Lof299 Which functions of an SDN architecture require southbound APIs to enable communication? © A. SON contrllor and tho netwark elomorts © B. management console and the SDN controller © C. management console and the cloud (© D. SON conteller and the cleud EXPLANATION Arse A Your Answer No answer 20f 299 Which two request methods of REST API are valid on the Cisco ASA Platform? (Choose two.) A put B. options C. get E. connect EXPLANATION Answer: AC ‘Your Answer: No answer Reference: https ‘/imuw cisco comic/en/usid/docs/security/asa/api/esg-asa-api htmlBef! ‘The main function of nthbound APIs inthe SON architecture isto enable communication between which two ateas of network? © A SDN contr and the cous © 8. managomont console andthe SON contellor (© C. management console nd the cloud © 0 SOW contoie and the management soliton EXPLANATION Angmar. D Your Answer. No answer 4.0f299 ‘What is a feature of the open platiorm capabilities of Cisco DNA Center? OA. application adaptors O B. domain integration © C. intent-based APIs © D. automation adapters EXPLANATION Answer C Your Answer: No answorImport requests ‘alb2c3d4-e816-g7h8 url = 'https://api.amp.cisco.com/v1/computers' response = requests.get(url, auth=(client_id, api_key)) response_json = response json() for computer in response_json{ data]: network_addresses = Computer[network_addresses'] for network_interface in network_addresses: mac = network_interface.get('mac’) ip = network_interface get(p') ipv6 = network_interface.get(ipv6!) print(mac, ip, ipvé) Refar to the exhiot. What does the API do wihen connected to a Cisco security appliance? © A. create an SNMP pull mechanism for managing AMP © 8 gather network telemetry information trom AMP for endpoints © C. get the process and PID information from the computers in the network © D. gather the network interiace information about the computers AMP sees EXPLANATION Answer: D Your Answer: No answer6 of 299 Which form of attack is taunched using botnets? OA TCP Food O 8. DDos Oc. pos © D. vins EXPLANATION, Answer B Your Answer: Ne answer 7 0f 299 Ih which form of attack is alternate encoding, such as hexadecimal representation, most often obsened? OA smut OB. dictrbuted donial of sorico © ©. cross-site scripting O D. rootkit explot EXPLANATION, Answer: C Your Answer. No answer8 of 299 Which flaw does an attacker leverage when exoloiting SQL injection vulnerabilities? © A. user input validation in a web page or web application O & Linux and Windows operating systems O ©. database O D. web page images EXPLANATION Answer: C ‘Your Answer: No answer Roforance: https:!/toole. cisco. com/sacurity/cantor/recources/eql injection 90f2 ‘Whats the diflrence between decepine phishing and spear phishing? (© A. Deceptive phishing is an attacked aimed at a specific user inthe organization who holes a CHeel ale © 8. Acpoar phishing campaign is aimed a aspect person versus 2 group of people © ©. Spear phishing is when the attack is aimed othe Covel executives of an organization © Di Deceptive phishing hijacks and manipulates the DIS server ofthe victim and edrects the user 2 flse webpage Ansnae B ‘Your Answer! No answer10 of 299 Which two behavioral pattems characterize a ping of death attack? (Choose two.) |A. The attack is fragmented ino oroups of 16 octets before transmission B. The attack is Fagmented into groups of 8 actets before transmission C. Short synchronized bursts cf trafic are used to diupt TCP connections D. Malformed packets ate used to cash systems, E. Publicly accessible DNS servers are typically used to execute the attack. EXPLANATION Answer: BD ‘Your Answer: Ne answer Reference: htips len wikigedia org/wiki/Ping of death11 of 299 ‘Which two mechanisms are used to control phishing attacks? (Choose two.) A. Enable browser alerts for faudulent websites B. Define security group memberships. C. Revoke expired CRL of the websites D. Use antispyware sofware. E_ Implement email fitering techniques. EXPLANATION Answer: AE Your Answer: No answer12 0f 299 Which attack is commonly associcted with C and C++ programming languages? © A. crossssite seripting O 8. waterholing O ©. Dbes © 0. buter overtow EXPLANATION Answer: D ‘Your Answer: No answer Reierence: httos://en.vikipedia orghwikilBuffer overflow of: Which two prevention techniques are used to mitigate SOL injection attacks? (Choose two ) ‘A. Check integer, fot, or Boolean sting parameters to ensure accurate values. Use prepared statements and parameterized queries G. Secure the connection between the web and the app tier 1D. Wiite SOL code instoad of using object lational mapping Kova. _ Block SQL cade execution inthe web application database login EXPLANATION. Answer: AB ‘Your Answer’ No answer Reference: tps len mkicedia orglvik/SQL. injection14 of 299 Which two kinds of ettecks are prevented by multifactor authentication? (Choose two.) A. phishing B. bute force C. man-in-the-middle D. DDoS E. tear drop EXPLANATION Answer: BC Your Answer: No answer15 of 299 ‘What are two rootkit types? (Choose two.) A. registy B. buffer mode C. user mode D. bootloader EXPLANATION ‘Answer: CD Your Answer: No answer 16 of How is ONS tuning used te exits date out a crpnate nena? (© A. leresages the ONS sere by prmiting recursive leokupa to spread the atack to ether DNS sener2 (© BH encedes he payload with random characters that te boken ino hot sings andthe ONS sane ebuild the extitated dats (© © Mredrects DNS rqussts to 2 macioussoner used to soa usar credentials, which alows thar damage and that nthe nets (© i. sarap ONS sence by rolacing the actual Paderss with a rogue adeees to calc infra er stan ter stacks [EXPLANATION Arava B ‘Your Answer. Na answer17 of 299 Which type of attack is social engineering? O A trojan O8 mm O © phishing © D. maiware EXPLANATION Answer: C ‘Your Answer: No answer 18 of 299 What are two DDoS attack categories? (Choose two.) A. protocol B. scurce-based D. sequential E. volume-based EXPLANATION Answer AE Your Answer. No answer19 of 299 ln which type of tae does the attacker inser thet machine between tno host that are communicating win each other? © A maninheidle OB LDAP injection ©. insecure API © D. cross.site scripting EXPLANATION newer A Your Answer: No answer 20 of 2 How does Cisco Advanced Phishing Protection protect usets? © A. Itutiizes concave that sand massages cecuraly. © 8B. ttusos machine leaming and real-time behavior analytics. © ©. Itvaldates the sender by using DKIML © D. Itdetermines which identities ae perceived by the sender EXPLANATION Answer D Your Answor: No answer21.0f 299 How does DNS Tunneling extvate data? © A. An attacker registers a domain that a chont connect to based on ONS records and sends malware through tht conection © B.A stacker opens a raverse DNS shal to gel into the cln's system and install malware on © © Anatacker sends an email tothe target wih hidden DIS reshers init to redect them to 2 malicious domain. © D. An attacker uses a non-standard DNS pot te gain access to the organizations ONS series in ode o poison the esoutons. Answer A, ‘Your Answer: No ansvar Ot wentine tna (08 weet ten aes Cte BTS eee caver: Asean et eaten on ai pat ep (0 se24 0f299 che pes esis eed con cae efitng? (Shoe ts) A. Ena cere seven on a eros bss 5. ears coment ouput ecesraeacopag. Disb cok npn the HTL apn soi, 1D. Rum orenates HTL nd tHogh on HTML santzaon gw Samesta cae sneha not bows cosa 8 Near dnawor Ns nse 25 of 299 Which threat invols software being used to gain unauthorized access to a comouter system? OA bing of death OB. HTTP food O © NIP ampliication O D. wns EXPLANATION Answer: D ‘Your Answer: No answer25 of 299 Which threat invohes software being used to gain unauthorized access to a computer systern? © A ping of death © B. HTP food © C NIP ampification O D. wins EXPLANATION Anewor: D Your Answer: No answer 26 of 299 ‘Which two eapabiles does TAG support? (Choose te) A exchange 8. pullmessaging ©. Binding D. correlation mitigating EXPLANATION Anema. BC Your Anwet: No answer2rof299 mete cha condone ae pout fr cael seer asc Choos) 1% Only h IKE congwion ha ist pon ate dice must edict en the tamby de, the Pes ariguntn cp oat 1. Tho ai and snd dices can un fern verso the Cio 108 wae bt mu the ame ype ce .TholPee carigrntn tt et pane aie doce mat be apa on he say ce 1D. On tePae congo tats et pen te acne ence ma peed the sandy dee he KE cakguatn capers Thea and ati des muni the same eran te Cnc OS safe and meat he ae ype ace 28 of 299 Which algorithm prides encryption and authontication fr deta plane communication? OA Aescom OB sass Oc Aes.256 OD Sasa [BIPLANATION Anawer A ‘Your Answer No answer30 of 299 ‘Which two key and block sizos aro valid for AES? (Choose two.) A. 64-bt block sizo, 112-bt key longth B. GLbt block size, 160-i key length ©. 128-bit block size, 192-bit key length D128. block size, 256-bit key length E. 192.bt block size, 256-bit key length EXPLANATION Answer: CD Your Ancwar: No answer Reference: hitos:/ien wiki KitAovanced, ton Standare31 of 299 Which two descriptions of AES encryption are true? (Choose two.) A. AES is less secure than 3DES. B._ AES ie more eocure than 3DES ©. AES can use 2 168-bit key for encryption D. AES can use 2 256-bit key for encryption E. AES enciypts and deciypls a key thee times in sequence. EXPLANATION Answer. BD Your Answer: No answer Reference: https://gpdb decs pivotal.io/43190/admin_quide/topics/ipsec htm! net SESE A ree Ons 08 mee Oe pene 00 ameHote Met © Bowe Fate gana dps fon otc pte a we Soria sen on ects ca pte ian34 0f 209 “ich VEN technology can suppot a mulivndor enorme and secur alc betwen sos? O& ssiven © & cerven © © ewen © 0 owen 3501299 se ‘ie too st vad opt a VP conmetny among company Macs ra ae clad th arya cate crm? 8 oven 0.8 mewn 0.6 Peco © 0 cerven soot799 me (esses! nati comment ten UVP PP chest © A an Nt ay agin wel HE © 6. Pawo ns os. nye comme Spe © © 105 mame rth ae EP ce DIN nd Fa (© ©: es an aia ae ating tin37 of 209 5 Mare ‘ich pote poste sang aug peormance when wing sce AnjComect VEU? 4 ons 8 ns0 Oe ment Oo nsaz 3601299 Mk hich gaupnthin Cco rtes an bobs a wae nent te cymes ens nme bagi ant ee e? OA rao 08 Psst Oc som 00 omer Your Bose: anne 390f299 When Cisco and atherindustry ergenizations push and inform vets of known sscurty ings eng lnerebities, which name is used? (© A. Common Vunerabities, Expats and Testa (© B Common Vunerabities ané Exposures © ©. Comman Expats and Vulerabities © ©. Conman Security Exits XLANATION Anower 8 ‘Your Ansver Mo answerWhich tne features of Cisco DNA Center are used in a Sefiware Defined Network solution? (Choose two.) A. accounting B. assurance C. automation . authentication E. encryption EXPLANATION Answer: BC Your Answer. No answer Reference: hiips thwm cisco conve/en/uslerosuets/cloud.cyctems-management/dna-centev/indax him 41 of 299 ‘What provdes the abilty to program and monitor networks ftom somewhere cther than the DNAC GUI? O 4 asoM OB NetFlow Oc AP © D. dosktop clisnt EXPLANATION Answer: C Your Answer: No anewer42 of 299 ‘What is a function of 3DES in reference to cryptography? O A. Itencrypts traffic. O B. Itcreates one-time use passwords. © . Ithashes files. © D. te gonorates private keys. EXPLANATION Answer: A Your Answer No answer aan Ci me SSSI A et sasiaea Cee (SSS a sows OA set 08 eam ocw O° pute2501299 0 wat Yoh yf2 oA a eigen sey splenic wt a iad eno sei td x pc ey ht? OA satan At © 8 west ar 0 6 casts 92, © ©. nemaoins A 4s 0f209 2 mane Wichiype a Ang asd whe scan nie acorns sed nar che aba pec nay et? © A soamins at © 8 wnat 1 © © cesta © reminnt ananeeD "Your Asia No asia (0A outa tetm e 08 onsen 06 emteatenne (00 mayne cnn ete47 of 299 ‘What is the function of SDN southbound API protocols? © A to allow for the static configuration of contral plane applications CO B. to enable the coniroller to use REST © . to enable the controler to meke changes © D. tw allow forthe dynamic configuration of contol plane applications EXPLANATION, Answer: C ‘Your Answer: No answer oa ta Sense ot nnn nthe as en eleaennetat at teata2 awe tse ew pe ep es et eg tei a9 0f209 2 men Whats the itronce tae Cost Siting ac SOL gtan stacks? OA Conrate Sct inuhen eecanee acapanton a acd whee SOL ncn s when dates mance (© 8 Oreste Seem isan atack we codec exseuod hom the snes, whsas SOL ston an ack hoe code axes om cr i (© © Coseate seeing na bt teeeoack ageing ete te, mess SOL Iseon 8 S606 engseng aah 0 9 Coseate Sciging ican atch coos ined iox datas, nhs SOL rchon an tack aes cde jected ie 2 ows souls Met stoma ose gmt pce ty to tts00f299 moe GS ESTEATY 8 reser 51 of 299 ‘Which type of dashboard does Cisco DNA Center provide for complete control of the network? O A distributed management O B. senice management © © application management © D. centralized management EXPLANATION ‘Answer: D Your Answer: No answerimport requests url = https: //api.amp.cisco.com/vi/computers headers = ( vaccept’: ‘application/}son’ , ‘content-type’: ‘application/json’, sauthorization’: “Basic © 8: ip fow-oxpotdostnation 1.1.1.1 2065, © ©. fow-sxport destination inside 1.1.1.1 2086 © D. ip ow monitor input |LANATION Answer: © Your Answer: No answer 83 of 299 [Which two tasks allow Retlow on a Cisco ASA 5500 Serie frewall? (Choese to) ‘A. Define 8 NetFlow collector by usin the fow-export commend 1B. Choate a class map to match inorsting Wale Create an ACL to aon UDP tafe on por 9995 . Enable NetFlow Version 3 Apply NetFiow Exporter tothe outside intrace in the inbound direction BALANATION Answer AE. ‘Your Answer, No answera efze9 4g Router (config)# username HQ Router (config) privilege HQ_Router (config) privilege QURouter (config) #privilege Dt Ose: adnin§ privilege § Anverface level § shutdown interface level § ip interface level § description ‘rte esib Art ara congue cord atorze tenn set Wht the arse aD So on MORO el hs coger? OA ent atten fantte 08 assets (© © camino computes (© cami tcntayaton me SAGE eae one te ecg 5 mn cpap nee nn i (0 4 Cagete pds i pt 08 Cae tecedte edi 06 feta omeint een erenconter’86 of 299 How many interfaces per bridge group doos an ASA bridge group deployment support? OA upto 16 OB upto2 O © upto4 OD wpe EXPLANATION ‘Answer: C Your Answer: No answor os Se kee ae (0-8 owner at heron ae © & panes pena oe VU (0 Tew mr pancreas 00 Temp gen atm pn et83 of209 OA Dvr ses ony KE. Rox¥PN ues ony KE2 (© 8 Fler uses KE2 OMVPN wee KE oF EZ (© © Owvetunes KE! ce KE FlsVN ony ae KE (© D. Fler uses KE orKEs2 OUVPN us ony KE 90299 ‘ag antaop cag oa Pape a Ca AUP on ale nh poop cay ht 2 Men © shaw nercosta 1 Sa ame oe + 08 wotssit ome BS Se] OA nse sown tent canton osama tart nein stan bre ae omni hh cn edt nme 9? (© A Gees eSnips (8 cure fry pa on 2 rman © © eee sot wring tp atone nan 9201 299 see Featar New GRP ICIS 30 Inverface Vanagenent (1521680500) rato: rerp 30 AcceeT so SUSPECTLTST match abrs{none] SBRS None info: ICrD 30 15 success protocol Tiivi cipher ‘DHE-REA-ABS256-SHm info: SuEP Auth: (ICID 30) succeeded for wee [AUTH mochanian: LoGiW wien profile 1eap_onep DERAUD tn the cuebouns table Foto th anit. Which eof atharsation snus? (© A Fors amnemeston (© 8. SMTP rey seve aterteaion (© ©. exonat sean ey mal auremeson © ©. Lon? amentenen wr aaro Ovo Anan D Your nana: No ananeea ES nese ipasememeo Sone Serene certs serosa memset atin em 4 of > show crypto ipsec sa interface: outside Crypto map tag: CSM Outside map, seq num: 1, local addr: 209.165.200.225 access-list CSM IPSEC ACL 1 extended pernit ip 10.0.11.0 255.255.255.0.10.0.10.0 255.255.255.0 local ident (addr/mask/prot/port) : (10.0.11.0/255.255.255.0/0/0) remote ident (addr/mask/prot/port) : (10.0.10.0/255.255.955.0/0/0) current peer: 209.165.202.129 fipkts encaps: 0, #pkts encrypt: 0, #pkts digest: 0 Wpkts decaps: 17, dpkts decrypt : 17, spkts verify: 17 Hpkts compressed: 0, #pkts decompressed: 0 fpkts not compressed: 0, #pkts comp failed: 0, #pkts decomp failed: 0 #pre-frag successe: created : 0 emus sont: 0, #PMTUSs rovd: 0, #decapsulated frgs needing reassonbly: 0 W9FC rovd: 0, #7FC sent: 0 fvalid Tome Errors revd: 0, #Invalid IoMp Errors revd: 0 fsond errors: 0, #rocv orrors: 0 0, #pre-frag failure: 0, #fragments Jocal crypto endpt.: 209.165.200.225/500, remote crypto endpt. 209.165.202.129/500 path mtu 1500, ipsec overhead 55(36), media mtu 1500 PMTU time remaining (sec): 0, DF policy: copy-df 10M error validation: disabled, TFC packets: disabled209.165.202.129/500 path mtu 1500, Ipsec overhead 55(36), media mtu 1500 PMTU tine remaining (sec): 0, DF policy: copy-df TOMP error validation: disabled, TFC packets: disabled current outbound spi: BSFSEASS current inbound spi : S43¢80EE Relerto the xh. Tac is ot passing trough IPsec etaosite VPN en he Fropower That Defines applic ha i causing this te? (© A. Steto.te VEN preshated keys ae mismatch (© B Steto-ate VEN pra ae using dre encryption sigordhs (© © No-spietunal pli dined onthe Firepower TvetDafeae apptince (© B. Te access conta paey swat allowing VPM ati in nave © Your Anse No answer95 of 299 sun 30 16:52:33.287: ESARMP: (1002) : cetransmitting phase 1 ¥W_KEY_FCH. ‘gun 30 16:52:33,287: ISAKMP: (1002) : incrementing orror counter on ea, attempt 4 cf S: xetzansmit phase 1 “sun 90 16:52:33.287 (2002) (2002) retransmitting phase 1 MM KEY ExcH sending packet to 10.10.12.2 ay port 509 peor_port 500 (I) Ms KEY ExcH gun”30 16:52:33.291; TSAKMP: (1002) : Sending an IKE TPv4 Packet. mun 30 16:52:33,791: ISAKMP: (1002) : received packet from 10.10.12.2 dport 500 sport $00 Global (1) ™m_keY_excu sun 30 16:52:33,795: TEARMP: (2002) packet Ru sun 30. 16:52:33.795: ISAKMP: (2002) since last transmission 504) Ru ‘sun 20 16:52:40,189: XSAMM: (L001) : purging SA., SAG8CEEDSE, delmerceceEOse nit sun 30 16:52:43,291: TSARNP: (1002) ; retransmitting phase 1 MM_KEY EXCH. gun 30 16:52:43,291: XsaNMP: (1002) ; incromenting srror counter on ea, attempt S of S: retransmit phase 1 sun 30 16:52:43,295: ISAKMP: (1002) : retransmitting phase 1 MM KEY EXCH +mun 30 16:52:43,295: ISAKMP: (1002) : sending packet to 10.10.12.2 ay_port 500 peor_port 500 (I) mi KEY EXCH mun" 30 16:52:43.295: TSRHMP: (1002) :Sending an IKE TPv4 Packet. Ru ‘gun 30 16:52:53.299: TsAKMP: (1002) + rotranomitting phase 1 MM_KEY_ExcH. dun 30 16:52:53.291: ISARMP: (1002) :peer does not do parancid keepalives phase i packet is a duplicate of a previous retransmission skipped for phase 1 (tine sun 30 16:52:53,299: XsaKMp: (1002) :deloting SA season “Death by rotranemicsion PI" stave (1) MM KEY EXCH (peer 10.10.12.2) sun 30 16:52:53,303: TSANMP: (1002) ‘deleting SA reason “Death by retransmission Pi” state (I) MM KEY EXCH (poor 10.10.12.2) yun 30 16:52:33,307: ISAKMP: Unlecking peer struct 0x68287318 tor60200 ee Se hon lyre st toes at spc map ie ht a abe mitt mnmedcs in eye? OA aoneey © ses ce ty © 6. cece maar ey © 0. atom sence ey 97 of 299 The Cisco ASA must suppor TLS proxy fr encrypted Csco Unie Communications trafic Where must the ASA be sided onthe Ceo UC Manager pat? OA conicate Tust List © B Endpoint Tust ist © ©. Entrmiso Proxy Sonics (© D. Secure Colaboraton Foxy98 0f 299 2 Mae \ ch spoon lye prarocessr at used by Fp Hest Gana aso Peatn Systan? (Chaos to) pacha secooer none AC "You Avene No ease, elon: i J ca comands Snemwosc oneness oni qe stepson Layer Papcessor Hn 99 of 299 ‘Which feature is configured for managed devices nthe device platform settings ofthe Frepomer Management Centar? © A, quality of senice © B time synchronization OC. network adress translations © ©. intrusion policy EXPLANATION Answer 8 ‘Your Answer, No answer100 01299 nee ‘en tatu en ty 3 eee to Freon Manage Cone? OA weetane ad porter 0 8 eytan thd 0. sie ais namter 00 razaton ey aonofa99 oie SSE ‘nt gat tn cet nes pes oma ead acy rds eos SOC BO NON MEA © & ace unbata © 8. Baans me Foss ©. Caco Thee Gd © 0. Gace Senta 102 of 299 "hich Cisco comerand erates authentication, authorization, and accounting global 6 that CoA is cuppated on th dovco? O A. aes ener radius qmamic-autnor OB. athype at © ©. aa now mais © © ipdevicetacking newer: © Your Ansner. No anwer103 of 299 ‘What is 2 characteristic of Firepower NGPPS inline deployment mode? OA. ASA with Firopewor medule cannat be deployod O 8. Recannot take actions such as locking tafe O ©. tis out otband fom trafic © 0. te must hav inline interface paits configured EXPLANATION. Answer: 0. Your Answer: No answer oa 208 Die eBay ‘Anal pokes scat cet th hed lnc Thea pn manga apace, Which AA dey de mas ade? OA rated nee 0 8 upset 0 mp comet as 0 0 wept ase105 of 299 ‘Wha fe managed by Cisco Sscurty Manggor? OA cco me OB cacoesa, 0.6 cece Wsa 0 cco ASA [RBLANATION rower D Your Anse: No answer (04 GF 08 cant 06 cami 08 Gea SZ] Ames oa vw wreion pw 0» ena 08 etthtenameniy 08 mean 08 Banat at108 of 299 What is a feature of Cisco NetFlow Secure Event Logging for C'sco ASAS? © A. Molle NetFlow collectors are supported. O B. Advanced NetFlow v9 templates and lecacy v5 formatting are supported. (© CG. Secure NetFlow connectors are optimized for Cisco Prme inftastucture (© D. Flew-reate events are delayed. EXPLANATION Answer: A Your Anewer: No answer 109 of 2 What is key dference between Cisco Firepawer and Cisco ASA? © A Cisco Firaponer provides identity based access conta while Cisco ASA does not © B. Cisco AS provides access control while Cisco Firepower does not. © © Cisco ASA provides SSL inspection while Cisco Firepower does rot © D. Cisco Fireponer natvly provides intrusion prevention capabilies while Cisco ASA does not EXPLANATION Answer: D Your Answar: No anewervet © stow anme ‘ag anaop esses eaten rc Tein pa ent as te cat ins 0 nin ef299 ame ag andthe suspicious pts the Cisco Teton plat othe oto th coe erin the gh111 of 299 ‘What is beneft of using Cisco FMC over Cisco ASM? © A Cisco FMC uses Java while Cisco ASDM uses HTMILS. © 8 Cisco FIC provides centralized management while Cisco ASDM does not O © Cisco FMC supports pushing canigurtions to devices wis Ciseo ASDM does not OD. Cisco FEC supports al rewal products whereas Cisco ASDM arly supoats Cisco ASA devices. EXPLANATION Ansar. Your Anower: No answer 112 of 299 ‘Which produet allows Cisco FMC to push security intaligencs observable to its sensors from other products? © A. Theat inetigence Director OB Encrypted Trafic Analtics © © Cognitive Meat Anais © D. Cisco Taos inteigonce EXPLANATION Angner: A ‘Your Answer: No answerciv Se] a rates ca ve Carafes ett cpr ee pf oe et hee st tan pr pte 114 of 209 hat isa characters ofa bidge group ina Cisco ASA Frewal unning in venspaent mode? (© A tthas an P acess on te BV iteace ands ured for management ae OB. Reatens ARP tat with s singe abcess mle © . trinctudes mutipleintetaces and access nes betweanimtetaces are customizable © tesa Layer3 sagment and incuces one por and customizable access mes answer Your Anon: No anewor115 of 299 While using Cisco Firepower’ Securty ntsligence policies, which tuo enter is blocking based upon? (Choose two.) A iP aresses 5 URLs pon numbers . protocol IDs E. MAC addresses EXPLANATION Anewor AB Your Answer: No answer 116 of 299 ‘What features does Cisco FTDv provide over Cisco ASA? © A Cisco FIDy provides 1GB of frewall throughput while Cisco ASAy doos not © B. Cisco FIDvruns on VMware walle Cisco ASAy does net. O ©. Cisco FIDvnuns on AWS while Cisco ASAv doas net. © D. Cisco FIDy supports URL filtering while Cisco ASAv does not EXPLANATION Answer: D Your Answer: No answer117 4200 awe SSS Anos ren hero tno hen nnn Cc Dh hay, Wt comet te? © A meters br nd pac thse er (© © pea hi el ste oa (0 © moti teh ents oe (0 pcos wht ne nig eet wth tes ne 118 of 209 ‘Which xm descr wien he Cisco Peeper dounoads tea eligence ups om Cisco Taos? OA attoong O 8 conungon 0 ©. shang OD. anaysis Answer © ‘Your Answer to answer ota pw ons ca natn AED a cae my mai ct eigen ed rd ce © Brees oman 0 Sates rg mnAmant [ost se (© © Sjohensen ches sis Case E sneer AD ane (0 0 Covi s omen ONS sn vt ep cerca enna iment an nh nd OA Dane emanate ci ate 234 (0 8 Nessnrha wtb seep etn ty (0.6 MiPstnne seine 23ae st (0.8 temercnntent nye sition 234 (0 tna tb 0 6 ma tn the 08 mahi an Se12301299 Dagan ep ep amts umat depineh pt i @ i iof 299 1 se (Gt aycommet conection roe DetautRaroup x Secncary theta | Method ina z ae saat cioup: (lat one sccxreng ! Gr vn (vse cat server croup ats ‘sa aeny rowaer sa Serer None = (ie None COnCPLIME COW? Suant chen Acres Pols i tau cove Pag) | ‘Group Pig icepPatcy = ete lFotowing iar at sneesto atibte of he group poi wate above) [Plenae st vt ent pete et Dime Hose AA vem oa vee dace to rn A mcrae anemia On wet 08 Gentasae eres (ee es yc (Otay 8 mews (0 Pratt Oo Mem eas (Sa eS! Sener pari 08 womans (08 vopmrtss2un + Oc wosonet se says wee Say Aen wr128 of 299 Add Device Host? Display Name: Registration Key:* Group: FTO Group Access Control Policy:* |FTD Policy ‘Smart Licensing Malware: a Threat: a URL Filtering: a Advanced Unique NAT 1D: 6 Transfer Packets: 2 @ on Firepower Threat Defense devices version 6.2.1 onwards, AnyConnect VPN licenses ean be enabled from smart license pagesehae amt Soc! A eases awe = (0-6 shone dxo pen arnt (0.8 eae ema abn 120 of 299 ich suspicious ptr orale the Cisco Tetrion latin to fam the norma bhavor of users? © A fio access tom aiorent user (© 8 useriogn suspicious behasor © ©. priegeescaatin (© D imeresing fe sccess answer A Your Answer: Na answer 131 of 299 ‘Which atsibute has the abiity to change during the RADIUS CoA? © A. autroizaion Oe mp © ©. accossititty © D. momborship EXPLANATION Answer A Your Ancwer: No answerIe Se Ame Ge: (1 commence teste nt tae hacia HOE 6 Goipeteetei po nC i pc 0 0G cee te thn pn came BSE a rtee vee 134 of 299 What is beneft of using telemetry over SNMP to configure naw routers for monitonng purposes? © A Telemetry uses push and pull, which makes it more secure than SNMP. © B. Telemetry uses push and pull, which makes it more scalable than SNMP. ‘© CG. Telemetry uses @ push method, which makes it faster than SNMP. © D. Telemetry uses a pull method, which makes it more reliable than SNMP. BOLANATION Anawer ‘Your Answer: No answerise fae SAT Anema (0A Wesabeans ne mr OS not 0-8 aarti pan 08 san a 0 0. Tere nt pan i 13601299 owe BSS me ‘nner en tit cing CCFO ma pte el met aes inte amin tas htt ot seers (OA Exec amine nite Ore FTD © 8 sep ete pce the CP epee (© © cote tn eS pape © 0. Mostyn sce cane key ttn ie ike ae (0-8 oie romans HC wnat arsine CKO se 08 Seven ne3 (0 € vom dnd mt to HE wee Oe 0.8 Severn ton cEease io Sa ae ae (© em mae ate 22828 (0 cpm ein raat (mt pt se 94 (0 pm nap oy CaO TE (0 A Cpe enn ES eagmt ESp p y © 8 Manet ape ey anton (0 © canoe mea pte SH pe ey (0-8 tiene pense erent E meter okt 14001209 Dv SS Wht is ictal once tae ine ASA an ino 98 ar wth an ase Poe rena (OA me cic ASA can ecru ah aay esse C0105 oe wh aes Pley Fre cams, (© 8 The Cael meth Zine fed Puy Frwallcanbe conan hgh ml, whom he Cars AA cana (© 6. The Gace ASA rin alt by ed. whos he Gar 108 rr wih Zane ned Pay Preval tat ot by aig at, en on ned ics, (0b Me Care mater Zend Poy Fiala tic y lal whee Caco ASA cate by lig ele ae edsian cue SSE ese ave = Sepang te a ge Sn THe Ws en et iat OA eaten st 0 nt 844 (Oe met 08 tempat nis weston cam & a oa (0 Enkei Bh ei yay Ge (0S tn Gi 0 a Py city cp (06 tic cei A ne Deni tacit (cam yi ul ant tn dp el a ABA ag 0 tomate dP anemone ae (08 Rep presen (0 € ten eta tre or 08 tatu maranaobemcntie mL99 oo Se Ae ae (A tion ct Pan ey ABLE (rs tect et enh AS oe eh8 Ak Othe (08 Asoo 8 146 of 299 Which feature requires a netwerk discovery policy on the Cisco Firepower NGIPS? O A security intelligence O B. impact fegs O C. heath monitoring © D. URL fterng EXPLANATION Answer A Your Answer: No answer147 of 299 Wich pty is used ta capture tas iorasion on th Cisco Frepower xt Geertion lesion Prevention System? OA coniation ©. intusion 0.6 accoss contol 0.0. neta disney Anaver D ‘Your Answer: No answer 148 of 299 ats «characte of ai str contol babar? (© A Trai storm contd dog alloadcasl and mulatta the conned ac exceeds the fl uth te nena (© 8 Trae storm cont cant tanmne he pacha is inceto bossa © © Trae storm cone ments naming ai et ae #1 econ afi tor col laa (© 0. Trai tom cont uss the nial Grup bt the BECK! Sure asess te determin the packs unas er aera Your Atewer No snewer16901200 Wen sow ssi (np mse he Feo Gana non raon Sam det fomtt hecoe on en ehradius-server host 10.0.0.12 key secreti2 Roforto the exhibit. Which statement about the authonticaton protocol used inthe configuration is tue? © A The authentication request contains only @ password © B. The authentication request contains only 8 username © C. The authentication and authorization requests are grouped in a single packet © D. There are separate authentication and authorization request packets, EXPLANATION Answer: C Your Answer: No answer 151 of 299 Which deployment modal isthe mest secure when considering sks to cloud adaption? OA public cloud © B. bybid cloud © C. community cloue © D. private cloud EXPLANATION Answer: D ‘Your Answer: Ho answer1520f 299 ‘What des the Cloudlock Apps Firewall ds to mitigate secur concems fom an application parspacine? © A. talons the administrator's quarantine malicious fies so that he apecaton can function, jst nat maliciously © 8 discovers and contils cloud apps tat ate connectesto a company/s corporate anironment © ©. Aedletes any application that does ot belong in the network © tt sends the application information ta an administrator to act EXPLANATION Answer: B Your Answer: No answer Roferonce:h 153 of 299 \Which exiteton method does an atiacke use to hide and encode data inside DNS requests nd avers? © A DNS tunneling © B. DNsciypt O © OWS security © D. DNSSEC EXPLANATION Anawer: A ‘Your Answer: No answer Reference: htins-/Ieam-umbvella cisco comicloud-securty/dns-tunneling154 of 299 ‘Which technology reduces data loss by deriving sense nfrmaten stored in pubic computing enironmerts? OA cisco SOA, OB Cinco Frepaner 0 ©. Cisco Hyperrox © D. cece Glouctock EXPLANATION Answer D ‘Your Anawer Mo answer Reference: 155 of 209 a tn we cio eres acl the ear response tx ual machine OS patehg? OA tas © 8 Ucees Oc Pas. 0 sas You Atower: Ne anwar how micas fice S65 are 21572 ho156 of 299 What isthe function of Cisco Cioudlack for data security? O A daa loss prevention © B. contiols malicious cloud apps © ©. detects anomalies © D. usor and entity behavior analytics: EXPLANATION Answer: A Your Answer, No answer Reforonce: httos:/lumercla.ciseo.corvaroducts/oesb 157 of 2 \Whieh foatur is cupported von doploying Cisco ASAv within AWS pubic cloud? © A mutiple context mode. © user deployment af Layer 3 networce Oc r.6 © D. clustering EXBLANATION answer B Your Answer. No answorMek 10 ston ep pions wat eninge range oman he uci arc oc us Ob sas 159 of 299 Which risk is craated when using an Intemet browser to access cloud-nased senice? © A misconfiguration of infra, which allows unauthorized access © B. intermittent connection tothe cloud comectors © ©. vuhorabiitioe within protocol © D. insecure implementation of APL EXPLANATION Answer C ‘Your Answer. No answer160 of 299, \Wnatis he Cisco APV-4a5ed broker hat eps duce compromises, aplication nts, ané eats beaches in an snenmert hats net neers? OA Cisco AopDynamics © 5. Cisco Cloudock © Cisco Uneata 0. Caco Answer B ‘Your Annee: Na answer 161 of 299 Which two aspects of the cloud PaaS model are managed by the customer but not the provider? (Choose two.) A middleware B. applications ©. virualization D. operating systems E dete EXPLANATION. Answer BE Your Answer: No answer162 of 299 Which public cloud provider supports the Cisco Next Generation Firewall Virtual? © A. Google Cloud Platform O 8. Red Hat Enterprise Virtualization © ©. Amazon Web Senices © D. VMware ESXi EXPLANATION Answer. © Your Answer. No answer 162 of 299 ‘What is an attribute of the DevSecOps process? O A security scanning and theoretical winerabilties © B. cevelopment security O C. isolated security team © D. mandeted security controls and check lists EXPLANATION Answer D Your Answer: No anewor164 of 299 (On which part ofthe IT environment does DevS2cOps focus? © A application development O B. wireless network O data center © D. perimeter network EXPLANATION Answer: A Your Answer: No answer of 299 Ina PaaS model, which layer is the tenant responsible for meintsining and patching? O A hypervisor O B. virtual machine O ©. network © D. application EXPLANATION Answer: D ‘Your Answer No answer Reference: hitos:/lmun. pe com/bogs/eaas-vs-paas-vs-iaa¢-whate-tha-dference-and-howso-cheose/166 of 209 Which two deployment model configurations ae supper fr Cisco FTDY in AVIS? (Choose two.) ‘A. Ciaea PTD canfgued in rates mas ane managed by an FUCrinaales in AWS 1B. GiscoFTDV wth ons managomentitaface and wo tac intlaces confgurod ©. Cisco FTDy congue in ruled mode and managed by a physical FUC appliance on remises 1. Cisco FTDv wth two management intefaces and one tac interac contgured Cisco FTD¥ conigued in routed mode and P¥6 conigues IPLANATION none AC ‘Your Answer: No answer Reference: hs Hy sie come/eiyslprodtalcolateralsscuitladentivesecury isl appliance. ea ehte gape c11.720606 hn![intron entre APEC] [Cornea ese eters Amt] Sees See ee [sooroaacinrootersarront][_Resatnetmowe owt) 168 of 299 What is a required prerequisite to enable malware fle scanning for the Secure Internet Gateway? © A Enable IP Layer enforcement O 8. Activate the Cisco AMP license. O ©. Activate SSL decryption. © D. Enable Inteligent Proxy. EXPLANATION ‘Answer: D ‘Your Answer: No answer170 0f 239 \What aretha two types of managed Inercloud Fabic deployment modole? (Choose two.) CA Senses Prosder managed (1B. Usermanaged 1 ©. Public managed (5D. Hybrid manages [OE Emerrise managed [EXPLANATION Anawer AE Your Answer: No answot miso met i Seoee Ah emsee ate a a at eo sie th eee aa hn cn On oe 08 cece Oc Aasnewes Oo ser raat pie SST Ate snap Fo Cc et Met dnd ly a el pe (0 6 cx boon ta 0.8 coment (0 castes 00 cement es Ms onanCit fonsteaaea AN rts ec ma cad ny opi ean ou case? (0 A wihan puritan te pete tmp ne ae tp et deine cr (© © wns cnsanesoter te pes ape ab cen ne nee PO (0 © winann sn, epost Nano cu ea mae pt (© © wnanesere avn, ect oe uae mane ue ee heen ene oe a awe TSR oA rons we OA onanew 08 cnecomn (0 © Gent Ena rey (09 cmon 175 of 299 In an iaaS cloud senices model, which secunty function s the proxderresponsibe for managing? © A. fiewaling vitual machines © B. Intemet proxy. © C. hyponisor 0S hardening OD cass EXPLANATION Answer A Your Answer: No answetsre ome BEE eqns mth, es nit hn pr cn 8 nt nei © A scecntenascy 0 8 tent © ¢ castes © © Sct Get t ar708298 [mee © onsen ‘rants theca seat anon caret emit te denonek fo sonanens A risen (0 sn ryt (0.8 meonrensen 0 ad mai abate re aia add ly sc ys gaan asec ga © conmnny 08 ona 0 nie 00 mye 180 of 299 How does Cisco Workload Optimization Manager help mitigate appiication performance issues? © A Itautomates resource resizing © B. It sets up @ workicad forensic score. © © Itoptimizes 2 tow path © D. Itdeploys an AWS Lambda system. EXPLANATION, Answer A Your Answer. No answer wt STE181 of 299 ‘Which DevSecOps implementation process gives 2 weekly or daly update instead of monthly or quartly inthe applications? © A cued pipatine OB container ©. orchestiation OD. security EXPLANATION ‘Anawer: A Your Answer No answer Reference: hips /dewps conviowio‘implement-an fective c-cd-tipeines 182 of 299 Which system facitates deploying merosegmentation and mul-tenancy senices with a palcy-based container? OA soc OB Lambie © Con © D Docker EXPLANATION never D. ‘Your Answer: No answer Reference: hitmeio Cte BASESY ese oa tee ‘eet aatcrys cutscenes nto phen psi yen ne Pe nae (0. Parser ne cs pt ar 8 184 of 299 ow das a cloud arcosssecutty broker function? (© A tis an authentication trokeroonable single sign-an and mutter authentication fr 2 cle slain. (© B Hescans other los salaions being used within the network and identifies wiheaites. (© © Mntegates wth ater loud slaions va APIs and montars and crests inert based on events Flom the cloud sluion. (© 0 Wacis as 2 secu fxmation and exert management slion and ecehes yg fom ether aud soins een Gr Dane sa eens emeect escent 187 0299 a er ae ini tos speedo be tckstsin Caco Unbela? © & sepieton stings OB. coat eagnns © ©: sect stings OD sestnatne ute Ansnec D ‘ovr Boar Ho ansvar 188 of 209 ‘An angie cofiguod 2 naw rework ientty in Cisco Ura but must ory thal tric is bing routed through tho Cisce Umibolsnetwork. “Woh acon test the rexing? © A. Ensure thatthe cnt computers at pointing tthe on-premises ONS sane, © B. Enabio mo ttlignt Proxy to aida that tac is bing outed conoct (© © Act tho public P aches thatthe chnt compstrs ae bhind to @ Cor Wey (© D. Browse to hte elcome ume cont ala thatthe new nity i working XBLANATION. Answer 8 ‘Your Anew: No answer189 of 299 How does Cisco Umbrllaaichne lags to an enterpise-cuned storage? © A. by using the Application Programming Interface to fetch the longs © B. by sending logs via syslog to an on-premises or clouc-based syslog server © ©. bythe systam administrator downloading tho logs from the Cisco Umbvelia web portal © D. by being configuied to send logs to a sellmanagad AWS $3 bucket EXBLANATION newer: D Your Answer No answer Reference: httns des umbrella com/desloyment-urbrel/oes/log-management 190 of 299 ‘Which AP! i use fr Contes Secunty? OA Nos Apt 8 los sRAPl © © Openvain ae (© D. Annes API EXPLANATION. Anower 2 ‘Your newer: No answer Reference: os:/nsu cisco comlenistaldocsleccurtyleccurty msnagemertieme/emal2.dioilb SIA AP! ‘2Rest chapter 01 html191 of 209 [Which Talos ceputation centr allows you to track the raputation of P adresses for email and we tfc? OA Blacklist Center © B File Reputation Cemer (© ©. AMP Roputation Centar © PP and Domain Reputation Canter ByPLANATION Answer: You Angmar, No answor 192 of 299 hat sho primary role ef he Cisco Email Security Appliance? © A Mal Submission Agent © © Mal Transfer gant © © Mai Deter Agent OD. Mal User Agent Answor 8 Your Answer No answer193 of 299 Which wo sonics must rman 3s or pemisascqupant whan 3 hyn mal soon 'sdeployod? (Choos wo A boss (18 smcpam Se emis [0 enenien Deo [XPLANATION ‘Answer OE ‘Yeu Answer Mo snower etence: psy ico comleanenshldscsrancunyiceiovniew audeiCsco Cus Hybid Ema Steuny Oven Guide pot so4c08 awe SH pin cog SA rai fo wn muna Wht ru banque spt ese i bel TO coma? © A camps ESA nT ion © one era snp commen © 6 cannes Eo 6 cn a © © Gaps pert gmt acsGateway of last resort is 1.1.1.1 to network 0.0.0.0 S# 0.0.0.0 0.0.0.0 [1/0] via 1.1.1.1, outside 1.1.1.0 255.255.255.0 is directly connect, outside 172.16.0.0 255.255.0.0 [1/0] via 192.168.100.1, inside 192.168.100.0 255.255.255.0 1s directly connected, inside 172.16.10.0 255.255.255.0 is directly connected, dnz 10.10.10.0 255.255.255.0 [1/0] via 172.16.10.1, daz access-list redirect-acl permit ip 192.168.100.0 255.255.255.0 any access-list redirect~acl permit ip 172.16.0.0 255.255.0.0 any class-map redirect-class match access-list redirect-acl policy-map ineide-policy class redizect-class sfr fail-open service-policy inside-policy global Refer tothe exhibit. What is a result of the configuration? © A Traffic from the DIMZ network is redirected. QB. Traffic from the inside network is redirected. © © AITCP trafic is redirected Refer to the exhibit. What is a result ofthe configuration? © A Traffic from the DMZ network is redirected. © B. Trafic from the inside network is redirected. ©. AITCP trafic is redirected. © D. Trafic from the inside and DMZ networks is rediracte. EXPLANATION Answer: D Your Answer’ No answersss pie SST wwe awe ‘neretens irene neste pt not mp hed men bie (8 came ks aos or ae (0 meme cn ES ma ae nate (0 cuene cn sha enone as, (0 0 came tshne nese oa 197 of 299 What ae tw dirences etwoen 3 Cisco WSA that is engin traneprnt med ard one running in axl mods? (Chars wo) [DA The Cisco 5A rapinds wn ts oy IP abso aly # ising in pict mode (518. The Ceca WSAsconfgued in wab roar ony Fis nnn in Yansptet os Te. The Cico WA respende wih As avn IP ators aly itis runing in ensparet ade 10. The Cisco WSAuses a Layer 3 device to evel alc aly tis unig in enspatet made CIE. When ne Cisco WA suming in Wanspaent made, ses the WA's ow Padres asthe HTTP request destintion Anawer AD ‘Yur Anse Moana198 of 299 ‘Which technology is used to improve web traffic performance by proxy caching? OA wsa O B Firepower O © FiresicHr OD. ASA EXPLANATION Answer: A Your Answer: No answor 199 of 299 Which proxy mode must be used on Cisco WSA to redirect TCP trafic with WCCP? O A transparent O B. redirection © © ‘onward © D. proxy gateway EXPLANATION Anower: A Your Answer: No answer Reference: https Java ciseo convelen/us/support/docs/securtyheb. security epplionce/117940-ga.wsa.00 html200 0f 299 5 Nar ‘hat the pups ofthe Ont Appstn Detection etre win the WA Derypon opis? OA nccyss HTTPS apestan wate or ucharcate sets, (© Bales ears when th SA dace ha al © 6 scenes HIPS apse woe fr autocad was, © ©. irons enhanced HTTPS sopcaton tection fr Async08. oie at SSR ee aww 09 Potengi peter cenan mint 202 of 289 ‘An anginer is configuring a Cisco ESA and warts te conrl whether to accept erect email massages to a recipient ads ‘ich lit contains the alowed reciientoacrenses? OA sr O58 sr Oc mar Ob Rar EXPLANATION anower D ‘Your Answer: le anewer203 of 299 Why woulé a user choose en on-premises ESA versus the CES sclution? O A Sensitive data must remain onsite. O B. Demands unprecictable © ©. The server team wents to outscures this service. © D. ESAis doployed inno. EXPLANATION Answer: A Your Answer: No answor 204 of 299 hich to features ate used to confgure Cisco ESA witha mullayer approach to ght vuses and malware? (Choose two.) A Sophas engine B uhite at D. outbreak fers oP BLANATION Anwar AD ‘Your Answer: No answer(0.8 mys (08 Sm gn nt ie 207 of 299 In which two ways dooe 2 system administater cond wob afc tanspatenly 1 the Cisco WSA? (Choose two.) DA use Web Cache Communication retocal [5B configure AD Group Policies to push proxy settings [5 configure the proxy IP adress inthe web-bowser settings [5D configure policy-based routing on the network intastuctne 1 E teference a Proxy Auto Config fle EXPLANATION Anwar, AE Your Answer No answer208 of 299 ‘What isthe funtion ofthe Context Directory Agent? © A. wads the AD logs to map IP adéross0s to usomamos O B telays user authentication requests fom Cisco WSA to AD © © mantans users’ group memberships (© accepts user authentication requests on Beha of Cisco WSA for user identiietion EXPLANATION, ame SST a mame a we oes (0 Paps cat earns pot tg 0 8 Pater sequt ene ee 0 & Poteonsnmut score re 0 9 reaper cee tend ame ame aesateion ors SSE OA smadasanciot {0 8 mettre 0€ pemnntite tenon es et ‘aceasta ated tceeets ara awe SSSR A wea ae gti tm mt igi nei eta hi htt ale ee piaene Mat Osorno cme + Cn nn pete ity pin aay die Hi enn gt (0 tana sexi (© 8 Co on ch (© 6 Cot ns 0 cause214 of 299 Which attack is preventable by Cisco ESA but not by the Cisco WSA? O A SOL injection O B. phishing O ©. buffer overtiow © D. des EXPLANATION216 of 299 What isthe role of Cisco Umbrela Roaming when it is nstalled on an endpoint? © A toestablish secure VPN connectinty to the corporate network © B toentorce posture compliance and mandatory software © © ‘toensure that assets are secure fom malicious links on and of he corporate netwerle © D to protect the endpoint against malicious fle transfers EXPLANATION Answer: ‘Your Anewer: Ne answer ‘Speyer zteewmnvany rg mbt etwas 0 © carpe cence rg OD YG EA sane ae aivetane amt fe sestee ah nsee + cntgtnarm nates OF tetera (0 gent nn ee 0 8 Saket Sitaaivataee tee [Ope ese ver (0-8 curbs Ramya ot te (0 8 Gann i ca ik wt aI (0 6 Gethin ge mtn iy cn se Get 220 of 290 ‘yen compunee a aco Une eect tenses ety he sence? OA SP ae tector 8 ances © © AMP Tueat Gat 0 0. Cuca Tales Your Atewir Ho anener mae im SE Ane ae Of seme 08 amen Os mee (08 Fete2220f 208 a mat a banat af sig seo CHS campos oan rpms Cisco ISA? (© A. comet seaming er SAAS cludappleaions i salable hough Clee CFS and nt alte tough Cea WEA, (© 5: Ul eategares a upd mine feqenty en Ceca CWS than hey eo ice HSA (© © Gece CHS mines he ai onthe inca stk and acu ashi a compared a Caco SA © 0. Geco CWS sninaes the ne to backhaul ac tnough heaicsaer frome Woo Whores Cisco WA dos net 22306290 mee [An ene reds oa etn aan tat anthae hendesintheemed message ich coptinn seeded aca hi oe? © A. Depo mention prance © & Pasion the ema pane 0 © Mepeender iP attest a heat rice © Ene aged message handing soon Nour das No aanie 01299 Time ie eine AL en catgut as, nt in, ns an pea ct A sept ey OA Get 08 oxen 0 6 caeeanceme 0 0. co citeACME Policy Policy Nome irene Serr Sting ond AE Secu Sting Ti omer setnetpteacecoeseige id 2 Detination Lite nforend tral Defi Bock Pepe SESS No Appleton seties Applied > Advanced Settings DEL poUcY coce ltt ibe Ho ee Caco nb manage ta hat ce ter ity ei? (OA tase mand yt appeten tng ute anes © © Tacie mand yh scat igs on Ben © 6. Tato pos aug ego pony © Tcl aown a get : SLES a ves cae ‘oegmemmen gram otemam ve mitagmatan Dapeng tno pes mn ern (0 bemte tr ais tac E eign nse es Bane Ke (06 Comer atna test rt amen eh FD WEA a na en Aut SREY Ae et os ace hn ane yi bs? (© A Genco tin m2 oman ea Cao (0-6. Pa cen ee (0 © watt py 8 pine ai py229 of 299 hich feature within Cisco Umbrella allows forthe ably to inepect secure HTTP trafic? OA File Anaysis OB Saesearch OC. S81 Decryption (OD. Destination Lists Answer © ‘Your Answer: No answer 2300208 we BR x mm en atin aeons poe hy erat ms Bn nto mo cman ana Png a rt? OA Aen co 0 Scary Cte Seng 0 Conon Cee Sing 00 Fess231 of 299 How's cisco Umbrelcongured ta leg ely secuty eves? OA perpolcy © B intre Reporting stings © © inte Socunty Setings socton © D. pernetortin the Deployments section ‘PLANATION Answer A Yur Answer: No answer Fefoencs ies iocs una com!éslnymsnunivelitdors log managamant 232 of 299 Which Cisco solution does Cisco Umbrella integrate with to determina ifa URL is malicious? O A Gissco AMP O B. Cisco AnyConnact © ©. Cisco Dynamic DNS O D. Gisco Talos EXPLANATION Answer: D ‘Your Answer: No answer233 of 299 what are two at types within Cisea AMP fr Endpoints Outbrenk Conta!? (Choose twa ) ‘A. ockod pots simple custom detections command and contol . allowed apoications URL EXBLANATION Answer BD ‘Your Answer: No answer Reference: bps does emp cisco comven/AME/AMPS fr. 20E doings 20Uer%20Guise oo ehaptor 2 234 of 299 For which tne consitions can an endpoint be chacked using ISE posture assessment? (Choose two.) ‘A. computer identity B. Windows sonice ©. user identity D. Windows firewall E. detauk browser EXPLANATION Answer: 3C Your Answer: No answer235 of 299 Which Cisco product proves proactive endpoint protocton and alone administators to contrally manage tho deployment? OA NGeW O8 AP Oc wsa OD ESA BLANATION Answer: 8 Your Answer: Ho anawet 236 of 209 ‘whch wo endoit measures ae usedto minimize the chances of aling tint phishing and social engineeing tacks? (Choose We ) [A Paton for cose ste soning 5B Parlrm backups tothe pat cloud 516. Protoct against inpul alton and charetor escapes in he endpoint. Onsale spam and wus oma itor CE Protoctsyetms with an upto dat atimalare progam, newer OE Your nswer No answer6200 out BESET wn Dn impmere ne cco Mowe ine cnt oct at SN ph ind he he et a amy rem \Whche die mite of sore non he 1. ovine pee yn Ga iy Snes En il MSN pach be Hc he © Sawosprling em Cace ly SenceEgne a ck anni phe be mga on tt Cove gee ayn Cait Snees Ergon ct ha nt peli et ee cet et carga nt teva pce ope at tach nga ae ahd psd pr pti ng at pre i win pain ln 238 of 299 hati the primary dilronce between an Endoint Protectan Platform and an Endpoint Datcton and Response? © A erp tocuses on prevention, and EDR ocuses on advances heats that evade permster defenses. © 8. EOR‘eeuses on vention, and EPP ocuses on advances heats tha evade permeter defenses. © © EPP focuses on network secur, and EDR focuses on device secur © D. EDR focuses on natwork secur, and EPP focuses on device socunty [BLANATION Anan A ‘Your Answer: No answor -Reference: https caco.comle/ausiproducts'secuny/endpont-sgcurtyluhats-sndpoint detection cesponss-ade html39 of 299 ‘An engineer is configuring AMP for endpoints and wants to block certain les from executing. Which outbreak control method is used to accomplish this task? O A. device flow correlation O B. simple detections © ©. application blocking ist © D. advanced custom detactions EXPLANATION Answer C Your Answer: No answer sa ‘An snus musta eno trast an aed aunts sein wth rpg tho enna to apply nev outed poy fom IE {ich CoA typ cries is gos? OA Fettonee © © cantante © 6 consent © 0 cansesondueyWhich two risks is company wlnerable to it does not have a wel-estatlshed patching soliton for endpoints? (Choose two) AL malware B. denistot senice atocks ©. ARP spoofing D exploits E. cavesdiopping EXPLANATION Answer AD ‘Your Answer: No answet 242 of 299 Which bent is poied by ensuing that an endpoits compan wth» posture poly conigued in Cisco SE? © A. adds endpins to ianty groups dynanicaly © B. Hallows the endpont to sthenicate th 802-1 or MAS © © allows CoAto be aps the enspnt snus is compan (© D_ nvees athe endpoint has he nest Mirosaf seurty patches insalles EXPLANATION Anawer A Your Answer: No answerors teaomataly asin epi tht hae 2 svc OU ie 2 On ane 8 we Oc axe © 8. tree 244 of 299 Mek f mdse rp Yih ob stb nt rs tp og wo? ‘What is the benefit of installing Cisco AMP for Endpoints on a network? © A. tt enables behavioral analysis to be used forthe endpoints, © & kt provides flow based visitilty forthe endpoint’ network connections. © C. It protects endpoint systems through application contral and realtime scanning © D. tt provides operating system patches on the endpoints for security. EXPLANATION Answer C Your Answer’ No answer 1 Mie 1 20 ‘ny tinge oh plc cil ot nt oan he ae andi pt ayes tb tw da yn pe en? © sence sein cg age teeta (Bare oma tral i nt 06 mpm neem © 0. wees entan na esF299 ‘What mus be confgued in Cisco SE to ener reautenicaton oan ends session when an ads i leted fom an erty gaup? A SNMP probe © 8 oa © 6 ontoma deny source © D. poste assessment [xPLANATION raven ‘Your nsver No snenat 247 of 2 In which situation should an Endpoint Detection and Response solution be chosen versus an Endpoint Protection Platform? © A. when there is a need to have more advanced detection capabilties © B. whon ther is no frewall on tho network: © ©. when there is = need for traditional anti-malware detection © D. when there is no need to have the solution centrally managed EXPLANATION Answer: C Your Answer: No answer48 of 299, ‘Which wo probes are configured to gather atubutes of connected endpoints using Cia Mentty Senicea Engine? (Choose to) A RADIUS B TaCACS+ ©. Hee D sow Anwar AC ‘Your newer: No ansver Reference tos: cisco comer USIdorsiescuityiset Oveer qudein' eof pol nn249 of 298 Wat ae two reson er implementng & nufactor auterticaion soliton suchas Cisco Due Secuntyprowdeto an ganization? (Chooes te.) sng sian access to on-premises and cla apeatins 1 iantcation and conection of ppicaton wireraiitis ble lowing acess to resources secur accoss toon poms an cow appestions 1. rtagration wth 02 x secu using rats Nicrosok Windows supplant . Rowbily of fren mathods of 2A such as phone calbacks, SMS passcode, nd push titans Arewer CE, ‘Yeu Anawer: No answer 250 of 209 What are the two mast commenly used authentication actors in muifactrauthetieation (Choose tne.) | ‘lomatre factor time factor . confdentilty factor D. knowledge factor _encryation ctor EXPLANATION answer AD Your Answer No ansinet|lof ‘An IMDM provides which two advantages to an organization with regards to device management? (Choose two.) A. aseet imontory management BB allowed application management AD group policy management . network denice management . tical device management EXPLANATION Angwer AB Your Answer: No answer What is the purpose of the My Devices Portal in a Cisco ISE amvronmant? © A toregisier new laptops and mobile devices © B to manage and deploy antivirus definitions and patches on systems onned by the end user © © te provision useriess and agentioss systems © D. te roquest 2 nowy provisioned mobile dovce EXPLANATION, Answer A Your Answer: No answerpsici2e0 Cm (BSCE oy \ yeh Geet nue acne ines meson theme a en chsh nn ma sb? 0 A cata Penne 0 8 cases (0 6 cama 0 0 cate 254 of 299 Inch wo ways does Easy Connect help carta etna access when used with Cisco TstSec? (Choose tne) (71 A iets with hid pany poducts 0 provi beter visibly twaughet he network, 11 &. tatows fr the asigent of Secunty Grup Tape and does nt equ 302110 be congue an the switch the end. Oe Wevats a deshtowcn Coco IE tat odes ta Stilo a comecte enpas tats fr managed neponts tauherticat to AD tobe mapped io Securty Groupe (Passel) Eatin mute sect podurs osha information and wor tegether te enhance eaurty postr inthe nwo255 of 2: What does Cisco AMP for Endpoints use to help an organization detect diferent families of malware? © A. Tetra Engine to detect maivare whan the endpoint is connected to the cloud OB. ClamAV Engine to perform email scanning O C. Spero Engine with machine learning to perform dynamic analysis © D. Ethos Engine to perform fuzzy fingerprinting EXPLANATION Answer: C Your Answer: No enower 256 of 299 What is a benefit of conducting device compliance checks? OA. Kivalidetes i antiniius sotwar is installed © 8B. ktccans endpoints to determine if malicious activity ic taking placo. © C. Mrindicates what type of operating system is connecting to the network, © D. treetects emai phishing attacks EXPLANATION Answer. B Your Answer: No ancworsi ime SSSR ees a ve energie Gen fA et tegen nbn iw an pete come ty 8 moustan 258 of 299) ‘Wat isthe role ofan endpoint in protecting a user fom a phishing attack? © A. Ensure that antninis and antimalware sofware is up-to-date © B. Use machine letning models to help identify anomalies and determine expected sending behaviat © CG Use Cisco Steahthwatch and Cisco |SE integration. © D. Ublize 002.*X network secunty to ensure unauthorized access to resources. [EXPLANATION Answer B ‘Your Answer: Ne answer259 of 299 Why is it important to implement MFA inside of an organization? O A To prevent brute force attacks from being successful O B. To prevent phishing attacks from being successful (© . To prevent DoS attacks fom being successful © D. To provent man.in-tho-middle attacks from being ouccossful EXPLANATION Answer. B Your Answer No answer EaneaD Wien posture assessment requiemant poids options tthe clint eration wahin acenalntimetars? OA aust (© & mandatory © & sissy © D. options Anawer 8 Your Ansner Mo anaver(0 Unto courrier tie as (0 seat ns ese oe een na (0 ©. Seupscm ro en py SD rn te aie i Teac Cresent’ 08 Mears atid (0 Pesky gt ere meng Sr mune (08 teen mao si oan any nd SH 263 of 299 What isthe beneft of integrating Cisco ISE with a MDM solution? © A Itprovides compliance checks fr access 10 tha network. OB kt provides the abilty to undate other apalcations on the mobile device: (© C. tepronds the abity toad applications tothe motile dacs through Cisco SE. © DR provides network device administration access EXPLANATION Answer: Your Answer: No answer264 of 299 Which feature is lemraged by advanced antimalware capabildes to be an effective endpoint protection platform? © A. blacklisting © B. stom centers O ©. big data © D. sendooxing EXPLANATION ‘Angwer: D Your Answer: No answer 0 8 Tse mata en en © € Pes en con ny ss ys ne (0 8 conan ssp nat anne ton tt 2501200 me Seite rami gaara ang me Mt ut a et a an Ab ing FON? (© A Cherie Pst eee a Sn tsa mt ie (0 8 ene nce ee cnn Abn mating ah py (0 © op ynais en a ane Cue me (0 © Aan ey ac a267 of 200 ‘ymhven porian ofthe retwar 6o EPP cautions sly focus on and EDR solitons do nat? © A. East vestgatenays © 8. sanertam Oc we © D. perimeter Anower ‘Your Anower: No answer 268 of 299 Which bonoft docs endpoint secuty provide tho oyrall secur posture ofan aigarizaton? O A Ieteamlinas the incident response process to automatically prform digital forensics on the endpoint © B Krallows the organization to mtigate web-based attacks as long as the user is active in the domain. © C. allows the ganization to dstoct and respond to throsts at th edge ofthe network. © D. Kalons the organization to detect and mitigate heats thatthe pelimetersecurly devees do not detect, EXPLANATION Anewer ‘Your Ancwer: No answer269 of 299 Which solution protects hytrid cloud deployment workloads with application visibly and segmentation? OA Neus O B. Steatthwatch O © Firepower O D. Tetration EXPLANATION Answer: 0 ‘Your Answer: No answer Reference: hips www ciseo.corvc/en/us/solutions/securily/secure-data-certer-soltion/index himl#~producte271 01299 Hon dors Cisco Sesh Clo rode scat fer cloud een? © A siete tty and treatin © ©. Rpts etn of nai cla © © Hasson inemet tess ONS pesston fr carts aeons © tctates secu comacty beter bea pal es ‘Anawee A ‘our Arar o snener elerence: His Jn corte! 2h cnt 4com/Caren AlschmerinagelShariReseutceaFBLP Cacao 51519 Sine Whtepaes 272 0f 299, hich Cisco securty soli protects remote users against phishing atacks when they are not connected ta the VEN? OA Cisco Umea O B Gsco Firepower NGS © © Cisco Steatwatch © D. sco Firepower XPLANATION Anower © ‘Your Answer: Ne answerof 299 ‘What must be used to share date between multiple security products? O A Cisco Platform Exchange Grid O B Cisco Rapid Threat Containment O © Cisco Steatthwatch Cloud © D. Cisco Advanced Malware Protection EXPLANATION Answer: A Your Answer: No answer 274 of 299 Which two characteristics of meseenger protacole make data exflraton dificult to detect ané provent? (Chovso two.) ‘A. Messenger apalcations cannct be segmented with standard network controls 1B. Malware in fects the messenger application on the user endpoint to send company data CC. Trafic is eneryptad, which proventsvsiity on frealls and IPS systome D. Am exposed AP! forthe messaging platform is used to send large amounts of data E. Outgoing afc is allowed so users can communicate with outside ganizations PAPLANATION Answer AE ‘Your Answer) No answercise Pm ee (© € Cos er ey 276 of 299 ‘Whet provides visibility and awareness into what is currently occurring on the network? OA cux O.8 wu O ©. Cisco Prme infrastructure O D. Telemetry EXPLANATION Answer: C. ‘Your Answer: Ne answer277 of 299 Howe is ICMP used as an exteton technique? © A byyfoceing the destination host with unreachable packets (© B. by sending large numbers of IOMP packels with tagsted hosts souce IP address using an IP broadcast address (© © by encrypting he peyloadin an ICMP packet a cany out command and contol asks on a compromised hast (© D. by ovennetming 3 targeted hes wth ICMP echosequest packets nie © ‘Your Answer: No answer me 1B Sari ‘Suteha (conta) interface ggebietemet 07 Sitena (conten dot hase-ede mul-rost ‘SitenA(confg- dot timeout quiet period 3 Shiteha (config dot Unaout tepeiod 15 ‘Sitena (contig) autnenteaton portcont auto ‘Sten (confg-suenport mode access Sites (contig sultenport access vlan 12 fect i Arg cng rd ont tr nip te. ich gen cg? O8 sacnntenein © 8 corona 06 sites 0 aac an TTT Dum REACT Arona 4 re os Twen Cron oorwe280 of 299 t int reo Detection ons Aras Enns f Cogn Tat Arlyics? (Chose We) A cate exttraton (71. command and cael communication (16 atiget proxy 1b snot [VE Unt etaganzaton zai of 299 ae {SSors merce pt open, ebb, on ETF stan e lon maps pub em Coane eo os da a eet ch er? © A. Pat Een Gt © Mt Plat natin ©. Finger Dens © 0. Adance Me Prtecion oocyst re conan tet282 of 299 Which compliance status ie shown when a configured posture policy requirement is not met? OA. authorized O B. compliant © © unknown © D. noncompliant EXPLANATION Answer: D Your Answer. No answer miei oe fone A reese vee -nzgrane ayn rennet tin egy re nih Dm bc eh (© 6 con Seaman 08 oot Oc ome 09 cum aoscions baw toes od en (© 6 ya ee ti Sa (0 py aan Gt te east a (0 tet ny nonsense (© et ny nce nn ct sectseta et ooiaue! vor came + OA tena pr 08 wom 6 manana 08 nwo wrens ment ab Fmt stove 9 as Departingaan ame SSIES aa mesee ve OA Systinet (tc Fa ata it (0 ey as ut ese Es uma Ct (8 coacne Fw ann eae Ct SSS) A woes ua ve aaaotoee owe & ‘nse cy neon vetearg gene se at a 8 cotta 08 cs susan carat (0 cen suns cet (08 cuenta 28901299 nats banat of psorning dese compliance? ©. prowting mutitetrauttertcation © B scat th ae OS paicher © © prong striate aren pices (© D. dec clasieaton nd auhotzaton fxptaNarion Anawer 8 ‘Your Answer: No answer90 of 299 ‘Which type of DHS abuse exchanges data between two computers even when theve is no diget connaction? © A. mahare instalation © 8. nomerk forpinting © . commandand.cantrl communication O ©. cata entation EXSLANATION Answor: D Your Answer: No answar 291 of 299 ‘How is data sent out tothe sttackar during a ONS tunnaling atack? © A. es pat ofthe domain name © B. es pat ofthe UDPIS3 packet payload © ©. as pat ofthe TOP/E3 packet header © D. as pan ofthe ONS response packet EXPLANATION Anewor A Your Answer: No answer Roference: httoc:nuwv infblox.com/glossaryi¢ne tunneling!” jit BALE] Arwen cae interface GigabitBtherneti/0/18 switchport access vlan 41 switchport mode access switchport voice vlan 44 device-tracking attach-policy TPDT_MAX_10 auauthentication periodic authentication timer reauthenticate server access-session host-mode multi-domain access-session port-control auto dotix pae authenticator dotix timeout tx-period 7dotix max-reauth-req 3 spanning-tree portfast See ee gg a ia cane (© cnr ot nZone tee © Sate pth Gn de gt vot Dawe Baa (es Sete eset nbn fom sant Ce pce sna an pt ames ond pat nthe heh ecb he pects? OA mir 0 8 esunten 0.6 aap 00 swinterface GigabitEthernet1/0/18 description ISE dotlx Port switchport access vlan 41 switchport mode access switchport voice vlan 44 device tracking attach-policy IPDT_MAX_10 authentication periodic authentication timer reauthenticate server access-session host-mode multi-domain access-session port-control auto snmp trap mac-notification change added snap trap mac-notification change removed dotix pae authenticator dot1x timeout tx-period 7 dot1x max-reauth-req 3 spanning-tree portfast service policy type control subscriber POLICY_Gi1/0/18295 of 209) ‘Which telemetry data captures variations seen within the flow, such asthe packets TTL, IPITCP Rage, an payin length? © A. tw insight variation © B. scfare package vation © © imerpacket variation © D process desis ation EXPLANATION Anawer © ‘Your Anewer: No answer 296 of 299 |Which network monitoring sction uses streams and pushes operational data to pode & near real‘ime view of acto? «4 sie 08 sup © © syslog © 2 mrodecman telemetry EXPLANATION answer D Your Answer: No answer297 of 299 Wha tae mecatzms ured ordre sect a eb ore aha o SE gues conics? (Coors) 8. carne an ©. singe san 1. utp fateh cl wb uth Aetwence hipsiinm cscs con/envshlsesscwylzn nin el iss ain aio 2 ee adn aio 22 char 6110 Hd 298 of 299 Which ID store recuies that 2 shacow user be created on CiscaISE forthe admin login to work? © A. RSA Secured © B intemal Database © Active Directory © D. Loar EXPLANATION Anawer G ‘Your Answer: No answetna bare tl a cee dent a (© + cia S pn aon ee (© 8 cn use a wy ee a pen (0 on Skuta Cyan aero (0 cna Swear Pcrvenes oe