|What are two functionalities of SDN Northbound APIs? (Choose two.) OpenFlow is a standardized northbound API protocol Northbound APIs form the interface between the SDN controller and business applications Northbound APIs provide a programmable interface for applications to dynamically configure the network Northbound APIs form the interface between the SDN controller and the network switches or routers Northbound APIs use the NETCONF protocol to communicate with applications.
What is the result of the:
ACME-Router(config)#login block-for 100 attempts 4 within 60
command on a Cisco IOS router?
If four failures occur in 60 seconds, the router goes to quiet mode for 100 seconds After four unsuccessful login attempts the line is blocked for 100 seconds and only permit IP addresses are permitted in ACL 60 After four unsuccessful login attempts the line is blocked for 60 seconds and only permit IP addresses are permitted in ACL 100 If four login attempts fail in 100 seconds, wait for 60 seconds to next login prompt.
What is the benefit of using a multifactor authentication strategy? It provides an easy, single sign-on experience against multiple applications It provides secure remote access for applications It protects data by enabling the use of a second validation of identity It provides visibility into devices to establish device trust.
Which endpoint solution protects a user from a phishing attack? Cisco AnyConnect with Network Access Manager module Cisco AnyConnect with Umbrella Roaming Security module Cisco Identity Services Engine Cisco AnyConnect with ISE Posture module.
Which role is a default guest type in Cisco ISE? Contractor Monthly Full-Time Yearly.
An engineer is trying to decide between using L2TP or GRE over IPsec for their site-to-site VPN implementation. What must be understood before choosing a solution?
L2TP is an IP packet encapsulation protocol, and GRE over IPsec is a tunneling protocol GRE over IPsec cannot be used as a standalone protocol, and L2TP can L2TP uses TCP port 47 and GRE over IPsec uses UDP port 1701 GRE over IPsec adds its own header, and L2TP does not.
An administrator enables Cisco Threat Intelligence Director on a Cisco FMC. Which process uses STIX and allows uploads and downloads of block lists?
editing sharing authoring consumption.
Why is it important to have a patching strategy for endpoints? so that patching strategies can assist with disabling nonsecure protocols in applications so that known vulnerabilities are targeted and having a regular patch cycle reduces risks so that functionality is increased on a faster scale when it is used to take advantage of new features released with patches.
Which two methods must be used to add switches into the fabric so that administrators can control how switches are added into DCNM for private cloud management? (Choose two.)
Cisco Prime Infrastructure CDP AutoDiscovery Seed IP PowerOn Auto Provisioning Cisco Cloud Director.
Refer to the exhibit. All servers are in the same VLAN/Subnet DNS Server-1 and DNS Server-2 must communicate with each other and all servers must communicate with the default gateway multilayer switch. Which type of private VLAN ports should be configured to prevent communication between DNS servers and the file server?
Configure GigabitEthernet0/1 as community port, GigabitEthernet0/2 as promiscuous port, GigabitEthernet0/3 and GigabrtEthernet0/4 as isolated ports Configure GigabitEthernet0/1 as community port, GigabitEthernet0/2 as isolated port, and GigabitEthernet0/3 and GigabitEthernet0/4 as promiscuous ports Configure GigabitEthernet0/1 as promiscuous port, GigabitEthernet0/2 as community port, and GigabitEthernet0/3 and GigabitEthernet0/4 as isolated ports Configure GigabitEthernet0/1 as promiscuous port, GigabitEthernet0/2 as isolated port, and GigabitEthernet0/3 and GigabitEthernet0/4 as community ports.
Refer to the exhibit. Which configuration item makes it possible to have the AAA session on the network? aaa authentication enable default enable aaa authorization network default group ise aaa authentication login console ise aaa authorization exec default ise.
Which method of attack is used by a hacker to send malicious code through a web application to an unsuspecting user to request that the victim's web browser executes the code?
cross-site scripting browser WGET buffer overflow SQL injection.
Which two solutions help combat social engineering and phishing at the endpoint level? (Choose two.) Cisco ISE Cisco Duo Security Cisco DNA Center Cisco Umbrella Cisco TrustSec.
An engineer is implementing Cisco CES in an existing Microsoft Office 365 environment and must route inbound email to Cisco CES addresses. Which DNS record must be modified to accomplish this task?
CNAME DKIM MX SPF.
A large organization wants to deploy a security appliance in the public cloud to form a site-to-site VPN and link the public cloud environment to the private cloud in the headquarters data center. Which Cisco security appliance meets these requirements? Cisco Stealthwatch Cloud Cisco WSAv Cisco Cloud Orchestrator Cisco ASAv.
Refer to the exhibit. What are two indications of the Cisco Firepower Services Module configuration? (Choose two.) The module is operating in IDS mode. Traffic is blocked if the module fails. The module fails to receive redirected traffic. The module is operating in IPS mode. Traffic continues to flow if the module fails.
Which two parameters are used to prevent a data breach in the cloud? (Choose two.) DLP solutions complex cloud-based web proxies strong user authentication antispoofing programs encryption.
What is the concept of continuous integration/continuous delivery pipelining? The project code is centrally maintained, and each code change should trigger an automated build and test sequence. The project is split into time-limited cycles, and focuses on pair programming for continuous code review. The project is split into several phases where one phase cannot start before the previous phase finishes successfully. Each project phase is independent from other phases to maintain adaptiveness and continual improvement.
Which security solution uses NetFlow to provide visibility across the network, data center, branch offices, and cloud? Cisco Stealthwatch Cisco Encrypted Traffic Analytics Cisco Umbrella Cisco CTA.
Which two functions does the Cisco Advanced Phishing Protection solution perform in trying to protect from phishing attacks? (Choose two.) uses a static algorithm to determine malicious determines if the email messages are malicious provides a defense for on-premises email deployments blocks malicious websites and adds them to a block list does a real-time user web browsing behavior analysis.
Which technology provides the benefit of Layer 3 through Layer 7 innovative deep packet inspection, enabling the platform to identify and output various applications within the network traffic flows? Cisco ASAv Account on Resolution Cisco NBAR2 Cisco Prime Infrastructure.
Which Cisco DNA Center Intent API action is used to retrieve the number of devices known to a DNA Center? GET https://fqdnOrlPofDnaCenterPlatform/dna/intent/api/v1/network-device/count GET https://fqdnOrlPofDnaCenterPlatform/dna/intent/api/v1/network-device?parameter1=value¶meter2=vale&... GET https://fqdnOrlPofDnaCenterPlatform/dna/intent/api/v1/network-device/startIndex/recordsToReturn GET https://fqdnOrlPofDnaCenterPlatform/dna/intent/api/v1/network-device.
Which function is performed by certificate authorities but is a limitation of registration authorities? CRL publishing certificate re-enrollment verifying user identity accepts enrollment requests.
A hacker initiated a social engineering attack and stole username and passwords of some users within a company. Which product should be used as a solution to this problem? Cisco Duo Cisco NGFW Cisco AnyConnect Cisco AMP for Endpoints.
An organization must add new firewalls to its infrastructure and wants to use Cisco ASA or Cisco FTD. The chosen firewalls must provide methods of blocking traffic that include offering the user the option to bypass the block for certain sites after displaying a warning page and to reset the connection. Which solution should the organization choose? Cisco FTD because it enables interactive blocking and blocking with reset natively, whereas Cisco ASA does not. Cisco ASA because it has an additional module that can be installed to provide multiple blocking capabilities, whereas Cisco FTD does not. Cisco ASA because it allows for interactive blocking and blocking with reset to be configured via the GUI, whereas FTD does not. Cisco FTD because it supports system rate level traffic blocking, whereas Cisco ASA does not.
An email administrator is setting up a new Cisco ESA. The administrator wants to enable the blocking of greymail for the end user. Which feature must the administrator enable first? Intelligent Multi-Scan Anti-Virus Filtering IP Reputation Filtering File Analysis.
Why is it important for the organization to have an endpoint patching strategy? so the organization can identify endpoint vulnerabilities so the internal PSIRT organization is aware of the latest bugs so the network administrator is notified when an existing bug is encountered so the latest security fixes are installed on the endpoints.
Which technology enables integration between Cisco ISE and other platforms to gather and share network and vulnerability data and SIEM and location information? Cisco Talos SNMP pxGrid NetFlow.
An administrator needs to configure the Cisco ASA via ASDM such that the network management system can actively monitor the host using SNMPv3. Which two tasks must be performed for this configuration? (Choose two.) Add an SNMP USM entry. Specify an SNMP user group. Add an SNMP host access entry. Specify the SNMP manager and UDP port. Specify a community string.
How does a WCCP-configured router identify if the Cisco WSA is functional? If an ICMP ping fails three consecutive times between a router and the WSA, traffic is no longer transmitted to the router. If an ICMP ping fails three consecutive times between a router and the WSA, traffic is no longer transmitted to the WSA. The WSA sends a Here-I-Am message every 10 seconds, and the router acknowledges with an I-See-You message. The router sends a Here-I-Am message every 10 seconds, and the WSA acknowledges with an I-See-You message.
What is the recommendation in a zero-trust model before granting access to corporate applications and resources? to disconnect from the network when inactive to use multifactor authentication to use a wired network, not wireless to use strong passwords.
Which open source tool does Cisco use to create graphical visualizations of network telemetry on Cisco IOS XE devices? InfluxDB SNMP Grafana Splunk.
Which CLI command is used to enable URL filtering support for shortened URLs on the Cisco ESA? websecurityadvancedconfig webadvancedconfig websecurityconfig outbreakconfig.
What is a feature of NetFlow Secure Event Logging? It exports only records that indicate significant events in a flow. It supports v5 and v8 templates. It delivers data records to NSEL collectors through NetFlow over TCP only. It filters NSEL events based on the traffic and event type through RSVP.
A network engineer entered the snmp-server user asmith myv7 auth sha cisco priv aes 256 cisc0123456789 command and needs to send SNMP information to a host at 10.255.255.1. Which command achieves this goal? snmp-server host inside 10.255.255.1 version 3 myv7 snmp-server host inside 10.255.255.1 snmpv3 myv7 snmp-server host inside 10.255.255.1 version 3 asmith snmp-server host inside 10.255.255.1 snmpv3 asmith.
Which standard is used to automate exchanging cyber threat information? MITRE TAXII IoC STIX.
Which endpoint protection and detection feature performs correlation of telemetry, files, and intrusion events that are flagged as possible active breaches? elastic search file trajectory indication of compromise retrospective detection.
When network telemetry is implemented, what is important to be enabled across all network infrastructure devices to correlate different sources? CDP syslog NTP DNS.
Which Cisco ASA deployment model is used to filter traffic between hosts in the same IP subnet using higher-level protocols without readdressing the network? multiple context mode single context mode routed mode transparent mode.
Which RADIUS feature provides a mechanism to change the AAA attributes of a session after it is authenticated? Accounting Authorization Authentication CoA.
When NetFlow is applied to an interface, which component creates the flow monitor cache that is used to collect traffic based on the key and nonkey fields in the configured record? flow exporter records flow sampler flow monitor.
Which encryption algorithm provides highly secure VPN communications? AES 256 AES 128 3DES DES.
What is the term for when an endpoint is associated to a provisioning WLAN that is shared with guest access, and the same guest portal is used as the BYOD portal? single-SSID BYOD dual-SSID BYOD streamlined access multichannel GUI.
DRAG DROP -
Drag and drop the exploits from the left onto the type of security vulnerability on the right.
Select and Place:
causes memory access errors makes the client the target of attack gives unauthorized access to web server files access or modifies application data.
What is the function of the crypto isakmp key cisc123456789 address 192.168.50.1 255.255.255.255 command when establishing an IPsec VPN tunnel? It configures the pre-shared authentication key for host 192.168.50.1. It prevents 192.168.50.1 from connecting to the VPN server. It configures the local address for the VPN server 192.168.50.1. It defines the data destined to 192.168.50.1 is going to be encrypted.
Which Cisco ASA Platform mode disables the threat detection features except for Advanced Threat Statistics? cluster multiple context routed transparent.
An engineer is configuring web filtering for a network using Cisco Umbrella Secure Internet Gateway. The requirement is that all traffic needs to be filtered. Using the SSL decryption feature, which type of certificate should be presented to the end-user to accomplish this goal? SubCA organization owned root self-signed third-party.
Which solution stops unauthorized access to the system if a user's password is compromised? MFA AMP VPN SS;.
An engineer needs to configure an access control policy rule to always send traffic for inspection without using the default action. Which action should be configured for this rule? monitor trust allow block.
Which benefit does DMVPN provide over GETVPN? DMVPN can be used over the public Internet, and GETVPN requires a private network. DMVPN is a tunnel-less VPN, and GETVPN is tunnel-based. DMVPN supports non-IP protocols, and GETVPN supports only IP protocols. DMVPN supports QoS, multicast, and routing, and GETVPN supports only QoS.