Brainscape's Knowledge GenomeTM

Browse over 1 million classes created by top students, professors, publishers, and experts.


See full index

my cards > my cards 6 > Flashcards

my cards 6 Flashcards

my cards 6

1
Q

Which two capabilities does an MDM provide? (Choose two.)

A. manual identification and classification of client devices
B. unified management of mobile devices, Macs, and PCs from a centralized dashboard
C. delivery of network malware reports to an inbox in a schedule
D. enforcement of device security policies from a centralized dashboard
E. unified management of Android and Apple devices from a centralized dashboard

A

B. unified management of mobile devices, Macs, and PCs from a centralized dashboard

D. enforcement of device security policies from a centralized dashboard

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

What are two recommended approaches to stop DNS tunneling for data exfiltration and command and control call backs? (Choose two.)

A. Use Cisco Umbrella
B. Use next generation firewalls.
C. Block all ‘TXT’ DNS records.
D. Use intrusion prevention system.
E. Enforce security over port 53.

A

A. Use Cisco Umbrella
E. Enforce security over port 53.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

What is a capability of Cisco ASA NetFlow?

A. It sends NetFlow data records from active and standby ASAs in an active-standby failover pair.
B. It logs all event types only to the same collector.
C. It filters NSEL events based on traffic.
D. It generates NSEL events even if the MPF is not configured.

A

C. It filters NSEL events based on traffic

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

Which Cisco ISE service checks the compliance of endpoints before allowing the endpoints to connect to the network?

A. Threat Centric NAC
B. Cisco TrustSec
C. Posture
D. Profiler

A

C. Posture

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

What do tools like Jenkins, Octopus Deploy, and Azure DevOps provide in terms of application and infrastructure automation?

A. cloud application security broker
B. compile-time instrumentation
C. container orchestration
D. continuous integration and continuous deployment

A

D. continuous integration and continuous deployment

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

When a Cisco WSA checks a web request, what occurs if it is unable to match a user-defined policy?

A. It applies the next identification profile policy.
B. It applies the global policy.
C. It applies the advanced policy.
D. It blocks the request.

A

B. It applies the global policy.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

What is a benefit of using Cisco ISE for device compliance?

A. outbreak control
B. retrospective analysis
C. device analysis
D. zero-trust approach

A

D. zero-trust approach

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

Based on the NIST 800-145 guide, which cloud architecture is provisioned for exclusive use by a specific group of consumers from different organizations and may be owned, managed, and operated by one or more of those organizations?

A. community cloud
B. private cloud
C. public cloud
D. hybrid cloud

A

A. community cloud

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

Drag and drop the descriptions from the left onto the encryption algorithms on the right.

requires secret keys

requires more time

diffie-hellman exchange

3des

Asymetric

Symetric

A

Asymetric
requires more time
diffie-hellman exchange

Symetric
3des
requires secret keys

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

Which VMware platform does Cisco ACI integrate with to provide enhanced visibility, provide policy integration and deployment, and implement security policies with access lists?

A. VMware horizons
B. VMware vRealize
C. VMware APIC
D. VMware fusion

A

B. VMware vRealize

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

A small organization needs to reduce the VPN bandwidth load on their headend Cisco ASA in order to ensure that bandwidth is available for VPN users needing access to corporate resources on the 10.0.0.0/24 local HQ network. How is this accomplished without adding additional devices to the network?

A. Configure VPN load balancing to distribute traffic for the 10.0.0.0/24 network.
B. Configure VPN load balancing to send non-corporate traffic straight to the internet.
C. Use split tunneling to tunnel traffic for the 10.0.0.0/24 network only.
D. Use split tunneling to tunnel all traffic except for the 10.0.0.0/24 network.

A

C. Use split tunneling to tunnel traffic for the 10.0.0.0/24 network only.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

An engineer is configuring cloud logging using a company-managed Amazon S3 bucket for Cisco Umbrella logs. What benefit does this configuration provide for accessing log data?

A. It can grant third-party SIEM integrations write access to the S3 bucket.
B. Data can be stored offline for 30 days.
C. No other applications except Cisco Umbrella can write to the S3 bucket.
D. It is included in the license cost for the multi-org console of Cisco Umbrella.

A

A. It can grant third-party SIEM integrations write access to the S3 bucket.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

Which algorithm is an NGE hash function?

A. HMAC
B. SHA-1
C. MD5
D. SHA-2

A

D. SHA-2

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

An organization is implementing AAA for their users. They need to ensure that authorization is verified for every command that is being entered by the network administrator. Which protocol must be configured in order to provide this capability?

A. EAPOL
B. SSH
C. RADIUS
D. TACACS+

A

D. TACACS+

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

In which two ways does the Cisco Advanced Phishing Protection solution protect users? (Choose two.)

A. It prevents use of compromised accounts and social engineering.
B. It automatically removes malicious emails from users’ inbox.
C. It secures all passwords that are shared in video conferences.
D. It prevents trojan horse malware using sensors.
E. It prevents all zero-day attacks coming from the Internet.

A

A. It prevents use of compromised accounts and social engineering.

B. It automatically removes malicious emails from users’ inbox.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

In which two customer environments is the Cisco WSAv connector traffic direction method selected? (Choose two.)

A. Customer owns ASA Appliance and Virtual Form Factor is required.
B. Customer does not own Cisco hardware and needs Explicit Proxy.
C. Customer owns ASA Appliance and SSL Tunneling is required.
D. Customer needs to support roaming users.
E. Customer does not own Cisco hardware and needs Transparent Redirection (WCCP).

A

A. Customer owns ASA Appliance and Virtual Form Factor is required.

E. Customer does not own Cisco hardware and needs Transparent Redirection (WCCP).

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
17
Q

Which capability is provided by application visibility and control?

A. data obfuscation
B. deep packet inspection
C. reputation filtering
D. data encryption

A

B. deep packet inspection

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
18
Q

Which feature within Cisco ISE verifies the compliance of an endpoint before providing access to the network?

A. pxGrid
B. Profiling
C. Posture
D. MAB

A

C. Posture

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
19
Q

Which two fields are defined in the NetFlow flow? (Choose two.)

A. destination port
B. Layer 4 protocol type
C. output logical interface
D. class of service bits
E. type of service byte

A

A. destination port

E. type of service byte

  • Source IP address
  • Destination IP address
  • Source port number
  • Destination port number
  • Layer 3 protocol type (ex. TCP, UDP)
  • ToS (type of service) byte
  • Input logical interface
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
20
Q

Which type of API is being used when a controller within a software-defined network architecture dynamically makes configuration changes on switches within the network?

A. northbound API
B. westbound API
C. eastbound API
D. southbound API

A

D. southbound API

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
21
Q

Refer to the exhibit. Consider that any feature of DNS requests, such as the length of the domain name and the number of subdomains, can be used to construct models of expected behavior to which observed values can be compared. Which type of malicious attack are these values associated with?

4 .info files in the picture

A. W32/AutoRun worm
B. HeartBleed SSL Bug
C. Eternal Blue Windows
D. Spectre Worm

A

A. W32/AutoRun worm

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
22
Q

An engineer is adding a Cisco router to an existing environment. NTP authentication is configured on all devices in the environment with the command ntp authentication-key 1 md5 Cisc433392759. There are two routers on the network that are configured as NTP servers for redundancy, 192.168.1.110 and 192.168.1.111. 192.168.1.110 is configured as the authoritative time source. What command must be configured on the new router to use 192.168.1.110 as its primary time source without the new router attempting to offer time to existing devices?

A. ntp server 192.168.1.110 primary key 1
B. ntp server 192.168.1.110 key 1 prefer
C. ntp peer 192.168.1.110 prefer key 1
D. ntp peer 192.168.1.110 key 1 primary

A

B. ntp server 192.168.1.110 key 1 prefer

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
23
Q

Which function is included when Cisco AMP is added to web security?

A. detailed analytics of the unknown file’s behavior
B. multifactor, authentication-based user identity
C. threat prevention on an infected endpoint
D. phishing detection on emails

A

A. detailed analytics of the unknown file’s behavior

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
24
Q

An organization is moving toward the zero-trust model. Which Cisco solution enables administrators to deploy and control microsegmentation of endpoints that are connected to a Cisco Data Center Virtual Edge, Cisco Application Virtual Switch, Microsoft vSwitch, and VMware vSphere Distributed Switch?

A. Cisco Tetration
B. Cisco DCNM
C. Cisco Stealthwatch
D. Cisco ACI

A

D. Cisco ACI

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
25
Q

What is offered by an EPP solution but not an EDR solution?

A. investigation
B. containment
C. sandboxing
D. detection

A

C. sandboxing

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
26
Q

Which Cisco AMP feature allows an engineer to look back to trace past activities, such as file and process activity on an endpoint?

A. endpoint isolation
B. retrospective security
C. advanced search
D. advanced investigation

A

B. retrospective security

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
27
Q

Which feature is used in a push model to allow for session identification host reauthentication and session termination?

A. CoA request
B. carrier-grade NAT
C. AAA attributes
D. AV pair

A

A. CoA request

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
28
Q

What is the term for the concept of limiting communication between applications or containers on the same node?

A. software-defined access
B. microservicing
C. microsegmentation
D. container orchestration

A

C. microsegmentation

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
29
Q

An engineer is configuring Cisco WSA and needs to ensure end clients are protected against DNS spoofing attacks. Which deployment method accomplishes this goal?

A. transparent mode
B. Web Cache Communication Protocol
C. explicit forward
D. single-context mode

A

C. explicit forward

Explicit Proxy
- Client requests a website
- Browser connects first to WSA
- WSA connects to a website
- Firewall usually only allows web traffic from proxy
- DNS Resolutions done by WSA

Transparent Proxy
+ Client requests a website
+ Browser tries to connect to the website
+ Network Device redirects traffic to WSA using WCCP
+ WSA proxies the request
+ DNS Resolution is done by the Client

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
30
Q

Refer to the exhibit. What is the result of this Python script of the Cisco DNA Center API?

A. adds a switch to Cisco DNA Center
B. receives information about a switch
C. deletes a switch from Cisco DNA Center
D. adds authentication to a switch

A

A. adds a switch to Cisco DNA Center

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
31
Q

Which two configurations must be made on Cisco ISE and on Cisco TrustSec devices to force a session to be adjusted after a policy change is made? (Choose two.)

A. posture assessment
B. aaa authorization exec default local
C. tacacs-server host 10.1.1.250 key password
D. aaa server radius dynamic-author
E. CoA

A

D. aaa server radius dynamic-author

E. CoA

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
32
Q

Which Cisco network security device supports contextual awareness?

A. ISE
B. Cisco IOS
C. Cisco ASA
D. Firepower

A

D. Firepower

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
33
Q

When a next-generation endpoint security solution is selected for a company, what are two key deliverables that help justify the implementation? (Choose two.)

A. signature-based endpoint protection on company endpoints
B. email integration to protect endpoints from malicious content that is located in email
C. real-time feeds from global threat intelligence centers
D. macro-based protection to keep connected endpoints safe
E. continuous monitoring of all files that are located on connected endpoints

A

C. real-time feeds from global threat intelligence centers

E. continuous monitoring of all files that are located on connected endpoints

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
34
Q

A company recently discovered an attack propagating throughout their Windows network via a file named abc123456789xyz.exe. The malicious file was uploaded to a Simple Custom Detection list in the AMP for Endpoints Portal and the currently applied policy for the Windows clients was updated to reference the detection list. Verification testing scans on known infected systems shows that AMP for Endpoints is not detecting the presence of this file as an indicator of compromise. What must be performed to ensure detection of the malicious file?

A. Check the box in the policy configuration to send the file to Cisco Threat Grid for dynamic analysis.
B. Upload the malicious file to the Blocked Application Control List.
C. Upload the SHA-256 hash for the file to the Simple Custom Detection List.
D. Use an Advanced Custom Detection List instead of a Simple Custom Detection List.

A

C. Upload the SHA-256 hash for the file to the Simple Custom Detection List.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
35
Q

An engineer must set up 200 new laptops on a network and wants to prevent the users from moving their laptops around to simplify administration. Which switch port MAC address security setting must be used?

A. aging
B. static
C. sticky
D. maximum

A

C. sticky

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
36
Q

Which service allows a user export application usage and performance statistics with Cisco Application Visibility and Control?

A. NetFlow
B. SNORT
C. SNMP
D. 802.1X

A

A. NetFlow

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
37
Q

Which solution allows an administrator to provision, monitor, and secure mobile devices on Windows and Mac computers from a centralized dashboard?

A. Cisco Stealthwatch
B. Cisco Umbrella
C. Cisco AMP for Endpoints
D. Cisco ISE

A

D. Cisco ISE

the key is provisioning

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
38
Q

Which parameter is required when configuring a NetFlow exporter on a Cisco router?

A. exporter name
B. exporter description
C. source interface
D. DSCP value

A

A. exporter name

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
39
Q

Which type of encryption uses a public key and a private key?

A. nonlinear
B. symmetric
C. linear
D. asymmetric

A

D. asymmetric

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
40
Q

Which two authentication protocols are supported by the Cisco WSA? (Choose two.)

A. TLS
B. LDAP
C. SSL
D. WCCP
E. NTLM

A

B. LDAP

E. NTLM

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
41
Q

Which metric is used by the monitoring agent to collect and output packet loss and jitter information?

A. RTP performance
B. TCP performance
C. WSAv performance
D. AVC performance

A

A. RTP performance

42
Q

Drag and drop the VPN functions from the left onto the descriptions on the right.

  1. RSA
  2. AES
  3. SHA-1
  4. ISAKMP
  5. ensures data integrity
  6. defines ikesa
  7. ensures data confidentiality
  8. provies authentication
A

SHA-1 - ensures data integrity

ISAKMP - defines ikesa

AES - ensures data confidentiality

RSA - provies authentication

43
Q

Which direction do attackers encode data in DNS requests during exfiltration using DNS tunneling?

A. outbound
B. north-south
C. east-west
D. inbound

A

A. outbound

44
Q

Which Cisco Firewall solution requires zone definition?

A. CBAC
B. Cisco AMP
C. ZBFW
D. Cisco ASA

A

C. ZBFW

45
Q

Which firewall deployment mode allows inspection of traffic between servers in the same IP subnet?

A. routed
B. multicontext
C. virtual
D. transparent

A

D. transparent

46
Q

What are two functionalities of SDN southbound APIs? (Choose two.)

A. Southbound APIs from the interface between the SDN controller and business applications.
B. Application layer programs communicate with the SDN controller through the southbound APIs.
C. OpenFlow is a standardized southbound API protocol used between the SDN controller and the switch.
D. Southbound APIs form the interface between the SDN controller and the network switches and routers.
E. Southbound APIs provide a programmable interface for applications to configure the network.

A

C. OpenFlow is a standardized southbound API protocol used between the SDN controller and the switch.

D. Southbound APIs form the interface between the SDN controller and the network switches and routers.

47
Q

How does Cisco AMP for Endpoints provide next-generation protection?

A. It encrypts data on user endpoints to protect against ransomware.
B. It utilizes Cisco pxGrid, which allows AMP for Endpoints to pull threat feeds from threat intelligence centers.
C. It leverages an endpoint protection platform and endpoint detection and response.
D. It integrates with Cisco FTD devices.

A

C. It leverages an endpoint protection platform and endpoint detection and response.

48
Q

When MAB is configured for use within the 802.1X environment, an administrator must create a policy that allows the devices onto the network. Which information is used for the username and password?

A. The MAB uses the IP address as username and password.
B. The MAB uses the Call-Station-ID as username and password.
C. The MAB uses the MAC address as username and password.
D. Each device must be set manually by the administrator.

A

C. The MAB uses the MAC address as username and password.

49
Q

Which two VPN tunneling protocols support the use of IPsec to provide data integrity, authentication, and data encryption? (Choose two.)

A. Secure Socket Tunneling Protocol
B. OpenVPN
C. Generic Routing Encapsulation Protocol
D. Layer 2 Tunneling Protocol
E. Point-to-Point Tunneling Protocol

A

C. Generic Routing Encapsulation Protocol

D. Layer 2 Tunneling Protocol

50
Q

Refer to the exhibit. An engineer must configure a Cisco switch to perform PPP authentication via a TACACS server located at IP address 10.1.1.10. Authentication must fall back to the local database using the username LocalUser and password C1$c0445915422! if TACACS server is unreachable.

Drag and drop the commands from the left onto the corresponding configuration steps on the right.

  1. tacacs-server key
  2. aaa new-model
  3. aaa authentication ppp test group tacacs+ local
  4. tacacs-server host 10.1.1.10
  5. Enable the AAA security services
  6. Define the shared encryption password
  7. specify with TACACS server to use
  8. define authentication method
A

aaa new-mode - Enable the AAA security services

tacacs-server key - Define the shared encryption password

tacacs-server host 10.1.1.10 - specify with TACACS server to use

aaa authentication ppp test group tacacs+ local - define authentication method

51
Q

Which Cisco Umbrella package supports selective proxy for inspection of traffic from risky domains?

A. DNS Security Advantage
B. SIG Essentials
C. DNS Security Essentials
D. SIG Advantage

A

A. DNS Security Advantage

52
Q

What are the two distribution methods available to an administrator when performing a fresh rollout of the Cisco AnyConnect Secure Mobility Client? (Choose two.)

A. web deploy
B. SFTP
C. TFTP
D. cloud update
E. predeploy

A

A. web deploy

E. predeploy

53
Q

Which Cisco security solution integrates with cloud applications like Dropbox and Office 365 while protecting data from being exfiltrated?

A. Cisco Stealthwatch Cloud
B. Cisco Talos
C. Cisco Umbrella Investigate
D. Cisco Cloudlock

A

D. Cisco Cloudlock

54
Q

An engineer must configure Cisco AMP for Endpoints so that it contains a list of files that should not be executed by users. These files must not be quarantined. Which action meets this configuration requirement?

A. Modify the advanced custom detection list to include these files.
B. Add a list for simple custom detection.
C. Identify the network IPs and place them in a blocked list.
D. Create an application control blocked applications list.

A

D. Create an application control blocked applications list.

55
Q

What are two characteristics of the RESTful architecture used within Cisco DNA Center? (Choose two.)

A. REST codes can be compiled with any programming language.
B. REST uses HTTP to send a request to a web service.
C. The POST action replaces existing data at the URL path.
D. REST uses methods such as GET, PUT, POST, and DELETE.
E. REST is a Linux platform-based architecture.

A

B. REST uses HTTP to send a request to a web service.

D. REST uses methods such as GET, PUT, POST, and DELETE.

56
Q

A security audit recently revealed that an administrator is using the same password of C1$c0448845217 for his personal account across multiple systems. What must be implemented by the company to reduce the chances of this happening again?

A. centralized user authentication
B. role based access control
C. security awareness training
D. strict password policies

A

C. security awareness training

57
Q

Which type of algorithm provides the highest level of protection against brute-force attacks?

A. PFS
B. MD5
C. HMAC
D. SHA

A

D. SHA

58
Q

When a site-to-site VPN is configured in Cisco FMC, which topology is supported when crypto ACLs are used instead of protected networks to define interesting traffic?

A. hub-and-spoke
B. full mesh
C. DMVPN
D. point-to-point

A

D. point-to-point

59
Q

For Cisco IOS PKI, which two types of servers are used as a distribution point for CRLs? (Choose two.)

A. subordinate CA
B. HTTP
C. SDP
D. LDAP
E. SCP

A

B. HTTP

D. LDAP

it is correct

60
Q

An engineer is implementing DHCP security mechanisms and needs the ability to add additional attributes to profiles that are created within Cisco ISE. Which action accomplishes this task?

A. Use DHCP option 82 to ensure that the request is from a legitimate endpoint and send the information to Cisco ISE.

B. Define MAC-to-IP address mappings in the switch to ensure that rogue devices cannot get an IP address.

C. Modify the DHCP relay and point the IP address to Cisco ISE.

D. Configure DHCP snooping on the switch VLANs and trust the necessary interfaces.

A

D. Configure DHCP snooping on the switch VLANs and trust the necessary interfaces.

61
Q

The DHCP snooping database resides on router R1, and dynamic ARP inspection is configured only on switch SW2. Which ports must be configured as untrusted so that dynamic ARP inspection operates normally?

https://img.examtopics.com/350-701/image18.png

A. P2 and P3 only
B. P5, P6, and P7 only
C. P1, P2, P3, and P4 only
D. P2, P3, and P6 only

A

D. P2, P3, and P6 only

all interfaces from the switch except the DHCP one

62
Q

Which solution operates as a cloud-native CASB?

A. Cisco Stealthwatch Cloud
B. Cisco Umbrella
C. Cisco pxGrid
D. Cisco CloudLock

A

D. Cisco CloudLock

63
Q

Which entity is responsible for encrypting data in transit using an IaaS model versus a SaaS model?

A. Cloud Application Developer for IaaS and Cloud SLA Manager for SaaS

B. Cloud SLA Manager for IaaS and Cloud Application Developer for SaaS

C. Cloud Service Provider for IaaS and Cloud Service Customer for SaaS

D. Cloud Service Customer for IaaS and Cloud Service Provider for SaaS

A

D. Cloud Service Customer for IaaS and Cloud Service Provider for SaaS

64
Q

Which two aspects of the IaaS cloud service model are managed by the service provider? (Choose two.)

A. virtual machines
B. physical network
C. applications
D. hypervisors
E. virtual network

A

B. physical network

D. hypervisors

65
Q

For a given policy in Cisco Umbrella, how should a customer block websites based on a custom list?

A. by adding the website IP addresses to the Cisco Umbrella blocklist
B. by adding the websites to a blocked type destination list
C. by specifying blocked domains in the policy settings
D. by specifying the websites in a custom blocked category

A

B. by adding the websites to a blocked type destination list

66
Q

Which solution provides end-to-end visibility of applications and insights about application performance?

A. Cisco AppDynamics
B. Cisco Tetration
C. Cisco Secure Cloud Analytics
D. Cisco Cloudlock

A

A. Cisco AppDynamics

67
Q

An administrator needs to be able to have a router securely communicate with a network management system. The connections must be authenticated but not encrypted. While meeting these requirements, which command will create a group that allows a user on the network management system access to the router?

A. snmp-server group v3 auth
B. snmp-server group v3 priv write
C. snmp-server group v2c
D. snmp-server group v2c write

A

A. snmp-server group v3 auth

68
Q

Refer to the exhibit. An engineer must enable secure SSH protocols and enters this configuration. What are two results of running this set of commands on a Cisco router? (Choose two.)

RouterA(config) crypto key generate rsa general-keys label SSH modules 2048
RouterA(config) ip ssh rsa keypair-name SSH
RouterA(config) ip ssh version 2

A. generates RSA key pairs on the router
B. enables SSHv1 on the router
C. uses the FQDN with the label command
D. labels the key pairs to be used for SSH
E. generates AES key pairs on the router

A

A. generates RSA key pairs on the router

D. labels the key pairs to be used for SSH

69
Q

Which algorithm does ISAKMP use to securely derive encryption and integrity keys?

A. RSA
B. AES
C. 3DES
D. Diffie-Hellman

A

D. Diffie-Hellman

70
Q

Which two activities are performed using Cisco DNA Center? (Choose two.)

A. accounting
B. design
C. provision
D. DNS
E. DHCP

A

B. design

C. provision

71
Q

A network administrator is setting up a site-to-site VPN from a Cisco FTD to a cloud environment. After the administrator configures the VPN on both sides, they still cannot reach the cloud environment. Which command must the administrator run on the FTD to verify that the VPN is encrypting traffic in both directions?

A. show crypto ipsec sa
B. show crypto ipsec stats
C. show vpn-sessiondb detail l2l
D. show crypto isakmp sa

A

A. show crypto ipsec sa

72
Q

An organization is using CSR1000v routers in their private cloud infrastructure. They must upgrade their code to address vulnerabilities within their running code version. Who is responsible for these upgrades?

A. The organization must update the code for the devices they manage.

B. The cloud vendor is responsible for updating all code hosted in the cloud.

C. The cloud service provider must be asked to perform the upgrade.

D. The CSR1000v is upgraded automatically as new code becomes available.

A

A. The organization must update the code for the devices they manage.

73
Q

Which two tasks are required when a decryption policy is implemented on a Cisco WSA? (Choose two.)

A. Configure invalid certificate handling.
B. Upload a root certificate and private key.
C. Enable real-time revocation status checking.
D. Enable HTTPS attack protection.
E. Enable the HTTPS proxy.

A

B. Upload a root certificate and private key.

E. Enable the HTTPS proxy.

74
Q

An organization wants to reduce their attack surface for cloud applications. They want to understand application communications, detect abnormal application behavior, and detect vulnerabilities within the applications. Which action accomplishes this task?

A. Configure Cisco Tetration to detect anomalies and vulnerabilities.

B. Modify the Cisco Duo configuration to restrict access between applications.

C. Use Cisco ISE to provide application visibility and restrict access to them.

D. Implement Cisco Umbrella to control the access each application is granted.

A

A. Configure Cisco Tetration to detect anomalies and vulnerabilities.

75
Q

Which Cisco AnyConnect module is integrated with Splunk Enterprise to provide monitoring capabilities to administrators to allow them to view endpoint application usage?

A. AMP Enabler

B. Umbrella Roaming Security

C. ISE Posture

D. Network Visibility

A

D. Network Visibility

76
Q

What describes the function of the crypto isakmp key C1$c451090787 address 0.0.0.0 0.0.0.0 command when configuring an IPsec VPN tunnel on a Cisco IOS router?

A. It allows connections from any hosts using the defined preshared key.

B. It defines that all data is going to be encrypted via the VPN.

C. It configures the IP address and subnet mask of the VPN server.

D. It drops spoofed VPN traffic using 0.0.0.0 as the source or destination IP address.

A

A. It allows connections from any hosts using the defined preshared key.

77
Q

Which common threat can be prevented by implementing port security on switch ports?

A. VLAN hopping attacks
B. spoofing attacks
C. denial-of-service attacks
D. eavesdropping attacks

A

B. spoofing attacks

78
Q

What is the ideal deployment mode to use when you need to manage separate security policies for multiple customers on a Cisco ASA device?

A. spanned cluster mode
B. IRB mode
C. VRF mode
D. multiple context mode

A

D. multiple context mode

79
Q

In which cloud services model is the customer responsible for scanning for and mitigation of application vulnerabilities?

A. VMaaS
B. IaaS
C. PaaS
D. SaaS

A

B. IaaS

80
Q

What is a benefit of a Cisco Secure Email Gateway Virtual as compared to a physical Secure Email Gateway?

A. simplifies the distribution of software updates
B. enables the allocation of additional resources
C. provides an automated setup process
D. provides faster performance

A

B. enables the allocation of additional resources

81
Q

What is the purpose of a denial-of-service attack?

A. to prevent or limit access to data on a computer system by encrypting it
B. to exploit a security vulnerability on a computer system to steal sensitive information
C. to spread throughout a computer system by self-replicating to additional hosts
D. to disrupt the normal operation of a targeted system by overwhelming it

A

D. to disrupt the normal operation of a targeted system by overwhelming it

82
Q

A security engineer must add destinations into a destination list in Cisco Umbrella. What describes the application of these changes?

A. The changes are applied only after the configuration is saved in Cisco Umbrella.
B. The user role of Block Page Bypass or higher is needed to perform these changes.
C. The changes are applied immediately if the destination list is part of a policy.
D. The destination list must be removed from the policy before changes are made to it.

A

C. The changes are applied immediately if the destination list is part of a policy.

83
Q

Which file type is supported when performing a bulk upload of destinations into a destination list on Cisco Umbrella?

A. XLS
B. RTF
C. TXT
D. CSV

A

D. CSV

84
Q

A company has 5000 Windows users on its campus. Which two precautions should IT take to prevent WannaCry ransomware from spreading to all clients? (Choose two.)

A. Put all company users in the trusted segment of NGFW and put all servers to the DMZ segment of the Cisco NGFW.
B. Segment different departments to different IP blocks and enable Dynamic ARP Inspection on all VLANs.
C. Ensure that noncompliant endpoints are segmented off to contain any potential damage.
D. Ensure that a user cannot enter the network of another department.
E. Perform a posture check to allow only network access to those Windows devices that are already patched.

A

C. Ensure that noncompliant endpoints are segmented off to contain any potential damage.

E. Perform a posture check to allow only network access to those Windows devices that are already patched.

85
Q

An engineer is configuring a Cisco Secure Email Cloud Gateway instance to send logs to an external server for auditing. For security purposes, a username and SSH key with the fingerprint d0:46:03:8e:d7:f1:bb:9b:33:13:94:60:49:da:9b:e3 has been generated on the remote log server that accepts only the SSHv2 protocol. Which log retrieval method must be configured in the log subscription?

A. syslog push
B. manually download
C. SCP push
D. FTP push

A

C. SCP push

86
Q

What is a difference between GRE over IPsec and IPsec with crypto map?

A. GRE provides its own encryption mechanism.
B. Multicast traffic is supported by IPsec with crypto map.
C. IPsec with crypto map offers better scalability.
D. GRE over IPsec supports non-IP protocols.

A

D. GRE over IPsec supports non-IP protocols.

87
Q

An engineer configured 802.1X authentication on a switch port but cannot authenticate. Which action must the engineer take to validate if the user credentials are correct?

A. Check the logs of the authentication server for the username and authentication rejection logs.
B. Check policy enforcement point for the authentication mechanism and credentials used.
C. Check the supplicant logs for the username and password entered, then check the authentication provider.
D. Check the authenticator and view the debug logs for the username and password.

A

A. Check the logs of the authentication server for the username and authentication rejection logs.

88
Q

Which feature only implements on the Cisco ASA in the transparent mode?

A. inspect application layer of the traffic sent between hosts
B. stateful inspection
C. inspect traffic between hosts in the same subnet
D. inspect anycast traffic

A

C. inspect traffic between hosts in the same subnet

89
Q

Which two devices support WCCP for traffic redirection? (Choose two.)

A. Cisco IOS
B. Cisco Secure Web Appliance
C. Cisco IPS
D. proxy server
E. Cisco ASA

A

A. Cisco IOS

E. Cisco ASA

90
Q

Which two types of connectors are used to generate telemetry data from IPFIX records in a Cisco Secure Workload implementation? (Choose two.)

A. NetFlow
B. Cisco Secure Workload
C. Cisco ASA
D. ERSPAN
E. ADC

A

A. NetFlow

D. ERSPAN

91
Q

An engineer is configuring Cisco Secure Web Appliance and needs to deploy it in transparent mode. Which configuration component must be used to accomplish this goal?

A. MDA on the router
B. WCCP on switch
C. PBR on Cisco Secure Web Appliance
D. DNS resolution on Cisco Secure Web Appliance

A

B. WCCP on switch

92
Q

Which two algorithms must be used when an engineer is creating a connection that will have classified data across it? (Choose two.)

A. RSA-3072
B. ECDSA-256
C. AES-256
D. RC4
E. SHA-384

A

C. AES-256

E. SHA-384

93
Q

Which process is used to obtain a certificate from a CA?

A. enrollment
B. registration
C. approval
D. signing

A

A. enrollment

94
Q

Which method must be used to connect Cisco Secure Workload to external orchestrators at a client site when the client does not allow incoming connections?

A. destination NAT
B. reverse tunnel
C. source NAT
D. GRE tunnel

A

B. reverse tunnel

95
Q

Which two methods are valid to be included in an authentication method list? (Choose two.)

A. default
B. login
C. console
D. line
E. enable

A

B. login

E. enable

96
Q

A network administrator is shipping a Cisco ASA to a remote retail site. The administrator wants to ensure that the device configuration cannot be accessed by someone at the site with physical access and a console cable. Which command must be used to mitigate this risk?

A. aaa authentication console
B. config-register 0x00000041
C. no service password-recovery
D. no service sw-reset-button

A

C. no service password-recovery

97
Q

Which Cisco platform provides an agentless solution to provide visibility across the network including encrypted traffic analytics to detect malware in encrypted traffic without the need for decryption?

A. Cisco Secure Network Analytics
B. Cisco ISE
C. Cisco AMP
D. Cisco Secure Client

A

A. Cisco Secure Network Analytics

98
Q

Which two products are used to forecast capacity needs accurately in real time? (Choose two.)

A. Cisco Secure Workload
B. Cisco Cloudlock
C. Cisco Umbrella
D. Cisco AppDynamics
E. Cisco Workload Optimization Manager

A

D. Cisco AppDynamics

E. Cisco Workload Optimization Manager

99
Q

A Cisco Secure Cloud Analytics administrator is setting up a private network monitor sensor to monitor an on-premises environment. Which two pieces of information from the sensor are used to link to the Secure Cloud Analytics portal? (Choose two.)

A. private IP address
B. unique service key
C. SSL certificate
D. public IP address
E. NAT ID

A

B. unique service key

D. public IP address

100
Q

A network administrator is setting up Cisco FMC to send logs to Cisco Security Analytics and Logging (SaaS). The network administrator is anticipating a high volume of logging events from the firewalls and wants to limit the strain on firewall resources. Which method must the administrator use to send these logs to Cisco Security Analytics and Logging?

A. direct connection using SNMP traps
B. HTTP POST using the Security Analytics FMC plugin
C. syslog using the Secure Event Connector
D. SFTP using the FMC CLI

A

C. syslog using the Secure Event Connector

my cards (7 decks)

Brainscape helps you reach your goals faster, through stronger study habits.
© 2024 Bold Learning Solutions. Terms and Conditions