|Which functions of an SDN architecture require southbound APIs to enable communication? SDN controller and the network elements management console and the SDN controller management console and the cloud SDN controller and the cloud.
The main function of northbound APIs in the SDN architecture is to enable communication between which two areas of a network? SDN controller and the cloud management console and the SDN controller management console and the cloud SDN controller and the management solution.
What is a feature of the open platform capabilities of Cisco DNA Center? application adapters domain integration intent-based APIs automation adapters.
Refer to the exhibit. What does the API do when connected to a Cisco security appliance? create an SNMP pull mechanism for managing AMP gather network telemetry information from AMP for endpoints get the process and PID information from the computers in the network gather the network interface information about the computers AMP sees.
Which form of attack is launched using botnets? TCP flood DDoS DoS virus.
In which form of attack is alternate encoding, such as hexadecimal representation, most often observed? smurf distributed denial of service cross-site scripting rootkit exploit.
Which flaw does an attacker leverage when exploiting SQL injection vulnerabilities? user input validation in a web page or web application Linux and Windows operating systems database web page images.
What is the difference between deceptive phishing and spear phishing? Deceptive phishing is an attacked aimed at a specific user in the organization who holds a C-level role. A spear phishing campaign is aimed at a specific person versus a group of people. Spear phishing is when the attack is aimed at the C-level executives of an organization. Deceptive phishing hijacks and manipulates the DNS server of the victim and redirects the user to a false webpage.
Which attack is commonly associated with C and C++ programming languages? cross-site scripting water holing DDoS buffer overflow.
Which two request methods of REST API are valid on the Cisco ASA Platform? (Choose two.) put options get push connect.
Which two behavioral patterns characterize a ping of death attack? (Choose two.) The attack is fragmented into groups of 16 octets before transmission. The attack is fragmented into groups of 8 octets before transmission. Short synchronized bursts of traffic are used to disrupt TCP connections. Malformed packets are used to crash systems. Publicly accessible DNS servers are typically used to execute the attack.
How is DNS tunneling used to exfiltrate data out of a corporate network? It leverages the DNS server by permitting recursive lookups to spread the attack to other DNS servers It encodes the payload with random characters that are broken into short strings and the DNS server rebuilds the exfiltrated It redirects DNS requests to a malicious server used to steal user credentials, which allows further damage and theft on the network It corrupts DNS servers by replacing the actual IP address with a rogue address to collect information or start other attacks.
Which type of attack is social engineering? trojan MITM phishing malware.
In which type of attack does the attacker insert their machine between two hosts that are communicating with each other? man-in-the-middle LDAP injection insecure API cross-site scripting.
How does Cisco Advanced Phishing Protection protect users? It utilizes sensors that send messages securely. It uses machine learning and real-time behavior analytics. It validates the sender by using DKIM. It determines which identities are perceived by the sender.
How does DNS Tunneling exfiltrate data? An attacker registers a domain that a client connects to based on DNS records and sends malware through that connection. An attacker opens a reverse DNS shell to get into the client's system and install malware on it. An attacker sends an email to the target with hidden DNS resolvers in it to redirect them to a malicious domain. An attacker uses a non-standard DNS port to gain access to the organization's DNS servers in order to poison the resolutions.
An attacker needs to perform reconnaissance on a target system to help gain access to it. The system has weak passwords, no encryption on the VPN links, and software bugs in the system's applications. Which vulnerability allows the attacker to see the passwords being transmitted in clear text? unencrypted links for traffic weak passwords for authentication improper file security software bugs on applications.
A user has a device in the network that is receiving too many connection requests from multiple machines. Which type of attack is the device
undergoing? SYN flood slowloris phishing pharming.
Which threat involves software being used to gain unauthorized access to a computer system? ping of death HTTP flood NTP amplification virus.
Which algorithm provides encryption and authentication for data plane communication? AES-GCM SHA-96 AES-256 SHA-384.
Which two mechanisms are used to control phishing attacks? (Choose two.) Enable browser alerts for fraudulent websites. Define security group memberships. Revoke expired CRL of the websites. Use antispyware software. Implement email filtering techniques.
Which two prevention techniques are used to mitigate SQL injection attacks? (Choose two.) Check integer, float, or Boolean string parameters to ensure accurate values. Use prepared statements and parameterized queries. Secure the connection between the web and the app tier. Write SQL code instead of using object-relational mapping libraries. Block SQL code execution in the web application database login.
Which two kinds of attacks are prevented by multifactor authentication? (Choose two.) phishing brute force man-in-the-middle DDoS tear drop.
What are two rootkit types? (Choose two.) registry buffer mode user mode bootloader virtual.
What are two DDoS attack categories? (Choose two.) protocol source-based database sequential volume-based.
Which two preventive measures are used to control cross-site scripting? (Choose two.) Enable client-side scripts on a per-domain basis. Incorporate contextual output encoding/escaping. Disable cookie inspection in the HTML inspection engine. Run untrusted HTML input through an HTML sanitization engine. SameSite cookie attribute should not be used.
What is a language format designed to exchange threat intelligence that can be transported over the TAXII protocol? STIX XMPP pxGrid SMTP.
Which VPN technology can support a multivendor environment and secure traffic between sites? SSL VPN GET VPN FlexVPN DMVPN.
Which technology must be used to implement secure VPN connectivity among company branches over a private IP cloud with any-to-any scalable connectivity? DMVPN FlexVPN IPsec DVTI GET VPN.
What is the commonality between DMVPN and FlexVPN technologies? FlexVPN and DMVPN use the new key management protocol, IKEv2 FlexVPN and DMVPN use IS-IS routing protocol to communicate with spokes IOS routers run the same NHRP code for DMVPN and FlexVPN FlexVPN and DMVPN use the same hashing algorithms.
Which protocol provides the strongest throughput performance when using Cisco AnyConnect VPN? DTLSv1 TLSv1 TLSv1.1 TLSv1.2.
Which two capabilities does TAXII support? (Choose two.) exchange pull messaging binding correlation mitigating.
Which two conditions are prerequisites for stateful failover for IPsec? (Choose two.) Only the IKE configuration that is set up on the active device must be duplicated on the standby device; the IPsec configuration is copied
automatically. The active and standby devices can run different versions of the Cisco IOS software but must be the same type of device. The IPsec configuration that is set up on the active device must be duplicated on the standby device. Only the IPsec configuration that is set up on the active device must be duplicated on the standby device; the IKE configuration is copied
automatically. The active and standby devices must run the same version of the Cisco IOS software and must be the same type of device.
Drag and drop the capabilities from the left onto the correct technologies on the right. detection, blocking, tracking analysis, and remediation to protect against targated persistent malware attack superior threat prevention and mitigation for known and unknown threats application-layer control and ability to enforce usage and tailor detection policies based on custom applications and URLs combined integrated solution of strong defense and web protection, visibility, and controlling solutions.
Which two key and block sizes are valid for AES? (Choose two.) 64-bit block size, 112-bit key length 64-bit block size, 168-bit key length 128-bit block size, 192-bit key length 128-bit block size, 256-bit key length 192-bit block size, 256-bit key length.
Which two descriptions of AES encryption are true? (Choose two.) AES is less secure than 3DES. AES is more secure than 3DES. AES can use a 168-bit key for encryption. AES can use a 256-bit key for encryption. AES encrypts and decrypts a key three times in sequence.
Drag and drop the descriptions from the left onto the correct protocol versions on the right. standard includes NAT-T uses six packets in main mode to establish phase 1 and phase 2 use four packets to establish phase 1 and phase 2 uses three packets in aggressive mode to establish pahse 1 uses EAP for authenticating remote access clients.
Which group within Cisco writes and publishes a weekly newsletter to help cybersecurity professionals remain aware of the ongoing and most
prevalent threats? Talos PSIRT SCIRT DEVNET.
When Cisco and other industry organizations publish and inform users of known security findings and vulnerabilities, which name is used? Common Vulnerabilities, Exploits and Threats Common Vulnerabilities and Exposures Common Exploits and Vulnerabilities Common Security Exploits.
Which two features of Cisco DNA Center are used in a Software Defined Network solution? (Choose two.) accounting assurance automation authentication encryption.
What provides the ability to program and monitor networks from somewhere other than the DNAC GUI? ASDM NetFlow API desktop client.
What is a function of 3DES in reference to cryptography? It encrypts traffic. It creates one-time use passwords. It hashes files. It generates private keys.
Which two activities can be done using Cisco DNA Center? (Choose two.) DHCP design accounting DNS provision.
Which PKI enrollment method allows the user to separate authentication and enrollment actions and also provides an option to specify
HTTP/TFTP commands to perform file retrieval from the server? terminal selfsigned URL profile.
Which type of API is being used when a security application notifies a controller within a software-defined network architecture about a specific security threat? southbound API westbound API eastbound API northbound API.
An organization has two machines hosting web applications. Machine 1 is vulnerable to SQL injection while machine 2 is vulnerable to buffer
overflows. What action would allow the attacker to gain access to machine 1 but not machine 2? sniffing the packets between the two hosts sending continuous pings overflowing the buffer's memory inserting malicious commands into the database.
What is the function of SDN southbound API protocols? to allow for the static configuration of control plane applications to enable the controller to use REST to enable the controller to make changes to allow for the dynamic configuration of control plane applications.
Drag and drop the threats from the left onto examples of that threat on the right. DoS/DDoS insecure APIs data breach compromised credentials.
What is the difference between Cross-site Scripting and SQL Injection attacks? Cross-site Scripting is when executives in a corporation are attacked, whereas SQL Injection is when a database is manipulated. Cross-site Scripting is an attack where code is executed from the server side, whereas SQL Injection is an attack where code is executed from the client side. Cross-site Scripting is a brute force attack targeting remote sites, whereas SQL Injection is a social engineering attack. Cross-site Scripting is an attack where code is injected into a database, whereas SQL Injection is an attack where code is injected into a browser.
Drag and drop the common security threats from the left onto the definitions on the right. phishing botnet spam worm.