two conditions are prerequisites for stateful failover for IPsec? (Choose two) Only the IKE configuration that is set up on the active device must be duplicated on the standby device; the IPsec configuration is copied automatically The active and standby devices can run different versions of the Cisco IOS software but must be the same type of device The IPsec configuration that is set up on the active device must be duplicated on the standby device Only the IPsec configuration that is set up on the active device must be duplicated on the standby device; the IKE configuration is copied automatically The active and standby devices must run the same version of the Cisco IOS software and must be the same type of device.
Which VPN technology can support a multivendor environment and secure traffic between sites? SSL VPN Get VPN FlexVPN DMVPN.
A network engineer is configuring DMVPN and entered the crypto isakmp key cisc0380739941 address 0.0.0.0 command on host The tunnel is not being established to hostB. What action is needed to authenticate the VPN? Change isakmp to ikev2 in the command on hostA Enter the command with a different password on hostB Enter the same command on hostB Change the password on hostA to the default password.
Refer to the exhibit A network administrator configured a site-to-site VPN tunnel between two Cisco IOS routers, and hosts are unable to communicate between two sites of VPN. The network administrator runs the debug crypto isakmp sa command to track VPN status. What is the problem according to this command output? hashing algorithm mismatch encryption algorithm mismatch authentication key mismatch interesting traffic was not applied.
What is a difference between FlexVPN and DMVPN? DMVPN uses IKEv1 or IKEv2, FlexVPN only uses IKEv1 DMVPN uses only IKEv1 FlexVPN uses only IKEv2 FlexVPN uses IKEv2, DMVPN uses IKEv1 or IKEv2 FlexVPN uses IKEv1 or IKEv2, DMVPN uses only IKEv2.
Which protocol provides the strongest throughput performance when using Cisco AnyConnect VPN? TLSv1.2 TLSv1.1 BJTLSv1 DTLSv1.
What is a commonality between DMVPN and FlexVPN technologies? FlexVPN and DMVPN use IS-IS routing protocol to communicate with spokes FlexVPN and DMVPN use the new key management protocol FlexVPN and DMVPN use the same hashing algorithms IOS routers run the same NHRP code for DMVPN and FlexVPN.
The main function of northbound APIs in the SDN architecture is to enable communication between which two areas of a network? SDN controller and the cloud management console and the SDN controller management console and the cloud SDN controller and the management solution.
Which two features of Cisco DNA Center are used in a Software Defined Network solution? (Choose two) accounting assurance automation authentication encryption.
Which functions of an SDN architecture require southbound APIs to enable communication? SDN controller and the network elements management console and the SDN controller management console and the cloud SDN controller and the cloud.
Which API is used for Content Security? NX-OS API IOS XR API OpenVuln API AsyncOS API.
Which two request of REST API are valid on the Cisco ASA Platform? (Choose two) Put Options Get Push Connect.
Which feature requires a network discovery policy on the Cisco Firepower Next Generation Intrusion Prevention System? Security Intelligence Impact Flags Health Monitoring URL Filtering.
Which two deployment model configurations are supported for Cisco FTDv in AWS? (Choose two) Cisco FTDv configured in routed mode and managed by an FMCv installed in AWS Cisco FTDv with one management interface and two traffic interfaces configured Cisco FTDv configured in routed mode and managed by a physical FMC appliance on premises Cisco FTDv with two management interfaces and one traffic interface configured Cisco FTDv configured in routed mode and IPv6 configured.
Which option is the main function of Cisco Firepower impact flags? They alert administrators when critical events occur. They highlight known and suspected malicious IP addresses in reports. They correlate data about intrusions and vulnerability They identify data that the ASA sends to the Firepower module.
On Cisco Firepower Management Center, which policy is used to collect health modules alerts from managed devices? health policy system policy correlation policy access control policy health awareness policy.
Which license is required for Cisco Security Intelligence to work on the Cisco Next Generation Intrusion Prevention System? Control Malware URL Filtering Protect.
Which two are valid suppression types on a Cisco Next Generation Intrusion Prevention System ?(Choose two) Port Rule Source Application Protocol.
Which feature is configured for managed devices in the device platform settings of the Firepower Management Center? quality of service time synchronization network address translations network address translations.
Which information is required when adding a device to Firepower Management Center? username and password encryption method device serial number registration key.
Which two deployment modes does the Cisco ASA FirePower module support? (Choose two) transparent mode routed mode inline mode active mode passive monitor-only mode.
The Cisco ASA must support TLS proxy for encrypted Cisco Unified Communications traffic. Where must the ASA be added on the Cisco UC Manager platform? Certificate Trust List Endpoint Trust List Enterprise Proxy Service Secured Collaboration Proxy.
Which statement about the configuration of Cisco ASA NetFlow v9 Secure Event Logging is true? To view bandwidth usage for NetFlow records, the QoS feature must be enabled. A sysopt command can be used to enable NSEL on a specific interface. NSEL can be used without a collector configured A flow-export event type must be defined under a policy.
Which feature is supported when deploying Cisco ASAv within AWS public cloud? multiple context mode user deployment of Layer 3 networks IPv6 clustering.
Which statement describes a traffic profile on a Cisco Next Generation Intrusion Prevention System? It allows traffic if it does not meet the profile. It defines a traffic baseline for traffic anomaly deduction. It inspects hosts that meet the profile with more intrusion rules. It blocks traffic if it does not meet the profile.
Which statement about IOS zone-based firewalls is true? An unassigned interface can communicate with assigned interfaces Only one interface can be assigned to a zone. An interface can be assigned to multiple zones. An interface can be assigned only to one zone.
What is a characteristic of Cisco ASA Netflow v9 Secure Event Logging? It tracks flow-create, flow-teardown, and flow-denied events. It provides stateless IP flow tracking that exports all records of a specific flow. It tracks the flow continuously and provides updates every 10 seconds. Its events match all traffic classes in parallel.
Which CLI command is used to register a Cisco FirePower sensor to Firepower Management Center? configure system add <host><key> configure manager <key> add host configure manager delete configure manager add <host><key>.
What is the result of this Python script of the Cisco DNA Center API? adds authentication to a switch adds a switch to Cisco DNA Center receives information about a switch deletes a switch from Cisco DNA Center.
What does the API do when connected to a Cisco security appliance? get the process and PID information from the computers in the network create an SNMP pull mechanism for managing AMP gather network telemetry information from AMP for endpoints gather the network interface information about the computers AMP sees.
Which policy is used to capture host information on the Cisco Firepower Next Generation Intrusion Prevention System? Correlation Intrusion Access Control Network Discovery.
Which ASA deployment mode can provide separation of management on a shared appliance? DMZ multiple zone mode transparent firewall mode multiple context mode routed mode.
What is a result of the configuration? Traffic from the DMZ network is redirected Traffic from the inside network is redirected All TCP traffic is redirected Traffic from the inside and DMZ networks is redirected.
Which policy represents a shared set of features or parameters that define the aspects of a managed device that are likely to be similar to other managed devices in a deployment? Group Policy Access Control Policy Device Management Policy Platform Service Policy.
Which two tasks allow NetFlow on a Cisco ASA 5500 Series firewall? (Choose two) Enable NetFlow Version 9 Create an ACL to allow UDP traffic on port 9996 Apply NetFlow Exporter to the outside interface in the inbound direction Create a class map to match interesting traffic Define a NetFlow collector by using the flow-export command.
A mall provides security services to customers with a shared appliance. The mall wants separation of management on the shared appliance. Which ASA deployment mode meets these needs? routed mode transparent mode multiple context mode multiple zone mode.
What is a characteristic of Firepower NGIPS inline deployment mode? ASA with Firepower module cannot be deployed It cannot take actions such as blocking traffic It is out-of-band from traffic It must have inline interface pairs configured.
An engineer wants to generate NetFlow records on traffic traversing the Cisco ASA. Which Cisco ASA command must be used? flow-export destination inside 1.1.1.1 2055 ip flow monitor input ip flow-export destination 1.1.1.1 2055 flow exporter.
How many interfaces per bridge group does an ASA bridge group deployment support? up to 2 up to 4 up to 8 up to 16.
Which two application layer preprocessors are used by Firepower Next Generation Intrusion Prevention System? (Choose two) packet decoder SIP modbus inline normalization SSL.
Which two features of Cisco Email Security can protect your organization against email threats? (Choose two) Time-based one-time passwords Data loss prevention Heuristic-based filtering Geolocation-based filtering NetFlow.
Why would a user choose an on-premises ESA versus the CES solution? Sensitive data must remain onsite. Demand is unpredictable. The server team wants to outsource this service ESA is deployed inline.
Which two features are used to configure Cisco ESA with a multilayer approach to fight viruses and malware? (Choose two) Sophos engine white list RAT outbreak filters DLP.
What is the purpose of the Decrypt for Application Detection feature within the WSA Decryption options? It decrypts HTTPS application traffic for unauthenticated users. It alerts users when the WSA decrypts their traffic. It decrypts HTTPS application traffic for authenticated users. It provides enhanced HTTPS application detection for AsyncOS.
Which two statements about a Cisco WSA configured in Transparent mode are true ?(Choose two) It can handle explicit HTTP requests. It requires a PAC file for the client web browser. It requires a proxy for the client web browser. WCCP v2-enabled devices can automatically redirect traffic destined to port 80. Layer 4 switches can automatically redirect traffic destined to port 80.
Which action controls the amount of URI text that is stored in Cisco WSA logs files? Configure the datasecurityconfig command Configure the advancedproxyconfig command with the HTTPS subcommand Configure a small log-entry size Configure a maximum packet size.
An engineer is configuring a Cisco ESA and wants to control whether to accept or reject email messages to a recipient address. Which list contains the allowed recipient addresses? SAT BAT HAT RAT.
Which two services must remain as on-premises equipment when a hybrid email solution is deployed? (Choose two) DDoS Antispam Antivirus Encryption DLP.
Which Talos reputation center allows you to track the reputation of IP addresses for email and web traffic? IP Blacklist Center File Reputation Center AMP Reputation Center IP and Domain Reputation Center.
Which proxy mode must be used on Cisco WSA to redirect TCP traffic with WCCP? transparent redirection forward proxy gateway.
After deploying a Cisco ESA on your network, you notice that some messages fail to reach their destinations. Which task can you perform to determine where each message was lost? Configure the trackingconfig command to enable message tracking. Generate a system report. Review the log files. Perform a trace.
What is the primary benefit of deploying an ESA in hybrid mode? You can fine-tune its settings to provide the optimum balance between security and performance for your environment It provides the lowest total cost of ownership by reducing the need for physical appliances It provides maximum protection and control of outbound messages It provides email security while supporting the transition to the cloud.
What is the primary role of the Cisco Email Security Appliance? Mail Submission Agent Mail Transfer Agent Mail Delivery Agent Mail User Agent.
Which technology is used to improve web traffic performance by proxy caching? WSA Firepower FireSIGHT ASA.
In which two ways does a system administrator send web traffic transparently to the Web Security Appliance? (Choose two) configure Active Directory Group Policies to push proxy settings configure policy-based routing on the network infrastructure reference a Proxy Auto Config file configure the proxy IP address in the web-browser settings use Web Cache Communication Protocol.
Which technology reduces data loss by identifying sensitive information stored in public computing environments? Cisco SDA Cisco Firepower Cisco HyperFlex Cisco Cloudlock.
Which deployment model is the most secure when considering risks to cloud adoption? Public Cloud Hybrid Cloud Community Cloud Private Cloud.
In which cloud services model is the tenant responsible for virtual machine OS patching? IaaS UCaaS PaaS SaaS.
Which cloud service model offers an environment for cloud consumers to develop and deploy applications without needing to manage or maintain the underlying cloud infrastructure? PaaS XaaS IaaS SaaS.
What does the Cloudlock Apps Firewall do to mitigate security concerns from an application perspective? It allows the administrator to quarantine malicious files so that the application can function, just not maliciously. It discovers and controls cloud apps that are connected to a company"™s corporate environment. It deletes any application that does not belong in the network. It sends the application information to an administrator to act on.
Which solution protects hybrid cloud deployment workloads with application visibility and segmentation? Nexus Stealthwatch Firepower Tetration.
In a PaaS model, which layer is the tenant responsible for maintaining and patching? hypervisor virtual machine network application.
On which part of the IT environment does DevSecOps focus? application development wireless network data center perimeter network.
What is the function of Cisco Cloudlock for data security? data loss prevention controls malicious cloud apps detects anomalies user and entity behavior analytics.
An administrator wants to ensure that all endpoints are compliant before users are allowed access on the corporate network. The endpoints must have the corporate antivirus application installed and be running the latest build of Windows 10. What must the administrator implement to ensure that all devices are compliant before they are allowed on the network? Cisco Identity Services Engine and AnyConnect Posture module Cisco Stealthwatch and Cisco Identity Services Engine integration Cisco ASA firewall with Dynamic Access Policies configured Cisco Identity Services Engine with PxGrid services enabled.
An engineer must force an endpoint to re-authenticate an already authenticated session without disrupting the endpoint to apply a new or updated policy from ISE. Which CoA type achieves this goal? Port Bounce CoA Terminate CoA Reauth CoA Session Query.
Which two probes are configured to gather attributes of connected endpoints using Cisco Identity Services Engine? (Choose two) RADIUS TACACS+ DHCP sFlow SMTP.
Which ID store requires that a shadow user be created on Cisco ISE for the admin login to work? RSA SecureID Internal Database Active Directory LDAP.
An engineer used a posture check on a Microsoft Windows endpoint and discovered that the MS17- 010 patch was not installed, which left the endpoint vulnerable to WannaCry ransomware. Which two solutions mitigate the risk of this ransomware infection? (Choose two) Configure a posture policy in Cisco Identity Services Engine to install the MS17-010 patch before allowing access on the network. Set up a profiling policy in Cisco Identity Service Engine to check and endpoint patch level before allowing access on the network. Configure a posture policy in Cisco Identity Services Engine to check that an endpoint patch level is met before allowing access on the network. Configure endpoint firewall policies to stop the exploit traffic from being allowed to run and replicate throughout the network. Set up a well-defined endpoint patching strategy to ensure that endpoints have critical vulnerabilities patched in a timely fashion.
Which feature of Cisco ASA allows VPN users to be postured against Cisco ISE without requiring an inline posture node? RADIUS Change of Authorization device tracking DHCP snooping VLAN hopping.
What two mechanisms are used to redirect users to a web portal to authenticate to ISE for guest services? (Choose two) multiple factor auth local web auth single sign-on central web auth TACACS+.
For which two conditions can an endpoint be checked using ISE posture assessment? (Choose two) Windows service computer identity user identity Windows firewall default browser.
Which compliance status is shown when a configured posture policy requirement is not met? compliant unknown authorized noncompliant.
Which benefit is provided by ensuring that an endpoint is compliant with a posture policy configured in Cisco ISE? It allows the endpoint to authenticate with 802.1x or MAB. It verifies that the endpoint has the latest Microsoft security patches installed. It adds endpoints to identity groups dynamically It allows CoA to be applied if the endpoint status is compliant.
Which IPS engine detects ARP spoofing? Atomic ARP Engine Service Generic Engine ARP Inspection Engine AIC Engine.
What is a characteristic of Dynamic ARP Inspection? DAI determines the validity of an ARP packet based on valid IP to MAC address bindings from the DHCP snooping binding database. In a typical network, make all ports as trusted except for the ports connecting to switches, which are untrusted DAI associates a trust state with each switch. DAI intercepts all ARP requests and responses on trusted ports only.
What is a characteristic of traffic storm control behavior? Traffic storm control drops all broadcast and multicast traffic if the combined traffic exceeds the level within the interval. Traffic storm control cannot determine if the packet is unicast or broadcast. Traffic storm control monitors incoming traffic levels over a 10-second traffic storm control interval. Traffic storm control uses the Individual/Group bit in the packet source address to determine if the packet is unicast or broadcast.
A malicious user gained network access by spoofing printer connections that were authorized using MAB on four different switch ports at the same time. What two catalyst switch security features will prevent further violations? (Choose two) DHCP Snooping 802.1AE MacSec Port security IP Device track Dynamic ARP inspection Private VLANs.
Report abuse