QUESTION 81
Which deployment approach must be used to prevent harmful traffic spreading at branch sites?
A. antimalware module of the firewall
B. intrusion prevention system at the branch
C. intrusion detection system at the branch
D. antivirus module of the firewall
Correct Answer: A
QUESTION 82
What is the purpose of the Structured Threat Information expression?
A. cyber threat intelligence maintenance
B. sharing of cyber threat information
C. stealing sensitive information
D. fast and intelligent responses
Correct Answer: B
QUESTION 83
A web hosting company must upgrade its older, unsupported on-premises servers. The company wants a cloud solution in which the cloud provider is responsible for:
1. Server patching
2. Application maintenance
3. Data center security
4. Disaster recovery
Which type of cloud meets the requirements?
A. hybrid
B. SaaS
C. IaaS
D. PaaS
Correct Answer: B
QUESTION 84
An email containing a URL passes through the Cisco Secure Email Gateway. Content filtering is disabled for all mail policies. The sender of the mail is [email protected] while the recipient is [email protected]. The subject of the email is Important Document. An administrator must configure a policy to ensure that the web reputation score is evaluated before permitting the email. Which criteria must be configured to meet the requirement?
A. subject contains Important Document
B. mail recipient is [email protected]
C. email body contains a URL
D. sender matches domain test.com
Correct Answer: C
QUESTION 85
What is a difference between a buffer overflow vulnerability and a race condition?
A. Buffer overflow causes complete corruption of all data on the shared state, and a race condition causes the entire system to crash.
B. Buffer overflow occurs when a process writes more data than the buffer holds, and a race condition occurs when an application performs multiple operations simultaneously.
C. Buffer overflow occurs after a system performs a security control on a resource, and a race condition occurs before a system performs an action on a resource.
D. Buffer overflow is caused when multiple processes are all depending on the shared state, and a race condition is caused by coding errors.
Correct Answer: B
QUESTION 86
Which solution combines Cisco IOS and IOS XE components to enable administrators to recognize applications, collect and send network metrics to Cisco Prime and other third-party management tools, and prioritize application traffic?
A. Cisco Application Visibility and Control
B. Cisco DNA Center
C. Cisco Model Driven Telemetry
D. Cisco Security Intelligence
Correct Answer: A
QUESTION 87
Which cloud service model offers an environment for cloud consumers to develop and deploy applications without needing to manage or maintain the underlying cloud infrastructure?
A. IaaS
B. XaaS
C. PaaS
D. SaaS
Correct Answer: C
QUESTION 88
Which API is used for Content Security?
A. AsyncOS API
B. OpenVuln API
C. IOS XR API
D. NX-OS API
Correct Answer: A
QUESTION 89
What is the difference between deceptive phishing and spear phishing?
A. A spear phishing campaign is aimed at a specific person versus a group of people.
B. Deceptive phishing is an attacked aimed at a specific user in the organization who holds a C-level role.
C. Deceptive phishing hijacks and manipulates the DNS server of the victim and redirects the user to a false webpage.
D. Spear phishing is when the attack is aimed at the C-level executives of an organization
Correct Answer: A
QUESTION 90
Which PKI enrollment method allows the user to separate authentication and enrollment actions and also provides an option to specify HTTP/TFTP commands to perform file retrieval from the server?
A. url
B. profile
C. terminal
D. selfsigned
Correct Answer: B
QUESTION 91
What are two reasons for implementing a multifactor authentication solution such as Cisco Duo Security provide to an organization? (Choose two.)
A. identification and correction of application vulnerabilities before allowing access to resources
B. secure access to on-premises and cloud applications
C. integration with 802.1x security using native Microsoft Windows supplicant
D. single sign-on access to on-premises and cloud applications
E. flexibility of different methods of 2FA such as phone callbacks, SMS passcodes, and push notifications
Correct Answer: BE
QUESTION 92
In which situation should an Endpoint Detection and Response solution be chosen versus an Endpoint Protection Platform?
A. when there is a need for traditional anti-malware detection
B. when there is no firewall on the network
C. when there is no need to have the solution centrally managed
D. when there is a need to have more advanced detection capabilities
Correct Answer: D
QUESTION 93
A network administrator needs to find out what assets currently exist on the network. Third party systems need to be able to feed host data into Cisco Firepower. What must be configured to accomplish this?
A. a File Analysis policy to send file data into Cisco Firepower
B. a Network Analysis policy to receive NetFlow data from the host
C. a Threat Intelligence policy to download the data from the host
D. a Network Discovery policy to receive data from the host
Correct Answer: D
QUESTION 94
Which two protocols must be configured to authenticate end users to the Cisco WSA? (Choose two.)
A. CHAP
B. Kerberos
C. RADIUS
D. TACACS+
E. NTLMSSP
Correct Answer: BE
QUESTION 95
Which two products are used to forecast capacity needs accurately in real time? (Choose two.)
A. Cisco AppDynamics
B. Cisco Tetration
C. Cisco Cloudlock
D. Cisco Umbrella
E. Cisco Workload Optimization Manager
Correct Answer: AE
QUESTION 96
An organization is implementing URL blocking using Cisco Umbrella. The users are able to go to some sites but other sites are not accessible due to an error. Why is the error occurring?
A. IP-Layer Enforcement is not configured.
B. Intelligent proxy and SSL decryption is disabled in the policy.
C. Client computers do not have an SSL certificate deployed from an internal CA server.
D. Client computers do not have the Cisco Umbrella Root CA certificate installed.
Correct Answer: D
QUESTION 97
For Cisco IOS PKI, which two types of servers are used as a distribution point for CRLs? (Choose two.)
A. subordinate CA
B. SCP
C. LDAP
D. SDP
E. HTTP
Correct Answer: CE
QUESTION 98
A security engineer deploying Cisco Secure Client on endpoints so that remote users can access corporate resources. A Cisco router is used as VPN Concentrator and configured as Flex VPN server. VPN uses a local authentication for the lKEv2 profile. Which configuration profile to allow a successful Secure Client connection to the router?
A. Enable Split Tunnelling in the VPN profile.
B. Add router IP address as trusted in the Policy.
C. Configure IPsec Authentication method to EAP-Secure Client.
D. Set DNS server address to internal corporate DNS.
Correct Answer: D
QUESTION 99
An engineer must configure an email policy to create an incident every time an outbound email that contains financial records is sent. Which Cisco Secure Email Gateway feature must be configured?
A. mail flow policy
B. verification profile
C. exception table
D. data loss prevention policy
Correct Answer: D
QUESTION 100
How is ICMP used as an exfiltration technique?
A. by encrypting the payload in an ICMP packet to carry out command and control tasks on a compromised host
B. by overwhelming a targeted host with ICMP echo-request packets
C. by flooding the destination host with unreachable packets
D. by sending large numbers of ICMP packets with a targeted hosts source IP address using an IP broadcast address
Correct Answer: A
We use cookies to improve your experience, including essential cookies required for the website to function. By continuing, you agree to our use of cookies. Learn more.
We use cookies to help you navigate efficiently and perform certain functions. You will find detailed information about all cookies under each consent category below.
Necessary cookies are required to enable the basic features of this site, such as providing secure log-in or adjusting your consent preferences. These cookies do not store any personally identifiable data.
Analytical cookies are used to understand how visitors interact with the website. These cookies help provide information on metrics such as the number of visitors, bounce rate, traffic source, etc.
Advertisement cookies are used to provide visitors with customised advertisements based on the pages you visited previously and to analyse the effectiveness of the ad campaigns.
Functional cookies help perform certain functionalities like sharing the content of the website on social media platforms, collecting feedback, and other third-party features.