Exam C Flashcards
Which two protocols must be configured to authenticate end users to the Web Security Appliance? (Choose two)
A. NTLMSSP
B. Kerberos
C. CHAP
D. TACACS+
E. RADIUS
NTLMSSP
Kerberos
An engineer is configuring Dropbox integration with Cisco Cloudlock. Which action must be taken before granting API access in the Dropbox admin console?
A. Authorize Dropbox within the Platform settings in the Cisco Cloudlock portal.
B. Add Dropbox to the Cisco Cloudlock Authentication and API section in the Cisco Cloudlock portal.
C. Send an API request to Cisco Cloudlock from Dropbox admin portal.
D. Add Cisco Cloudlock to the Dropbox admin portal.
Authorize Dropbox within the Platform settings in the Cisco Cloudlock portal.
What is a benefit of using Cisco Umbrella?
A. DNS queries are resolved faster.
B. Attacks can be mitigated before the application connection occurs.
C. Files are scanned for viruses before they are allowed to run.
D. It prevents malicious inbound traffic.
Attacks can be mitigated before the application connection occurs.
Which security solution is used for posture assessment of the endpoints in a BYOD solution?
A. Cisco FTD
B. Cisco ASA
C. Cisco Umbrella
D. Cisco ISE
Cisco ISE
Which characteristic is unique to a Cisco WSAv as compared to a physical appliance?
A. supports VMware vMotion on VMware ESXi
B. requires an additional license
C. performs transparent redirection
D. supports SSL decryption
supports VMware vMotion on VMware ESXi
What are two benefits of using an MDM solution? (Choose two)
A. grants administrators a way to remotely wipe a lost or stolen device
B. provides simple and streamlined login experience for multiple applications and users
C. native integration that helps secure applications across multiple cloud platforms or on-premises environments
D. encrypts data that is stored on endpoints
E. allows for centralized management of endpoint device applications and configurations
grants administrators a way to remotely wipe a lost or stolen device
allows for centralized management of endpoint device applications and configurations
What are two benefits of using Cisco Duo as an MFA solution? (Choose two)
A. grants administrators a way to remotely wipe a lost or stolen device
B. provides simple and streamlined login experience for multiple applications and users
C. native integration that helps secure applications across multiple cloud platforms or on-premises environments
D. encrypts data that is stored on endpoints
E. allows for centralized management of endpoint device applications and configurations
provides simple and streamlined login experience for multiple applications and users
native integration that helps secure applications across multiple cloud platforms or on-premises environments
What is a benefit of using GET VPN over FlexVPN within a VPN deployment?
A. GET VPN supports Remote Access VPNs
B. GET VPN natively supports MPLS and private IP networks
C. GET VPN uses multiple security associations for connections
D. GET VPN interoperates with non-Cisco devices
GET VPN natively supports MPLS and private IP networks
Which solution allows an administrator to provision, monitor, and secure mobile devices on Windows and Mac computers from a centralized dashboard?
A. Cisco Umbrella
B. Cisco AMP for Endpoints
C. Cisco ISE
D. Cisco Stealthwatch
Cisco ISE
Which type of data does the Cisco Stealthwatch system collect and analyze from routers, switches, and firewalls?
A. NTP
B. syslog
C. SNMP
D. NetFlow
NetFlow
What is the term for the concept of limiting communication between applications or containers on the same node?
A. container orchestration
B. software-defined access
C. microservicing
D. microsegmentation
microsegmentation
What is a characteristic of an EDR solution and not of an EPP solution?
A. stops all ransomware attacks
B. retrospective analysis
C. decrypts SSL traffic for better visibility
D. performs signature-based detection
retrospective analysis
Based on the NIST 800-145 guide, which cloud architecture may be owned, managed, and operated by one or more of the organizations in the community, a third party, or some combination of them, and it may exist on or off premises?
A. hybrid cloud
B. private cloud
C. public cloud
D. community cloud
community cloud
How does Cisco AMP for Endpoints provide next-generation protection?
A. It encrypts data on user endpoints to protect against ransomware.
B. It leverages an endpoint protection platform and endpoint detection and response.
C. It utilizes Cisco pxGrid, which allows Cisco AMP to pull threat feeds from threat intelligence centers.
D. It integrates with Cisco FTD devices.
It leverages an endpoint protection platform and endpoint detection and response.
A company has 5000 Windows users on its campus. Which two precautions should IT take to prevent WannaCry ransomware from spreading to all clients? (Choose two)
A. Segment different departments to different IP blocks and enable Dynamic ARP inspection on all VLANs
B. Ensure that noncompliant endpoints are segmented off to contain any potential damage.
C. Ensure that a user cannot enter the network of another department.
D. Perform a posture check to allow only network access to those Windows devices that are already patched.
E. Put all company users in the trusted segment of NGFW and put all servers to the DMZ segment of the Cisco NGFW.
Ensure that noncompliant endpoints are segmented off to contain any potential damage.
Perform a posture check to allow only network access to those Windows devices that are already patched.
What are two characteristics of the RESTful architecture used within Cisco DNA Center? (Choose two)
A. REST uses methods such as GET, PUT, POST, and DELETE.
B. REST codes can be compiled with any programming language.
C. REST is a Linux platform-based architecture.
D. The POST action replaces existing data at the URL path.
E. REST uses HTTP to send a request to a web service.
REST uses methods such as GET, PUT, POST, and DELETE.
REST uses HTTP to send a request to a web service.
What is the process In DevSecOps where all changes in the central code repository are merged and synchronized?
A. CD
B. EP
C. CI
D. QA
CI
Which Cisco platform onboards the endpoint and can issue a CA signed certificate while also automatically configuring endpoint network settings to use the signed endpoint certificate, allowing the endpoint to gain network access?
A. Cisco ISE
B. Cisco NAC
C. Cisco TACACS+
D. Cisco WSA
Cisco ISE
Which cloud service offering allows customers to access a web application that is being hosted, managed, and maintained by a cloud service provider?
A. IaC
B. SaaS
C. IaaS
D. PaaS
SaaS
How does Cisco Workload Optimization portion of the network do EPP solutions solely performance issues?
A. It deploys an AWS Lambda system
B. It automates resource resizing
C. It optimizes a flow path
D. It sets up a workload forensic score
It automates resource resizing
Email security has become a high priority task for a security engineer at a large multi- national organization due to ongoing phishing campaigns. To help control this, the engineer has deployed an Incoming Content Filter with a URL reputation of (-10.00 to -6.00) on the Cisco ESA. Which action will the system perform to disable any links in messages that match the filter?
A. Defang
B. Quarantine
C. FilterAction
D. ScreenAction
Defang
What are two workloaded security models? (Choose two)
A. SaaS
B. IaaS
C. on-premises
D. off-premises
E. PaaS
on-premises
off-premises
Which API method and required attribute are used to add a device into DNAC with the native API?
A. lastSyncTime and pid
B. POST and name
C. userSudiSerialNos and deviceInfo
D. GET and serialNumber
POST and name
What provides total management for mobile and PC including managing inventory and device tracking, remote view, and live troubleshooting using the included native remote desktop support?
A. mobile device management
B. mobile content management
C. mobile application management
D. mobile access management
mobile device management
What is the most common type of data exfiltration that organizations currently experience?
A. HTTPS file upload site
B. Microsoft Windows network shares
C. SQL database injections
D. encrypted SMTP
HTTPS file upload site
An administrator is configuring NTP on Cisco ASA via ASDM and needs to ensure that rogue NTP servers cannot insert themselves as the authoritative time source. Which two steps must be taken to accomplish this task? (Choose two)
A. Specify the NTP version
B. Configure the NTP stratum
C. Set the authentication key
D. Choose the interface for syncing to the NTP server
E. Set the NTP DNS hostname
Set the authentication key
Set the NTP DNS hostname
Which two criteria must a certificate meet before the WSA uses it to decrypt application traffic? (Choose two)
A. It must include the current date.
B. It must reside in the trusted store of the WSA.
C. It must reside in the trusted store of the endpoint.
D. It must have been signed by an internal CA.
E. It must contain a SAN.
It must include the current date.
It must reside in the trusted store of the WSA.
