CCNP SCOR Book Terms Flashcards

1
Q

______________ is a security technology that actively monitors network or system activities to detect and prevent unauthorized access, attacks, or malicious activities. It works by analyzing traffic patterns and taking action to block or mitigate threats in real-time.

A

Intrusion Prevention (IPS)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

______________ are devices or systems that monitor network traffic and system behavior to detect potential security threats or intrusions. These sensors are part of Intrusion Detection and Prevention Systems (IDPS).

A

Intrusion Sensors

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

______________ refers to how and where intrusion sensors are positioned within a network. Common deployment modes include inline (in the data path), passive (monitoring only), and TAP (Test Access Point) mode.

A

Sensors Deployment Mode

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

______________ are intrusion sensors placed at various points within a network to monitor and analyze network traffic for signs of intrusions or threats.

A

Network-Based Sensors

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

______________ are installed on individual host systems (such as servers or endpoints) to monitor the behavior and security of those hosts.

A

Host-Based Sensors

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

______________ are methods and techniques used to identify and classify security threats and attacks, such as signature-based detection, anomaly-based detection, and behavior-based detection.

A

Attack Detection Strategies

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

______________ refers to the protection of data and information from threats and vulnerabilities, including measures to prevent unauthorized access, data leakage, and content-based attacks.

A

Content Security

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

______________ focuses on securing individual devices (endpoints) such as computers, mobile devices, and servers from various threats, including malware, unauthorized access, and data breaches.

A

Endpoint Security

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

______________ is any software designed to harm, exploit, or compromise the security of a computer system. Common types of malware include viruses, worms, Trojans, and spyware.

A

Malware (Malicious Software)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

______________ is an IEEE standard for port-based network access control. It provides authentication and authorization mechanisms for controlling access to network resources.

A

802.1x

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

______________ refers to the flow of email messages within an email system, including sending, receiving, routing, and processing emails.

A

Email Pipeline

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

A ______________ is a visual representation of ideas, concepts, or information arranged in a hierarchical and interconnected manner. It is often used for brainstorming, organizing thoughts, or summarizing complex topics.

A

Mind-Map

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

______________ is a security appliance used for email security, including features like spam filtering, malware detection, email encryption, and email content filtering.

A

Cisco ESA (Email Security Appliance)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

______________ refers to techniques and tactics used by attackers to bypass or evade email security measures, such as spam filters or antivirus scanners.

A

Email Security Evasion

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

______________ is the process of encoding email messages to protect their contents from unauthorized access. It ensures that only the intended recipient can read the email.

A

Email Encryption

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

______________ are security threats that originate from web-based sources, including malicious websites, phishing sites, and web-based malware distribution.

A

Web-Based Threats

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
17
Q

______________ refer to the capabilities and functions of a Web Security Appliance, which is used to enforce web security policies, filter web content, and protect against web-based threats.

A

WSA Features (Web Security Appliance)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
18
Q

______________ is a protocol used to redirect web traffic for caching and security purposes. It allows network devices to intercept and redirect web traffic to a caching or security appliance.

A

Web Cache Communications Protocol (WCCP)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
19
Q

______________ is a cloud-based web security solution that provides web content filtering, threat protection, and visibility for web traffic.

A

Cisco Cloud Web Security

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
20
Q

______________ are components that facilitate the integration of Cisco Cloud Web Security with on-premises network infrastructure.

A

Cisco CWS Connectors

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
21
Q

______________ are a type of malware that attaches itself to a legitimate program or file and spreads when the infected program is executed. Viruses can cause various forms of damage to a computer system.

A

Viruses

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
22
Q

______________ are self-replicating malware that spread across networks and systems without the need for user intervention. They can propagate rapidly and cause widespread disruptions.

A

Worms

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
23
Q

In a security context, a “______________” typically refers to a malicious or harmful piece of code or script that triggers a destructive action when activated.

A

Bomb

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
24
Q

A ______________ is a type of malware that disguises itself as a legitimate or benign program but, when executed, performs malicious actions without the user’s knowledge.

A

Horses (Trojan Horses), or simply “Trojan”

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
25
Q

______________ are hidden or unauthorized access points in a computer system or software that allow attackers to gain entry and control the system.

A

Backdoors

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
26
Q

______________ are software or techniques used to take advantage of vulnerabilities or weaknesses in computer systems, applications, or networks for malicious purposes.

A

Exploits

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
27
Q

______________ are software or hardware devices that record keystrokes on a computer or mobile device, often used to capture sensitive information like passwords.

A

Key Loggers

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
28
Q

______________ are stealthy malware that provide unauthorized access to a computer or network while concealing their presence. They often tamper with system functions and are difficult to detect.

A

Rootkits

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
29
Q

______________ is a type of malware that encrypts a victim’s files and demands a ransom payment in exchange for a decryption key to restore access to the files.

A

Ransomware

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
30
Q

______________ refers to software or tools designed to detect, prevent, and remove various forms of malware from computer systems.

A

Antimalware

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
31
Q

______________ software is a subset of antimalware that specifically focuses on detecting and preventing computer viruses.

A

Antivirus

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
32
Q

______________ is a security system or software that monitors and analyzes the behavior of applications and processes running on a host (such as an endpoint) to detect and prevent unauthorized or malicious activities.

A

HIPS (Host Intrusion Prevention System)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
33
Q

______________ is the process of converting plaintext data into ciphertext to protect it from unauthorized access. It ensures that only authorized parties can decrypt and access the data.

A

Data Encryption

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
34
Q

______________ are secure communication tunnels that allow users to access a private network over a public network (typically the internet). They provide encryption and privacy for data transmission.

A

VPNs (Virtual Private Networks)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
35
Q

______________ is the science of securing communication and data through mathematical techniques, including encryption and decryption.

A

Cryptography

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
36
Q

______________ is a process of converting data (such as passwords) into a fixed-length string of characters, which is often used for data verification and security.

A

Hashing

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
37
Q

______________ is a type of encryption where the same key is used for both encryption and decryption. It is often faster but requires secure key distribution.

A

Symmetric Encryption

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
38
Q

______________ (or Public-Key Cryptography) uses a pair of public and private keys for encryption and decryption. It provides secure key exchange and digital signatures.

A

Asymmetric Encryption

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
39
Q

______________ are cryptographic techniques that provide authentication, integrity, and non-repudiation for digital documents or messages.

A

Digital Signatures

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
40
Q

______________ refers to advanced encryption techniques and standards that aim to enhance security and address emerging threats in modern computing environments.

A

Next Generation Encryption

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
41
Q

______________ is a framework that manages digital keys and certificates for secure communication. It includes processes, policies, and technologies for issuing, managing, and revoking digital certificates.

A

Public Key Infrastructure (PKI)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
42
Q

______________ are electronic credentials used to verify the identity of entities in a network. They contain a public key, identity information, and are signed by a Certificate Authority (CA).

A

Digital Certificate

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
43
Q

______________ are trusted entities that issue digital certificates and verify the authenticity of certificate holders.

A

Certificate Authorities

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
44
Q

______________ is the process of verifying the identity of a user or system by validating their digital certificate.

A

Digital Certificate Authentication

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
45
Q

______________ refers to the process of obtaining a digital certificate, while ______________ is the process of invalidating or revoking a certificate before its expiration.

A

Enrollment & Revocation

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
46
Q

______________ is the act of requesting and obtaining a digital certificate from a Certificate Authority.

A

Certificate Enrollment

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
47
Q

______________ is the process of declaring a digital certificate as no longer valid before its expiration date.

A

Certificate Revocation

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
48
Q

______________ refer to the design and structure of a Public Key Infrastructure, including the hierarchy of CAs, certificate policies, and trust models.

A

PKI Architectures

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
49
Q

______________ is the process of allowing or blocking network packets based on predefined rules or criteria.

A

Packet Filtering

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
50
Q

______________ are rules or policies that specify which network traffic is allowed or denied based on source, destination, and protocol.

A

Access Control List (ACL)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
51
Q

______________ is a firewall technique that keeps track of the state of active connections and allows related packets to pass through.

A

Stateful Filtering

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
52
Q

______________ is a Cisco firewall feature that uses zones to define security policies and controls traffic flow between zones.

A

Zone-Based Firewall

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
53
Q

______________ is a security device that combines firewall, VPN, and other security features to protect network resources.

A

Cisco ASA (Adaptive Security Appliance)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
54
Q

______________ is the process of controlling and managing network traffic to prevent unauthorized access or malicious activities.

A

Traffic Filtering

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
55
Q

The ______________ is the part of a network device responsible for managing and controlling device operations and protocols.

A

Control Plane

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
56
Q

______________ refers to the design and structure of network devices, including hardware and software components.

A

Network Device Architecture

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
57
Q

______________ is a security mechanism that ensures the authenticity and integrity of routing protocol messages.

A

Routing Protocol Authentication

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
58
Q

______________ is the process of selectively allowing or denying specific routes in a routing table.

A

Route Filtering

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
59
Q

______________ is a security feature that restricts the rate of traffic directed at a device’s control plane to protect it from resource exhaustion or attacks.

A

Control Plane Policing (CoPP)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
60
Q

______________ includes mechanisms and strategies to secure a device’s control plane from unauthorized access and attacks.

A

Control Plane Protection

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
61
Q

______________ safeguard a device’s central processing unit (CPU) from excessive loads and resource depletion.

A

CPU Protection Mechanisms

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
62
Q

______________ mechanisms ensure the security and integrity of a device’s memory, preventing unauthorized access or tampering.

A

Memory Protection

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
63
Q

The ______________ is responsible for managing and configuring network devices, including tasks such as device administration and monitoring.

A

Management Plane

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
64
Q

______________ is a protocol used for network management and monitoring, allowing devices to exchange information about their status and performance.

A

SNMP (Simple Network Management Protocol)

65
Q

______________ is a protocol used to synchronize the time of network devices, ensuring accurate timestamps for events and logs.

A

NTP (Network Time Protocol)

66
Q

______________ involves recording events, activities, and system messages for analysis, troubleshooting, and security monitoring.

A

Logging

67
Q

______________ is a network protocol that automates the assignment of IP addresses and network configuration to devices on a network.

A

Dynamic Host Configuration Protocol (DHCP)

68
Q

______________ is an extension of DHCP used for assigning IPv6 addresses and configuration parameters to devices on an IPv6 network.

A

DHCPv6

69
Q

______________ is a protocol used for translating human-readable domain names into IP addresses, facilitating network communication.

A

Domain Network System (DNS) Protocol

70
Q

______________ is a technique used by attackers to impersonate another IP address to conceal their identity or gain unauthorized access.

A

IP Spoofing

71
Q

______________ are used as mitigation tools to control network traffic and restrict access to specific resources.

A

ACLs (Access Control Lists)

72
Q

______________ is a mitigation tool that verifies the source IP address of incoming packets to prevent IP spoofing.

A

URPF (Unicast Reverse Path Forwarding)

73
Q

A ______________ is an attack that overwhelms a network or system with excessive traffic, rendering it unavailable to legitimate users.

A

DoS-Attack (Denial-of-Service Attack)

74
Q

______________ is a security feature that protects against TCP SYN flooding attacks by managing incomplete connection requests.

A

TCP Intercept

75
Q

______________ is a traffic control mechanism that enforces bandwidth limits and controls the rate of traffic.

A

Policing

76
Q

______________ is a security technique used to mitigate DDoS attacks by redirecting attack traffic to a null route.

A

RTBH (Remote Triggered Black Hole)

77
Q

______________ are additional fields in an IP packet header used for specific purposes, and they can introduce security risks if misused.

A

IP Options

78
Q

______________ refers to strategies and technologies used to detect, prevent, and respond to security attacks.

A

Attack Mitigation

79
Q

______________ is the process of breaking large IP packets into smaller fragments for transmission, which can be a security concern.

A

IP Fragmentation

80
Q

______________ is a Cisco technology that identifies and classifies network applications and services for traffic analysis and control.

A

NBAR (Network-Based Application Recognition)

81
Q

______________ are part of IPv6 packets and provide additional information for packet processing. ______________ involves handling and securing these headers to prevent attacks and ensure proper packet processing.

A

Extension Headers / Extension Headers Processing & Security

82
Q

______________ refers to the examination and handling of IPv6 extension headers, including header insertion, inspection, and processing as packets traverse the network.

A

Extension Header Processing

83
Q

______________ is a process of dividing large IPv6 packets into smaller fragments to accommodate networks with smaller Maximum Transmission Unit (MTU) sizes.

A

IPv6 Fragmentation

84
Q

______________ involves strategies and measures to protect against security threats related to IPv6 fragmentation, such as fragmentation-based attacks.

A

IPv6 Fragmentation Attacks Mitigation

85
Q

______________ is a key component of IPv6 networking that allows devices to discover and communicate with neighboring devices on the same network segment.

A

Neighbor Discovery

86
Q

______________ are ICMPv6 messages used for various purposes, including router discovery, neighbor discovery, and address resolution in IPv6 networks.

A

Neighbor Discovery Messages

87
Q

______________ is a security extension for Neighbor Discovery that provides mechanisms for securing neighbor and router discovery processes in IPv6 networks.

A

Secure Neighbor Discovery (SEND)

88
Q

______________ is a proprietary Cisco protocol used for discovering and sharing information about directly connected Cisco devices on a network.

A

Cisco Discovery Protocol (CDP)

89
Q

______________ is a network protocol used to prevent loops in Ethernet networks by dynamically disabling redundant links while keeping a loop-free path.

A

Spanning Tree Protocol (STP)

90
Q

______________ include mechanisms to protect Spanning Tree Protocol implementations from misuse and attacks.

A

Spanning Tree Protocol (STP) Security Features

91
Q

______________ are used to partition a VLAN into sub-VLANs, allowing network segmentation while sharing the same IP subnet.

A

Private VLANs

92
Q

______________ is a feature that isolates specific ports on a switch to prevent direct communication between devices on those ports.

A

Protected Ports (or Port Isolation)

93
Q

______________ is a feature that monitors and limits the rate of broadcast, multicast, or unicast storms to prevent network congestion and disruptions.

A

Storm Control

94
Q

______________ involves securing network devices by implementing security best practices and configuring security features to reduce vulnerabilities.

A

Device Hardening

95
Q

______________ is a comprehensive framework and methodology for designing and implementing secure network architectures.

A

Cisco SAFE (Security Architecture for Enterprise)

96
Q

______________ refers to strategies and techniques used to protect against Layer 2 (data link layer) attacks in a network.

A

L2 Attacks Mitigation

97
Q

______________ are security threats targeting the Spanning Tree Protocol, aiming to disrupt network operations by exploiting vulnerabilities in STP implementations.

A

STP Attacks

98
Q

______________ are malicious activities that manipulate or poison ARP tables to redirect network traffic or conduct man-in-the-middle attacks.

A

ARP Attacks (Address Resolution Protocol Attacks)

99
Q

______________ is a protocol used to map IP addresses to MAC addresses in Ethernet networks, facilitating communication between devices on the same local network.

A

Address Resolution Protocol (ARP)

100
Q

______________ is a security feature that restricts access to command-line interface (CLI) commands based on user roles and privileges.

A

Role-Based CLI Access

101
Q

______________ involves establishing secure and encrypted communication tunnels over public networks, allowing remote access and private data transfer.

A

VPN (Virtual Private Network) Working

102
Q

______________ is the process of encapsulating one network protocol within another for secure and efficient data transmission over an untrusted network.

A

Tunneling

103
Q

______________ encompasses measures and protocols used to secure Virtual Private Network connections and protect data confidentiality and integrity.

A

VPN Security

104
Q

______________ involves setting up GRE tunnels for encapsulating a wide range of network protocols within point-to-point connections.

A

GRE (Generic Routing Encapsulation) Configuration

105
Q

______________ is a key management protocol used in IPsec VPNs to establish security associations and exchange encryption keys.

A

IKEv1 (Internet Key Exchange version 1)

106
Q

______________ is the process of establishing secure IPsec tunnels for encrypted communication between network devices or sites.

A

IPsec Tunneling

107
Q

______________ involves configuring IPsec VPNs on Cisco ASA devices for secure remote access and site-to-site connectivity.

A

IPsec on the ASA (Adaptive Security Appliance)

108
Q

______________ is a technology that simplifies and enhances WAN management by centralizing control and dynamically routing traffic over multiple network connections.

A

Software Defined WAN (SD-WAN)

109
Q

______________ is a Cisco solution that uses software-defined networking (SDN) principles to automate network provisioning, policy enforcement, and segmentation.

A

Software Defined Access (SD-Access)

110
Q

______________ is Cisco’s approach to data center networking that focuses on automation, policy-based management, and application-aware networking.

A

Application Centric Infrastructure (ACI)

111
Q

______________ encompasses the design and components of Cisco’s Application Centric Infrastructure solution for data centers.

A

Cisco ACI Architecture

112
Q

______________ are software-based network switches used in virtualized environments to connect virtual machines (VMs) and manage traffic.

A

Virtual Switches

113
Q

An ______________ is a physical location where different Internet service providers (ISPs) connect their networks to exchange traffic.

A

Internet Exchange Point (IXP)

114
Q

A ______________ is a wide area network that connects geographically dispersed locations using private network infrastructure, such as leased lines or MPLS.

A

Private WAN

115
Q

______________ is an open-source cloud computing platform that provides infrastructure-as-a-service (IaaS) capabilities for building and managing private and public clouds.

A

OpenStack

116
Q

______________ refers to the design and framework of Software-Defined Networking, which separates network control and data planes for greater flexibility and automation.

A

SDN Architecture

117
Q

______________ is the protocol used for transmitting and receiving web page data and other resources on the World Wide Web.

A

HTTP (Hypertext Transfer Protocol)

118
Q

______________ are three-digit numeric codes used in HTTP responses to indicate the status of a web request, such as 200 (OK) or 404 (Not Found).

A

HTTP Message Codes

119
Q

______________ is a secure version of HTTP that uses encryption (TLS/SSL) to protect the confidentiality and integrity of data exchanged between a web server and a client.

A

HTTP Secure (HTTPS)

120
Q

______________ is a central management console used to configure, monitor, and manage Cisco security products and services.

A

SMC (Security Management Center)

121
Q

A ______________ is a network security device or software solution that provides web content filtering, threat protection, and policy enforcement to protect users and networks from web-based threats.

A

Web Security Appliance

122
Q

______________ is a specific Cisco appliance designed for web security. It offers features like web filtering, antivirus scanning, and URL categorization to protect against web threats.

A

Cisco Web Security Appliance (WSA)

123
Q

______________ is a protocol used for sending email messages between servers. It is a fundamental component of email communication.

A

Simple Mail Transfer Protocol (SMTP)

124
Q

______________ is an appliance that provides email security services, including spam filtering, malware detection, and content filtering to protect against email-based threats.

A

Cisco Email Security Appliance (ESA)

125
Q

______________ refers to the command-line interface (CLI) used for configuring and managing Cisco Email Security Appliances.

A

ESA Command Line

126
Q

An ______________ is a component of the Email Security Appliance that receives incoming email messages and processes them through various security filters.

A

ESA Listener

127
Q

______________ involve the configuration, monitoring, and management tasks related to the Cisco Email Security Appliance.

A

ESA Operations

128
Q

An ______________ is a dedicated device or software solution designed to protect email communication by filtering out spam, viruses, and other email threats.

A

Email Security Appliance (ESA)

129
Q

______________ are sets of rules and configurations that define how email security is enforced, including spam policies, content filtering, and encryption policies.

A

ESA Policies

130
Q

______________ is a distributed system used for translating domain names (e.g., www.example.com) into IP addresses, facilitating internet communication.

A

Domain Name System (DNS)

131
Q

______________ includes the hierarchical organization of DNS servers and domains, starting with the root DNS servers at the top.

A

DNS Structure

132
Q

______________ include DNS servers (such as authoritative, recursive, and caching servers) and DNS clients that interact to resolve domain names.

A

DNS Components

133
Q

______________ are data entries in DNS databases that contain information about domain names, IP addresses, mail servers, and other DNS-related information.

A

DNS Records

134
Q

______________ is a cloud-based security service provided by Cisco (Cisco Umbrella) that offers DNS and web filtering to protect against threats and provide visibility into internet traffic.

A

Umbrella

135
Q

______________ are configurations that define how DNS traffic is inspected and protected against security threats like DNS-based attacks.

A

DNS Layer Security Policies

136
Q

______________ define rules for inspecting and controlling content and applications to ensure security and compliance.

A

Content & Application Inspection Policies

137
Q

______________ specify how files are inspected for malware and other threats, including rules for scanning, blocking, or allowing file transfers.

A

File Inspection Policies

138
Q

______________ determine which destinations (IP addresses, domains) are allowed or blocked for communication within a network.

A

Destination Lists Policies

139
Q

An ______________ is a proxy server that dynamically adjusts its behavior based on the type of traffic it handles, enhancing security and performance.

A

Intelligent Proxy

140
Q

______________ is the process of decrypting encrypted SSL/TLS traffic to inspect its contents for security purposes.

A

SSL Decryption

141
Q

______________ is a Cisco security product that provides identity-based access control and policy enforcement within a network.

A

ISE (Identity Services Engine)

142
Q

______________ involves integrating ISE with Microsoft Active Directory (AD) to leverage AD user and group information for access control decisions.

A

AD Integration

143
Q

______________ are rules and configurations that dictate how network access is granted or denied based on user identity and attributes.

A

ISE Policies

144
Q

______________ in ISE involves identifying and categorizing network devices and endpoints based on their characteristics and behavior.

A

Profiling

145
Q

______________ is a feature in ISE that allows for dynamic policy changes and actions after initial network access is granted, such as reauthentication or session termination.

A

Change of Authorization (CoA)

146
Q

______________ are mechanisms used by ISE to collect information about endpoints and devices on the network for profiling purposes.

A

Profiling Probes

147
Q

______________ refer to different configurations and methods for implementing 802.1x authentication, such as single-host or multi-host mode.

A

802.1x Deployment Modes

148
Q

______________ in ISE provide a secure and controlled onboarding process for guest users accessing the network.

A

Guest Services

149
Q

______________ is a method in ISE where users are redirected to a central web portal for authentication and access control.

A

Central Web Authentication

150
Q

______________ features and configurations go beyond basic identity and access control, offering more extensive policy options and integrations.

A

Advanced ISE

151
Q

______________ involves deploying multiple ISE nodes to provide high availability, scalability, and redundancy in a network.

A

Distributed ISE

152
Q

______________ are predefined roles that determine the function and capabilities of an ISE node, such as Policy Service Persona (PSP) or Monitoring Persona.

A

ISE Personas

153
Q

______________ in ISE are collections of ISE nodes that work together to provide services and redundancy in a distributed deployment.

A

Node Groups

154
Q

______________ allows an ISE node to operate in multiple personas simultaneously to provide a range of services.

A

ISE Multimode

155
Q

______________ involves collecting and analyzing data about network traffic, devices, and performance to improve security and visibility.

A

Network Telemetry

156
Q

______________ is a network visibility and security analytics solution that detects and mitigates threats by analyzing network traffic and behavior.

A

Cisco StealthWatch

157
Q

______________ is a network protocol used for collecting and monitoring network traffic flow data for analysis and security monitoring.

A

NetFlow

158
Q

______________ are logical groupings of network devices and hosts based on common characteristics, used for policy enforcement and management.

A

Hosts Groups