Venezuela_2.0

What does endpoint isolation in Cisco Secure Endpoint security protect from?. an infection spreading across the network. an infection spreading across the LDAP or active Directory domain from a user account. a malware spreading across the user device. a malware spreading across the LDAP or Active Directory domain from a user account.

What are two differences between a cisco WSA that is running in transparent mode and one running in explicit mode?. The Cisco WSA responds with its own IP address only if it running in explicit mode. The Cisco WSA responds with its own IP address only if it is running in transparent mode. The Cisco WSA uses a Layer 3 device to redirect traffic only if it is running in transparent mode. When the Cisco WSA is running in transparent mode, it uses the WSA's own IP address as the HTTP request destination. The Cisco WSA is configured in a web browser only if it is running in transparent mode.

A network engineer must configure an access control policy on top of an existing Cisco Secure Firewall Threat Defense access control policy. The policy contain IP addresses and port values with no need for deeper inspection. Which type of policy must be created?. Identity. prefilter. SSL. access control.

What is the purpose of the Decrypt for Application Detection feature within the WSA Decryption options?. It provides enhanced HTTPS application detection for AsyncOS. It alerts users when the WSA decrypts their traffic. It decrypts HTTPS application traffic for authenticated users. It decrypts HTTPS application traffic for unauthenticated users.

Email security has become a high-priority task a security engineer a large multi-national organization due to ongoing phishing campaigns. To help control this, the engineer has deployed an Incoming Content filter with a URL reputation of (-10.00 to -6.00) on the Cisco ESA. Which action will the system perform to disable any links in messages that match the filter?. Quarantine. ScreenAction. Defang. FilterAction.

A web hosting company must upgrade its older, unsupported on-premises servers. The company wants a cloud solution in which the cloud provider is responsible for: 1- Server patching 2-Application Maintenance 3-Data center security 4-Disaster recovery Which type of cloud meets the requirements?. IaaS. hybrid. SaaS. PaaS.

An organization has a Cisco ESA set up with DLP policies and would like to customize the action assigned for violations. The organization wants a copy of the message to be delivered with a message added to flag it as a DLP violation. Which actions must be performed in order to provide this capability?. deliver and add disclaimer text. deliver and send copies to other recipients. quarantine and after the subject header with a DLP violation. quarantine and send a DLP violation notification.

An engineer recently completed the system setup on a Cisco WSA. Which URL information does the system send to Sensor Base network servers?. none because SensorBase Network Participation is disabled by default. complete URL, without obfuscating the path segments. URL information collected from clients that connect to the Cisco WSA using Cisco AnyConnnect. summarized server-name information and MD5-hashed path information.

Which function is performed by certificate authorities but is a limitation of registration authorities?. accepts enrollment request. verifying user identity. certificate re-enrollment. CRL publishing.

Which attack is commonly associated with C and C++ programing languages?. buffer overflow. water holing. DDoS. cross site scripting.

after a security incident, an engineer proposed a solution to secure management traffic better. The engineer must ensure that remote access is maintained in case the internet fails. Which action must taken?. Modify the existing ACL. Change the local accounts to AAA. Configure IpSec VPN. Add out-of-band access.

Which Cisco firewall solution requires zone definition?. Cisco ASA. CBAC. Cisco AMP. ZBFW.

Which solution should be leveraged for secure access of a CI/CD pipeline?. Remote access client. Cisco FTD network gateway. DUO network gateway. SSL web VPN.

A company named Org.Co is upgrading it's infrastructure and wants to migrate from a legacy firewall appliance to a cloud security service that will provide 1-Threat Intelligence 2-Real-time Malware blocking 3- Protection against malicious domains 4- SSL visibility Which security solution should be used?. Cisco Cloudlock. Cisco secure cloud analytics. Cisco Secure firewall threat defense. Cisco Umbrella.

Which Cisco platform onboards the endpoint and can issue a CA signed certificate while also automatically configuring endpoint network settings to use the signed endpoint certificate, allowing the endpoint to gain network access?. Cisco Secure Web Appliance. Cisco NAC. Cisco TACACS+. Cisco ISE.

When a next-generation Endpoint security solution is selected for a company, what are two key deliverables that help justify the implementation ? (chose two). Email integration to protect endpoints from malicious content that is located in the Email. real-time feed from global threats intelligence centers. Continues monitoring of all files that are located on connected endpoints. Signature-based endpoint protection on company endpoints. Macro-based protection to keep connected endpoints safe.

Refer to the exhibit. An engineer must configured a remote access VPN connection between a teleworker and site B. The engineer already perform some configuration on the Cisco Adaptive Security Appliance ASA_B firewall. Which address pool must to be assigned to the tunnel group to complete the configuration?. 192.168.11.0/24. 20.20.20.0/24. 30.30.30.0/24. 40.40.40.0/24.

What is different between a Cisco AMP for Endpoints and Cisco Umbrella ?. AMP for endpoints prevents, detects and responds to attack before damage can be done, and Umbrella provides the first line of defense against Internet Threats. AMP for endpoints automatically researches indicators of compromise and confirms threats, and Umbrella does not. AMP for endpoints prevents connections to malicious destinations, and Umbrella works at the file level to prevent the initial execution of malware. AMP for Endpoints is a Cloud-Based service, and Umbrella is not.

Which Cisco DNA center intent API action is used to retrieve the number of devices known to a DNA center?. GET https://fqdnOrlPofDnaCenterPlatform/dna/intent/api/v1/network-device. GET https://fqdnOrlPofDnaCenterPlatform/dna/intent/api/v1/network-device/startingindexlrecordsToReturn. GET https://fqdnOrlPofDnaCenterPlatform/dna/intent/api/v1/network-device?parameter1=value¶meter2?value&... GET https://fqdnOrlPofDnaCenterPlatform/dna/intent/api/v1/network-devicelcount.

An organization is using DNS services for their network and to help improve the security of the DNS infrastructure. Which action accomplishes this task ?. Modify the Cisco Umbrella configuration to pass the queries only yo non-DNSSEC capable zones. Integrate Cisco Umbrella with Cisco CloudLock to ensure that DNSSEC is functional. Use DNSSEC between the Endpoints and Cisco Umbrella DNS servers. Configure Cisco Umbrella and use DNSSEC for domain authentication to authoritative servers.

Refer to the exhibit. An engineer is implementing a site-to-site VPN on a Cisco router with a remote Cisco router. What must be configured next to ensure the tunnel status is up ?. transform set. NAT translation. remote peer. IKE version.

When choosing an algorithm to use, what should be considered about Diffie Hellman and RSA for key establishment ?. DH is an asymmetric key establishment algorithm intended to output symmetric keys. RSA is symmetric key establishment algorithm intended to output asymmetric keys. DH is asymmetric key establishment algorithm intended to output asymmetric keys. RSA is an asymmetric key establishment algorithm intended to output symmetric keys.

Which solution combines a Cisco IOS and IOS XE components to enable administrators and recognize applications, collect and send network metrics to Cisco Prime and other third-party management tools , and prioritize application traffic?. Cisco Application Visibility and Control. Cisco Model Driven Telemetry. Cisco Security Intelligence. Cisco DNA center.

What is a characteristic of a bridge group in Cisco ASA Firewall running in transparent mode?. It has an IP address on its BVI interface and its used for management traffic. It is a layer 3 segment and includes one port and customizable access rules. It allows ARP traffic with a single access rule. It includes multiples interfaces and access rules between interfaces are customizable.

Which algorithm provides asymmetric encryption?. RC4. RSA. AES. 3DES.

Which two capabilities does and MDM provide? (choose two). Unified management of mobile devices , Macs , and PCs from a centralized dashboard. manual identification and classification of client devices. delivery of network malware reports to an inbox in a schedule. Unified management of Android and Apple devices from a centralized dashboard. enforcement of device security policies from centralized dashboard.

Which firewall deployment mode allows the inspection to traffic between severs in the same IP subnet?. Transparent. Routed. Virtual. Multicontext.

A network administrator is setting a Cisco FMC to send logs to Cisco security Analytics and Logging (SaaS). The network administrator is anticipating a high volume of logging events from the firewalls and wants to limit the strain on the firewall resources. Which method must the administrator used to send these logs to Cisco Security Analytics and Logging?. Direct connection using SNMP traps. SFTP using FMC CLI. HTTP POST using the Security Analytics FMC plugin. syslog using the Secure Event Connector.

What is the capability of Cisco Secure Email Cloud Gateway compared to Cisco Secure Email Gateway?. Secure Email Cloud Gateway requires that a proxy be deployed to a web browser, and Secure Email Gateway requires a network reconfiguration. Secure Email Cloud Gateway protects email without having to deploy an infrastructure, and Secure Email Gateway requires a server infrastructure. Secure Email Cloud Gateway requires an ASA to redirect email by using WCCP, and Secure Email Gateway requires an ASA be inline. Secure Email Cloud Gateway is an add-on that is deployed to a web browser by using a group policy , and Secure Email Gateway requires a server infrastructure.

What are two facts about Cisco Secure Web Appliance HTTP proxy configuration with a PAC file? (choose two). The PAC file, which references the proxy, is deployed to the client web browser. it is defined as an Explicit proxy deployment. In a Dual-Nic configuration, the PAC file directs traffic through the two NICs to the proxy. It is defined as a bridged proxy deployment. It is defined as a transparent proxy deployment.

Which type of API is being used when a controller within a software-defined network architecture dynamically configuration changes on switches within the network?. southbound API. eastbound API. westbound API. northbound API.

A developer must create a script to retrieve a count of inactive and devices by using the Cisco Catalyst Center API. Which Endpoint and method pair is needed to make the API call?. GET/dna/intent/api/v1/client-health. POST/dna/intent/api/v1/discovery. POST/dna/intent/api/v1/network-device. GET/dna/intent/api/v1/network-device/collection-schedule/global.

What is a capability of cross-site scripting?. supplies valid credentials by hijacking DNS queries sent by the user device. steals cookies used to obtain access as an authenticated user to a clous service. exploit vulnerable applications for attackers to pass commands to a database. intercepts traffic to take over a connection to a cloud-based service.

An email containing a URL passes through the Cisco Security Email Gateway. Content filtering is disabled for all mail policies. The sender of the email is admin@test.com while the recipient is user1@test.com. The subject of the email is important Document. And administrator must configure a policy to ensure that the web reputation score is evaluated before permitting the email. Which criteria must be configured to meet the requirement?. sender matches domain test.com. mail recipient is user1@test.cvom. email body contains a URL. subject contains Import Document.

Which suspicious pattern enables the Cisco Secure Workload platform to learn the normal behavior of users ?. privilege escaltion. interesting file access. file access from a different user. user login suspicious behavior.

Which feature must be enabled to configured a predefined URL category on a Cisco Secure Web Appliance?. Acceptable use Controls. Local Custom Category. External Live Feed Category. Selected Embedded/referred content.