What is the target of a phishing attack?
perimeter firewall IPS web server endpoint.
An engineer is trying to decide whether to use Cisco Umbrella. Cisco CloudLock. Cisco Stealthwatch. or Cisco AppDynamics Cloud Monitoring for visibility into data transfers as well as protection against data exfiltration. Which solution best meets these requirements?
Cisco AppDynamics Cloud Monitoring Cisco CloudLock Cisco Stealthwatch Cisco Umbrella.
Which Cisco solution extends network visibility, threat detection, and analytics to public cloud environments?
Cisco Stealthwatch Cloud Cisco Umbrella Cisco AppDynamics Cisco CloudLock.
Which solution supports high availability in a routed or transparent mode as well as in northbound and southbound deployments?
Cisco FTD with Cisco ASDM Cisco Firepower NGFW Virtual appliance with Cisco FMC Cisco Firepower NGFW physical appliance with Cisco FMC Cisco FTD with Cisco FMC.
When choosing an algorithm to use. what should be considered about Diffie Heilman and RSA for key establishment?
RSA is a symmetric key establishment algorithm intended to output asymmetric keys. DH is an asymmetric key establishment algorithm intended to output symmetric keys. DH is a symmetric key establishment algorithm intended to output asymmetric keys. RSA is an asymmetric key establishment algorithm intended to output symmetric keys.
What provides total management for mobile and PC including managing inventory and device tracking, remote view, and live troubleshooting using the included native remote desktop support?
mobile access management mobile content management mobile application management mobile device management.
With regard to RFC 5176 compliance, how many IETF attributes are supported by the RADIUS CoA feature?
3 5 10 12.
Which two protocols must be configured to authenticate end users to the Cisco WSA? (Choose two.)
TACACS+ CHAP NTLMSSP RADIUS Kerberos .
Which feature must be configured before implementing NetFlow on a router? syslog IP routing VRF SNMPv3.
An engineer needs to detect and quarantine a file named abc123456789.zip based on the MD5 signature of the file using the Outbreak Control list feature within Cisco Advanced Malware Protection (AMP) for Endpoints. The configured detection method must work on files of unknown disposition. Which Outbreak Control list must be configured to provide this?
Simple Custom Detection Blocked Application Advanced Custom Detection Android Custom Detection.
Which Talos reputation center allows for tracking the reputation of IP addresses for email and web traffic?
IP Block List Center IP and Domain Reputation Center Cisco AMP Reputation Center File Reputation Center.
A switch with Dynamic ARP Inspection enabled has received a spoofed ARP response on a trusted interface. How does the switch behave in this situation?
It drops the packet after validation by using the IP & MAC Binding Table. It forwards the packet without validation. It forwards the packet after validation by using the IP & MAC Binding Table. It drops the packet without validation.
DRAG DROP
A network engineer is configuring NetFlow top talkers on a Cisco router. Drag and drop the steps in the process from the left into the sequence on the right.
Configure IP routing and enable Cisco Express Forwarding Configure the ip flow-top-talkers command specify the maximum number of top talkers Set the top-talkers sorting criterion Configure the ip flow command on an interface.
Refer to the exhibit. Which command results in these messages when attempting to troubleshoot an IPsec VPN connection?
debug crypto isakmp connection debug crypto ipsec debug crypto ipsec endpoint debug crypto isakmp.
Which technology provides a combination of endpoint protection, endpoint detection, and response?
Cisco Threat Grid Cisco Umbrella Cisco Talos Cisco AMP.
DRAG DROP
Drag and drop the concepts from the left onto the descriptions on the right.
profiling guest service BYOD Posture assessment.
Which industry standard is used to integrate Cisco ISE and Cisco pxGrid to each other and with other interoperable security platforms?
NIST ANSI IETF IEEE.
What is the functional difference between Cisco AMP for Endpoints and Cisco Umbrella Roaming Client?
AMP for Endpoints authenticates users and provides segmentation, and the Umbrella Roaming Client allows only for VPN connectivity. AMP for Endpoints stops and tracks malicious activity on hosts, and the Umbrella Roaming Client tracks only URL-based threats. The Umbrella Roaming Client authenticates users and provides segmentation, and AMP for Endpoints allows only for VPN connectivity. The Umbrella Roaming client stops and tracks malicious activity on hosts, and AMP for Endpoints tracks only URL-based threats.
Which Cisco ISE feature helps to detect missing patches and helps with remediation?
enabling probes profiling policy authentication policy posture assessment.
Which feature requires that network telemetry be enabled?
Layer 2 device discovery per-interface stats central syslog system SNMP trap notification.
What is provided by the Secure Hash Algorithm in a VPN?
authentication encryption integrity key exchange.
Refer to the exhibit. When configuring this access control rule in Cisco FMC, what happens with the traffic destined to the DMZ_inside zone once the configuration is deployed?
No traffic will be allowed through to the DMZ_inside zone regardless of if it’s trusted or not. All traffic from any zone will be allowed to the DMZ_inside zone only after inspection. All traffic from any zone to the DMZ_inside zone will be permitted with no further inspection. No traffic will be allowed through to the DMZ_inside zone unless it's already trusted.
A company identified a phishing vulnerability during a pentest. What are two ways the company can protect employees from the attack? (Choose two.)
using an inline IPS/IDS in the network using Cisco Umbrella using Cisco ESA using Cisco ISE using Cisco FTD.
What is the process in DevSecOps where all changes in the central code repository are merged and synchronized?
EP CD CI QA.
What is the function of Cisco AMP for Endpoints?
It protects against web-based attacks. It automates threat responses of an infected host. It detects DNS attacks. It blocks email-based attacks.
What does endpoint isolation in Cisco AMP for Endpoints security protect from?
an infection spreading across the LDAP or Active Directory domain from a user account a malware spreading across the user device an infection spreading across the network a malware spreading across the LDAP or Active Directory domain from a user account.
An engineer recently completed the system setup on a Cisco WSA. Which URL information does the system send to SensorBase Network servers?
complete URL, without obfuscating the path segments URL information collected from clients that connect to the Cisco WSA using Cisco AnyConnect none because SensorBase Network Participation is disabled by default summarized server-name information and MD5-hashed path information.
Which Cisco DNA Center RESTful PNP API adds and claims a device into a workflow?
api/v1/onboarding/workflow api/v1/onboarding/pnp-device/import api/v1/onboarding/pnp-device api/v1/file/config.
Which solution should be leveraged for secure access of a CI/CD pipeline?
Duo Network Gateway Cisco FTD network gateway SSL WebVPN remote access client.
What is the purpose of CA in a PKI?
to validate the authenticity of a digital certificate to issue and revoke digital certificates to certify the ownership of a public key by the named subject to create the private key for a digital certificate.
Which solution detects threats across a private network, public clouds, and encrypted traffic?
Cisco Encrypted Traffic Analytics Cisco Stealthwatch Cisco CTA Cisco Umbrella.
What is the benefit of using Cisco Tetration?
It collects policy compliance data and process details. It collects near-real time data from servers and inventories the software packages that exist on servers. It collects enforcement data from servers and collects interpacket variation. It collects telemetry data from servers and then uses software sensors to analyze flow information.
Which attack type attempts to shut down a machine or network so that users are not able to access it?
bluesnarfing MAC spoofing smurf IP spoofing.
Which Cisco solution integrates Encrypted Traffic Analytics to perform enhanced visibility, promote compliance, shorten response times, and provide administrators with the information needed to provide educated and automated decisions to secure the environment?
Cisco ISE Cisco SDN Cisco Security Compliance Solution Cisco DNA Center.
Which two components do southbound APIs use to communicate with downstream devices? (Choose two.)
OpFlex applications running over the network OpenFlow external application APIs services running over the network.
A network engineer has configured an NTP server on a Cisco ASA. The ASA has IP reachability to the NTP server and is not filtering any traffic. The show ntp association detail command indicates that the configured NTP server is unsynchronized and has a stratum of 16. What is the cause of this issue?
An access list entry for UDP port 123 on the outside interface is missing. Resynchronization of NTP is not forced. NTP is not configured to use a working server. An access list entry for UDP port 123 on the inside interface is missing.
Which API method and required attribute are used to add a device into Cisco DNA Center with the native API?
GET and serialNumber userSudiSerlalNos and deviceInfo POST and name lastSyncTime and pid.
What limits communication between applications or containers on the same node?
software-defined access container orchestration microservicing microsegmentation.
What is the purpose of the Cisco Endpoint IoC feature?
It is an incident response tool. It provides stealth threat prevention. It is a signature-based engine. It provides precompromise detection.
What is the benefit of flexible NetFlow records?
They have customized traffic identification. They are used for accounting. They are used for security. They monitor a packet from Layer 2 to Layer 5.
DRAG DROP
-
Drag and drop the Cisco CWS redirection options from the left onto the capabilities on the right.
Cisco AnyConnect client ISR with CWS connector NGFW with CWS connector WSAv with CWS connector .
Which cryptographic process provides origin confidentiality, integrity, and origin authentication for packets?
AH IKEv1 IKEv2 ESP.
What are two security benefits of an MDM deployment? (Choose two.)
distributed dashboard distributed software upgrade privacy control checks on-device content management robust security policy enforcement.
Which Cisco security solution stops exfiltration using HTTPS?
Cisco CTA Cisco FTD Cisco AnyConnect Cisco ASA.
Which solution is made from a collection of secure development practices and guidelines that developers must follow to build secure applications?
Radamsa Fuzzing Framework AFL OWASP.
An engineer is deploying Cisco Advanced Malware Protection (AMP) for Endpoints and wants to create a policy that prevents users from executing a file named abc123456789.exe without quarantining that file. What type of Outbreak Control list must the SHA-256 hash value for the file be added to in order to accomplish this?
Advanced Custom Detection Simple Custom Detection Isolation Blocked Application.
What is the purpose of a NetFlow version 9 template record?
It serves as a unique identification number to distinguish individual data records It defines the format of data records. It specifies the data format of NetFlow processes. It provides a standardized set of Information about an IP row.
An organization is using DNS services for their network and wants to help improve the security of the DNS infrastructure. Which action accomplishes this task?
Use DNSSEC between the endpoints and Cisco Umbrella DNS servers. Modify the Cisco Umbrella configuration to pass queries only to non-DNSSEC capable zones. Integrate Cisco Umbrella with Cisco CloudLock to ensure that DNSSEC is functional. Configure Cisco Umbrella and use DNSSEC for domain authentication to authoritative servers.
Which Cisco security solution provides patch management in the cloud?
Cisco Umbrella Cisco ISE Cisco CloudLock Cisco Tetration.
Which solution is more secure than the traditional use of a username and password and encompasses at least two of the methods of authentication?
RADIUS/LDAP authentication single-sign on Kerberos security solution multifactor authentication.
What are two characteristics of the RESTful architecture used within Cisco DNA Center? (Choose two)
REST uses methods such as GET, PUT, POST, and DELETE. REST codes can be compiled with any programming language. REST is a Linux platform-based architecture. The POST action replaces existing data at the URL path. REST uses HTTP to send a request to a web service.
|
