Exam C

Question 1

Which two protocols must be configured to authenticate end users to the Web Security Appliance? (Choose two)

A. NTLMSSP
B. Kerberos
C. CHAP
D. TACACS+
E. RADIUS

Answer 1

NTLMSSP

Kerberos

Question 2

An engineer is configuring Dropbox integration with Cisco Cloudlock. Which action must be taken before granting API access in the Dropbox admin console?

A. Authorize Dropbox within the Platform settings in the Cisco Cloudlock portal.

B. Add Dropbox to the Cisco Cloudlock Authentication and API section in the Cisco Cloudlock portal.

C. Send an API request to Cisco Cloudlock from Dropbox admin portal.

D. Add Cisco Cloudlock to the Dropbox admin portal.

Answer 2

Authorize Dropbox within the Platform settings in the Cisco Cloudlock portal.

Question 3

What is a benefit of using Cisco Umbrella?

A. DNS queries are resolved faster.

B. Attacks can be mitigated before the application connection occurs.

C. Files are scanned for viruses before they are allowed to run.

D. It prevents malicious inbound traffic.

Answer 3

Attacks can be mitigated before the application connection occurs.

Question 4

Which security solution is used for posture assessment of the endpoints in a BYOD solution?

A. Cisco FTD
B. Cisco ASA
C. Cisco Umbrella
D. Cisco ISE

Answer 4

Cisco ISE

Question 5

Which characteristic is unique to a Cisco WSAv as compared to a physical appliance?

A. supports VMware vMotion on VMware ESXi
B. requires an additional license
C. performs transparent redirection
D. supports SSL decryption

Answer 5

supports VMware vMotion on VMware ESXi

Question 6

What are two benefits of using an MDM solution? (Choose two)

A. grants administrators a way to remotely wipe a lost or stolen device

B. provides simple and streamlined login experience for multiple applications and users

C. native integration that helps secure applications across multiple cloud platforms or on-premises environments

D. encrypts data that is stored on endpoints

E. allows for centralized management of endpoint device applications and configurations

Answer 6

grants administrators a way to remotely wipe a lost or stolen device

allows for centralized management of endpoint device applications and configurations

Question 7

What are two benefits of using Cisco Duo as an MFA solution? (Choose two)

A. grants administrators a way to remotely wipe a lost or stolen device

B. provides simple and streamlined login experience for multiple applications and users

C. native integration that helps secure applications across multiple cloud platforms or on-premises environments

D. encrypts data that is stored on endpoints

E. allows for centralized management of endpoint device applications and configurations

Answer 7

provides simple and streamlined login experience for multiple applications and users

native integration that helps secure applications across multiple cloud platforms or on-premises environments

Question 8

What is a benefit of using GET VPN over FlexVPN within a VPN deployment?

A. GET VPN supports Remote Access VPNs
B. GET VPN natively supports MPLS and private IP networks
C. GET VPN uses multiple security associations for connections
D. GET VPN interoperates with non-Cisco devices

Answer 8

GET VPN natively supports MPLS and private IP networks

Question 9

Which solution allows an administrator to provision, monitor, and secure mobile devices on Windows and Mac computers from a centralized dashboard?

A. Cisco Umbrella
B. Cisco AMP for Endpoints
C. Cisco ISE
D. Cisco Stealthwatch

Answer 9

Cisco ISE

Question 10

Which type of data does the Cisco Stealthwatch system collect and analyze from routers, switches, and firewalls?

A. NTP
B. syslog
C. SNMP
D. NetFlow

Answer 10

NetFlow

Question 11

What is the term for the concept of limiting communication between applications or containers on the same node?

A. container orchestration
B. software-defined access
C. microservicing
D. microsegmentation

Answer 11

microsegmentation

Question 12

What is a characteristic of an EDR solution and not of an EPP solution?

A. stops all ransomware attacks
B. retrospective analysis
C. decrypts SSL traffic for better visibility
D. performs signature-based detection

Answer 12

retrospective analysis

Question 13

Based on the NIST 800-145 guide, which cloud architecture may be owned, managed, and operated by one or more of the organizations in the community, a third party, or some combination of them, and it may exist on or off premises?

A. hybrid cloud
B. private cloud
C. public cloud
D. community cloud

Answer 13

community cloud

Question 14

How does Cisco AMP for Endpoints provide next-generation protection?

A. It encrypts data on user endpoints to protect against ransomware.
B. It leverages an endpoint protection platform and endpoint detection and response.
C. It utilizes Cisco pxGrid, which allows Cisco AMP to pull threat feeds from threat intelligence centers.
D. It integrates with Cisco FTD devices.

Answer 14

It leverages an endpoint protection platform and endpoint detection and response.

Question 15

A company has 5000 Windows users on its campus. Which two precautions should IT take to prevent WannaCry ransomware from spreading to all clients? (Choose two)

A. Segment different departments to different IP blocks and enable Dynamic ARP inspection on all VLANs

B. Ensure that noncompliant endpoints are segmented off to contain any potential damage.

C. Ensure that a user cannot enter the network of another department.

D. Perform a posture check to allow only network access to those Windows devices that are already patched.

E. Put all company users in the trusted segment of NGFW and put all servers to the DMZ segment of the Cisco NGFW.

Answer 15

Ensure that noncompliant endpoints are segmented off to contain any potential damage.

Perform a posture check to allow only network access to those Windows devices that are already patched.

Question 16

What are two characteristics of the RESTful architecture used within Cisco DNA Center? (Choose two)

A. REST uses methods such as GET, PUT, POST, and DELETE.
B. REST codes can be compiled with any programming language.
C. REST is a Linux platform-based architecture.
D. The POST action replaces existing data at the URL path.
E. REST uses HTTP to send a request to a web service.

Answer 16

REST uses methods such as GET, PUT, POST, and DELETE.

REST uses HTTP to send a request to a web service.

Question 17

What is the process In DevSecOps where all changes in the central code repository are merged and synchronized?

A. CD
B. EP
C. CI
D. QA

Answer 17

CI

Question 18

Which Cisco platform onboards the endpoint and can issue a CA signed certificate while also automatically configuring endpoint network settings to use the signed endpoint certificate, allowing the endpoint to gain network access?

A. Cisco ISE
B. Cisco NAC
C. Cisco TACACS+
D. Cisco WSA

Answer 18

Cisco ISE

Question 19

Which cloud service offering allows customers to access a web application that is being hosted, managed, and maintained by a cloud service provider?

A. IaC
B. SaaS
C. IaaS
D. PaaS

Answer 19

SaaS

Question 20

How does Cisco Workload Optimization portion of the network do EPP solutions solely performance issues?

A. It deploys an AWS Lambda system
B. It automates resource resizing
C. It optimizes a flow path
D. It sets up a workload forensic score

Answer 20

It automates resource resizing

Question 21

Email security has become a high priority task for a security engineer at a large multi- national organization due to ongoing phishing campaigns. To help control this, the engineer has deployed an Incoming Content Filter with a URL reputation of (-10.00 to -6.00) on the Cisco ESA. Which action will the system perform to disable any links in messages that match the filter?

A. Defang
B. Quarantine
C. FilterAction
D. ScreenAction

Answer 21

Defang

Question 22

What are two workloaded security models? (Choose two)

A. SaaS
B. IaaS
C. on-premises
D. off-premises
E. PaaS

Answer 22

on-premises

off-premises

Question 23

Which API method and required attribute are used to add a device into DNAC with the native API?

A. lastSyncTime and pid
B. POST and name
C. userSudiSerialNos and deviceInfo
D. GET and serialNumber

Answer 23

POST and name

Question 24

What provides total management for mobile and PC including managing inventory and device tracking, remote view, and live troubleshooting using the included native remote desktop support?

A. mobile device management
B. mobile content management
C. mobile application management
D. mobile access management

Answer 24

mobile device management

Question 25

What is the most common type of data exfiltration that organizations currently experience?

A. HTTPS file upload site
B. Microsoft Windows network shares
C. SQL database injections
D. encrypted SMTP

Answer 25

HTTPS file upload site

Question 26

An administrator is configuring NTP on Cisco ASA via ASDM and needs to ensure that rogue NTP servers cannot insert themselves as the authoritative time source. Which two steps must be taken to accomplish this task? (Choose two)

A. Specify the NTP version
B. Configure the NTP stratum
C. Set the authentication key
D. Choose the interface for syncing to the NTP server
E. Set the NTP DNS hostname

Answer 26

Set the authentication key

Set the NTP DNS hostname

Question 27

Which two criteria must a certificate meet before the WSA uses it to decrypt application traffic? (Choose two)

A. It must include the current date.
B. It must reside in the trusted store of the WSA.
C. It must reside in the trusted store of the endpoint.
D. It must have been signed by an internal CA.
E. It must contain a SAN.

Answer 27

It must include the current date.

It must reside in the trusted store of the WSA.