Ricman 541–576

241. What is a benefit of multifactor authentication?. A. enables multiple ways to authenticate. B. enables the use of single sign-on. C.reduces the risk of a data breach. D.reduces the need to change passwords.

542. Which Cisco Secure Endpoint for Email Security capability protects users from phishing attacks?. A. automatic training based on user behavior. B. discovery of threats concealed in attachments. C.encryption of email messages. D.use of data loss prevention rules.

543. Which DevSecOps implementation process gives a weekly or daily update instead of monthly or quarterly in the applications?. A. container. B. orchestration. C.security. D.CI/CD pipeline.

544. An engineer is implementing Cisco CES in an existing Microsoft Office 365 environment and must route inbound email to Cisco CES addresses. Which DNS record must be modified to accomplish this task?. A. DKIM. B.SPF. C.CNAME. D.MX.

545. An engineer wants to generate NetFlow records on traffic traversing the Cisco ASA Which Cisco ASA command must be used?. A. flow exporter <name>. B. ip flow monitor <name> input. C.ip flow-export destination 1.1.1.1 2055. D.flow-export destination inside 1.1.1.1 2055.

546. Which Cisco platform processes behavior baselines, monitors for deviations, and reviews for malicious processes in data center traffic and servers while performing software vulnerability detection?. A. Cisco Secure Workload. B. Cisco ISE9. C.Cisco AMP for Network. D.Cisco Secure Client.

547. Which Cisco security solution secures public, private, hybrid, and community clouds?. A. Cisco ISE. B. Cisco pxGrid. C.Cisco ASAv. D.Cisco Cloudlock.

548. An engineer is configuring Cisco Secure Endpoint to enhance security by preventing the execution of certain files by users. The engineer needs to ensure that the specific executable is blocked from running while never being quarantined. What must the engineer configure to meet the requirement?. A. Implement simple custom detection list. B.Configure application control blocked applications list. C.Enable scheduled scans to detect and block the executable files. D.Create advanced custom detection list.

549. What is an attribute of Structured Threat Information eXpression?. A. shows the trajectory of a malicious file. B. excludes traffic without inspection. C.describes cyber threat information. D.proactively identifies threats.

250. A network engineer must configure switches to support TACACS+ to manage multiple switches from a single management service. Drag and drop the code snippets from the bottom onto the boxes in the Cisco IOS CLI command to configure the switches to support TACACS+. Not all options are used. new-model. exit. aaa new-model. configure #. end. configure.

551. Refer to the exhibit. A network engineer must retrieve the interface configuration on a Cisco router by using the NETCONF API. The engineer uses a python script to automate the activity. Which code snippet completes the script?. A. Content-Type: applications/json/vnd.yang.data. B.Content-Type: application/vnd.yang.data+json. C.Content-Type: application/vnd.yang.data. D.Content-Type: application/vnd.yang.data+api.

552. Refer to the exhibit. An engineer must configure a port on a Cisco Layer 3 switch to use 802.1X authentication as a fallback method if a client fails to support web authentication. The RADUIS server is already configured. Which additional configuration is required?. A. authentication order webauth dot1x. B. authentication order dot1x webauth. C.authentication order mab webauth dot1x. D.authentication fallback dot1x webauth.

553. Refer to the exhibit. A network engineer must configure a Cisco router to send traps using SNMPv3. The engineer configures a remote user to receive traps and sets the security level to use authentication without privacy. Which command completes the configuration?. A. snmp-server host 10.12.8.4 informs version 3 noauthno remoteuser config. B.snmp-server user TrapUser group2 remote 10.12.8.4 v3 auth md5 password1. C.snmp-server user TrapUser group2 remote 10.12.8.4 v3 auth md5 password1 priv access des56. D.snmp-server host 10.12.8.4 informs version 3 noauthnoPriv remoteuser config.

554. A security officer must configure Cisco Secure Endpoint to allow Windows devices in quarantine to communicate with specific hosts to perform software updates. What must be configured by security officer in Secure Endpoint?. A. IP Allowed list. B. Allowed Applications list. C.Advanced Custom Detections list. D.IP Isolation Allowed list.

555. Which Cisco Secure Firewall Threat Defense 4100 Series deployment model and instance is used to deploy Cisco ASA software to a Cisco Secure Firewall Threat Defense appliance?. A. container. B. routed. C.multiple. D.integrated.

556. Drag and drop the features of Cisco ASA with Cisco Firepower from the left onto the benefits on the right. Full Context Awareness. NGIPS. AMP. Collective Security Intelligence.

557. Drag and drop the NetFlow export formats from the left onto the descriptions on the right. Version 1. Version 5. Version 8. Version 9.

558. An engineer must configure AsyncOS for Cisco Secure Web Appliance to push log files to a syslog server using the SCP retrieval method. Drag and drop the steps from the left into the sequence on the right to complete the configuration. Commit changes. Add the SSH public host key of the remote server. Set SCP as the desired log subscription. Add keys to the remote system.

559. Drag and drop the security responsibilities from the left onto the corresponding cloud service models on the right. customer responsible for operating system patching. customer responsible for application patching. provider responsible for operating system patching. provider responsible for application patching.

560. Drag and drop the concepts from the left onto the correct descriptions on the right. guest services. profiling. posture assessment. BYOD.

561. Drag and drop the solutions from the left onto the solution's benefits on the right. Cisco Stealthwatch. Cisco ISE. Cisco TrustSec. Cisco Umbrella.

562. Drag and drop the descriptions from the left onto the encryption algorithms on the right. requires more time. Diffie-Hellman exchange. requires secret keys. 3DES.

563. Drag and drop the VPN functions from the left onto the descriptions on the right. RSA. AES. SHA-1. ISAKMP.

564. Drag and drop the steps from the left into the correct order on the right to enable Cisco AppDynamics to monitor anEC2 instance in AWS. Install monitoring extension for AWS EC2. Restart the Machine Agent. Update config.yaml. Configure a Machine Agent or SIM Agent.

565. Drag and drop the code snippets from the bottom onto the boxes in the Python script to configure the IP address of an interface on a Cisco IOS router by using the RESTCONF API. Not all options are used. response = request.request("__________",. url, auth=(__________),. ___________ , headers=headers, verify=False).

566. An engineer must enable Outbreak Filters globally on an AsyncOS for Cisco Secure Email Gateway to protect the network from large-scale malware attacks. Drag and drop the steps from the left into the sequence on the right to complete the configuration. Click Edit Global Settings. Submit and commit your changes. Click Security Services, and then click Outbreak Filters. Enable Outbreak Filters globally.

567. Drag and drop the Secure Firewall IPS detectors from the left onto the correct definitions on the right. PortScanDetection. Port Sweep. Decoy PortScan. Distributed PortScan.

568. Drag and drop the threats from the left onto examples of that threat on the right. DoS/DDoS. Insecure APIs. data breach. compromised credentials.

569. Drag and drop the Cisco Secure Email Gateway benefits from the left to the corresponding deployment options on the right. highest levels of data protection. highest levels of service availability. lowers the cost of deploying in highly distributed networks. respond instantly to increasing traffic growth.

570. Drag and drop the firewall capabilities from the left onto the corresponding firewall deployment modes on the right. The firewall does not provide a way to filter packets that traverse from one host to another in the same LAN segment. The firewall requires a new network segment to be created when they are inserted into a etwork. The device acts as a secured bridge that switches traffic from one interface to another. The firewall can optionally inspect Layer 2 traffic and filter unwanted traffic.

571. Drag and drop the cloud security assessment components from the left onto the definitions on the right. user entity behavior assessment. cloud data protection assessment. cloud security strategy workshop. cloud security architecture assessment.

572. An engineer must modify the Global Access Policy on a Cisco Secure Web Appliance. Blocked URLs must now be set to Monitor instead of Block. Drag and drop the steps from the left into the sequence on the right to complete the configuration. Click Global Policy, anel then click URL Filtering. Select the custom categories. Click Web Security Manager, and then click Access Policies. Place a checkmark in the box for Monitor > Submit > Commit. Click the Blocked URLs drop-down menu, choose Include in policy, and then click Apply.

573. A company named ABC recently deployed Cisco Umbrella to secure the cloud presence. To reduce operational costs, the company must sign in to a Cisco-managed S3 bucket. The S3 bucket location must be US East, and the retention duration must be 14 days. Drag and drop the steps from the left into the sequence on the right to complete the configuration. Select Use Cisco-managed Amazon S3 bucket. Click Save, and then click Continue. Open Admin, and then open Log Management. Set Select a Region to US East and set Select a Retention Duration to 14 days.

574. Drag and drop the security solutions from the left onto the benefits they provide on the right. Full contextual awareness. NGIPS. Cisco AMP for Endpoints. Collective Security Intelligence.

575. A company based in Europe named ABC recently deployed Cisco Umbrella to secure its cloud presence. Currentlv. the companv's event data logs are stored in North America. Due to data residency requirements, all data must be stored in Europe and an engineer must implement the requirement. Drag and drop the steps from the left into the sequence on the right to complete the configuration. Open Data Storage, and then open Change Location. Click Confirm, and then click Change. Open Admin, and then open Log Management. Click Europe, and then click Next.

576. Drag and drop the capabilities of Cisco Firepower versus Cisco AMP from the left into the appropriate category on the right. provides superior threat prevention and mitigation for known and unknown threats. provides the ability to perform network discovery. provides intrusion prevention before malware comprises the host. provides detection, blocking, tracking, analysis and remediation to protect against targeted persistent malware attacks. provides outbreak control through custom detections. provides the root cause of a threat based on the indicators of compromise seen.