QUESTION 41
An engineer is configuring Cisco Umbrella and has an identity that references two different policies. Which action ensures that the policy that the identity must use takes precedence over the second one?
A. Make the correct policy first in the policy order.
B. Place the policy with the most-specific configuration last in the policy order.
C. Configure only the policy with the most recently changed timestamp.
D. Configure the default policy to redirect the requests to the correct policy.
Correct Answer: A
QUESTION 42
Which technology provides the benefit of Layer 3 through Layer 7 innovative deep packet inspection, enabling the platform to identify and output various applications within the network traffic flows?
A. Cisco NBAR2
B. Cisco Prime Infrastructure
C. Cisco ASAv
D. Account on Resolution
Correct Answer: A
QUESTION 43
What does endpoint isolation in Cisco AMP for Endpoints security protect from?
A. an infection spreading across the LDAP or Active Directory domain from a user account
B. an infection spreading across the network
C. a malware spreading across the user device
D. a malware spreading across the LDAP or Active Directory domain from a user account
Correct Answer: B
QUESTION 44
Which two commands are required when configuring a flow-export action on a Cisco ASA? (Choose two.)
A. flow-export event-type
B. access-group
C. policy-map
D. access-list
E. flow-export template timeout-rate 15
Correct Answer: AC
QUESTION 45
What are two functions of lKEv1 but not lKEv2? (Choose two.)
A. IKEv1 uses EAP for authentication.
B. NAT-T is supported in lKEv1 but not in lKEv2.
C. With lKEv1, aggressive mode negotiates faster than main mode.
D. IKEv1 conversations are initiated by the IKE_SA_INIT message.
E. With IKEv1, when using aggressive mode, the initiator and responder identities are passed in cleartext.
Correct Answer: CE
QUESTION 46
What is a capability of Cisco ASA NetFlow?
A. It logs all event types only to the same collector.
B. It generates NSEL events even if the MPF is not configured.
C. It sends NetFlow data records from active and standby ASAs in an active-standby failover pair.
D. It filters NSEL events based on traffic.
Correct Answer: D
QUESTION 47
Which Cisco solution secures the cloud users, data, and applications with the cloud-native CASB and cloud cybersecurity platform?
A. Cisco CloudLock
B. Cisco Stealthwatch
C. Cisco Appdynamics
D. Cisco Umbrella
Correct Answer: A
QUESTION 48
Which Cisco AnyConnect module is integrated with Splunk Enterprise to provide monitoring capabilities to administrators to allow them to view endpoint application usage?
A. Network Visibility
B. Umbrella Roaming Security
C. ISE Posture
D. AMP Enabler
Correct Answer: A
QUESTION 49
A network engineer must use the Cisco DNA Center API to create a configuration template to provision a device. Which two method and endpoint pairs must be used to create the template? (Choose two.)
A. POST /dna/intent/api/v1/template-programmer/template/version
B. POST /dna/intent/api/v1/template-programmer/project/{project_id)/template
C. POST /dna/intent/api/v1/discovery
D. GET /dna/intent/api/vi/global-pool
E. GET /dna/intent/api/v1/global-credential/{credential_id}
Correct Answer: AB
QUESTION 50
An engineer is deploying a Cisco Secure Email Gateway and must ensure it reaches the Cisco update servers to retrieve new rules. The engineer must now manually configure the Outbreak Filter rules on an AsyncOS for Cisco Secure Email Gateway Only outdated rules must be replaced. Up-to-date rules must be retained. Which action must the engineer take next to complete the configuration?
A. Perform a backuplrestore of the database.
B. Select Outbreak Filters.
C. Click Update Rules Now.
D. Use the outbreakconfig command in CLI.
Correct Answer: C
QUESTION 51
What must be configured on Cisco Secure Endpoint to create a custom detection file list to detect and quarantine future files?
A. Configure an application control allowed applications list to block the files.
B. Use the simple custom detection feature and add each detection to the list.
C. Create an advanced custom detection and upload the hash of each file.
D. Add a network IP block allowed list to the configuration and add the blocked files.
Correct Answer: B
QUESTION 52
An engineer must deploy a Cisco Secure Web Appliance. Antimalware scanning must use the Outbreak Heuristic antimalware category on files identified as malware before performing any other processes. What must be configured on the Secure Web Appliance to meet the requirements?
A. Adaptive Scanning
B. McAfee scanning engine
C. Webroot scanning engine
D. Sophos scanning engine
Correct Answer: D
QUESTION 53
How does Cisco Secure Endpoint exclude server IP addresses and ports from detection?
A. Allowed Applications
B. Simple Custom Detections
C. Advanced Custom Detections
D. IP allow list
Correct Answer: D
QUESTION 54
Which feature is configured in Cisco Umbrella to block domains if they host malware, command-and-control, or phishing content?
A. Security Category Blocking
B. File Analysis
C. Content Category Blocking
D. Application Control
Correct Answer: A
QUESTION 55
Which two VPN tunneling protocols support the use of IPsec to provide data integrity, authentication, and data encryption? (Choose two.)
A. Layer 2 Tunneling Protocol
B. Point-to-Point Tunneling Protocol
C. Generic Routing Encapsulation Protocol
D. Secure Socket Tunneling Protocol
E. OpenVPN
Correct Answer: AC
QUESTION 56
What is offered by an EPP solution but not an EDR solution?
A. sandboxing
B. detection
C. containment
D. investigation
Correct Answer: A
QUESTION 57
A security engineer has recently deployed Cisco Secure Endpoint in an organization. The engineer needs to prevent an endpoint from potential unknown malware with real-time analysis of the endpoint activities. Which feature must be configured to meet the requirement?
A. Cisco Application Visibility and Control
B. Continuous Behavioral Monitoring
C. Orbital Advanced Search
D. Dynamic File Analysis
Correct Answer: B
QUESTION 58
What is a characteristic of the zero-trust security model?
A. Access is granted once then persists across applications.
B. User access keys are time limited for application usage.
C. Access for all devices must be verified.
D. Access is distributed across multiple cloud providers.
Correct Answer: C
QUESTION 59
Which key feature of Cisco ZFW is unique among other Cisco IOS firewall solutions?
A. stateless inspection
B. SSL inspection
C. security levels
D. security zones
Correct Answer: D
QUESTION 60
An administrator needs to configure the Cisco ASA via ASDM such that the network management system can actively monitor the host using SNMPv3. Which two tasks must be performed for this configuration? (Choose two.)
A. Specify an SNMP user group
B. Add an SNMP USM entry.
C. Specify a community string.
D. Specify the SNMP manager and UDP port.
E. Add an SNMP host access entry.
Correct Answer: AE
We use cookies to improve your experience, including essential cookies required for the website to function. By continuing, you agree to our use of cookies. Learn more.
We use cookies to help you navigate efficiently and perform certain functions. You will find detailed information about all cookies under each consent category below.
Necessary cookies are required to enable the basic features of this site, such as providing secure log-in or adjusting your consent preferences. These cookies do not store any personally identifiable data.
Analytical cookies are used to understand how visitors interact with the website. These cookies help provide information on metrics such as the number of visitors, bounce rate, traffic source, etc.
Advertisement cookies are used to provide visitors with customised advertisements based on the pages you visited previously and to analyse the effectiveness of the ad campaigns.
Functional cookies help perform certain functionalities like sharing the content of the website on social media platforms, collecting feedback, and other third-party features.