Cuestiones
ayuda
option
Mi Daypo

TEST BORRADO, QUIZÁS LE INTERESEmio2

COMENTARIOS ESTADÍSTICAS RÉCORDS
REALIZAR TEST
Título del test:
mio2

Descripción:
seguridad

Autor:
AVATAR

Fecha de Creación:
29/12/2020

Categoría:
Otros

Número preguntas: 89
Comparte el test:
Facebook
Twitter
Whatsapp
Comparte el test:
Facebook
Twitter
Whatsapp
Últimos Comentarios
No hay ningún comentario sobre este test.
Temario:
Which Talos reputation center allows for tracking the reputation of IP addresses for email and web traffic? File Reputation Center IP Slock List Center IP and Domain Reputation Center AMP Reputation Center.
In a PaaS model, which layer is the tenant responsible for maintaining and patching? virtual machine application hypervisor network.
What is the benefit of installing Cisco AMP for Endpoints on a network? It provides operating system patches on the endpoints for security. It protects endpoint systems through application control and real-time scanning. It provides flow-based visibility for the endpoints' network connections It enables behavioral analysis to be used for the endpoints.
How is Cisco Umbrella configured to log only security events? per policy in the Security Settings section in the Reporting settings per network in the Deployments section.
Which two preventive measures are used to control cross-site scripting? (Choose two.) Disable cookie inspection in the HTML inspection engine Enable client-side scripts on a per-domain basis Incorporate contextual output encoding/escaping Run untrusted HTML input through an HTML sanitization engine SameSite cookie attribute should not be used.
What is a key difference between Cisco Firepower and Cisco ASA? Cisco Firepower provides identity-based access control while Cisco ASA does not. Cisco Firepower natively provides intrusion prevention capabilities while Cisco ASA does not. Cisco ASA provides access control while Cisco Firepower does not. Cisco ASA provides SSL inspection while Cisco Firepower does not.
Which two behavioral patterns characterize a ping of death attack? (Choose two.) The attack is fragmented into groups of 8 octets before transmission Short synchronized bursts of traffic are used to disrupt TCP connections. The attack is fragmented into groups of 16 octets before transmission Publicly accessible DNS servers are typically used to execute the attack Malformed packets are used to crash systems.
Which Cisco command enables authentication, authorization, and accounting globally so that CoA is supported on the device? ip device-tracking aaa new-model auth-type all aaa server radius dynamic-author.
What are two reasons for implementing a multifactor authentication solution such as Duo Security provide to an organization? (Choose two.) single sign-on access to on-premises and cloud applications integration with 802.1x security using native Microsoft Windows supplicant flexibility of different methods of 2FA such as phone callbacks, SMS passcodes. and push notifications secure access to on-premises and cloud applications identification and correction of application vulnerabilities before allowing access to resources.
Using Cisco Firepower's Security Intelligence policies, upon which two criteria is Firepower block based? (Choose two.) protocol IDs IP addresses MAC addresses URLs port numbers.
Which telemetry data captures variations seen within the flow, such as the packets TTL, IP/TCP flags, and payload length? interpacket variation software package variation flow insight variation process details variation.
What are two differences between a Cisco WSA that is running in transparent mode and one running in explicit mode? (Choose two.) The Cisco WSA responds with its own IP address only if it is running in explicit mode. When the Cisco WSA is running in transparent mode, it uses the WSA's own IP address as the HTTP request destination The Cisco WSA uses a Layer 3 device to redirect traffic only if it is running in transparent mode The Cisco WSA responds with its own IP address only if it is running in transparent mode The Cisco WSA is configured in a web browser only if it is running in transparent mode.
What is the primary difference between an Endpoint Protection Platform and an Endpoint Detection and Response? EPP focuses on prevention, and EDR focuses on advanced threats that evade perimeter defenses. EDR focuses on prevention, and EPP focuses on advanced threats that evade perimeter defenses EDR focuses on network security, and EPP focuses on device security. EPP focuses on network security, and EDR focuses on device security.
What is the purpose of the My Devices Portal in a Cisco ISE environment? to request a newly provisioned mobile device to manage and deploy antivirus definitions and patches on systems owned by the end user to provision userless and agentless systems to register new laptops and mobile devices.
Which two descriptions of AES encryption are true? (Choose two.) AES encrypts and decrypts a key three times in sequence AES can use a 168-bit key for encryption. AES can use a 256-bit key for encryption AES is more secure than 3DES AES is less secure than 3DES.
What are two list types within AMP for Endpoints Outbreak Control? (Choose two.) blocked ports simple custom detections command and control allowed applications URL.
Which command enables 802.1X globally on a Cisco switch? dot1x system-auth-control dot1x pae authenticator authentication port-control auto aaa new-model.
What is the function of Cisco Cloudlock for data security? data loss prevention controls malicious cloud apps detects anomalies user and entity behavior analytics .
For which two conditions can an endpoint be checked using ISE posture assessment? (Choose two.) computer identity Windows service user identity Windows firewall default browser.
What is a characteristic of Dynamic ARP Inspection? DAI determines the validity of an ARP packet based on valid IP to MAC address bindings from the DHCP snooping binding database In a typical network, make all ports as trusted except for the ports connecting to switches, which are untrusted DAI associates a trust state with each switch. DAI intercepts all ARP requests and responses on trusted ports only.
Which Cisco product provides proactive endpoint protection and allows administrators to centrally manage the deployment? NGFW AMP WSA ESA.
Where are individual sites specified to be blacklisted in Cisco Umbrella? application settings content categories security settings destination lists.
Which statement about IOS zone-based firewalls is true? An unassigned interface can communicate with assigned interfaces Only one interface can be assigned to a zone. An interface can be assigned to multiple zones. An interface can be assigned only to one zone.
Which form of attack is launched using botnets? virus EIDDOS TCP flood DDOS.
Which two activities can be done using Cisco DNA Center? (Choose two.) DHCP design accounting DNS provision.
When wired 802.1X authentication is implemented, which two components are required? (Choose two.) authentication server: Cisco Identity Service Engine supplicant: Cisco AnyConnect ISE Posture module authenticator: Cisco Catalyst switch authenticator: Cisco Identity Services Engine authentication server: Cisco Prime Infrastructure .
Which statement describes a traffic profile on a Cisco Next Generation Intrusion Prevention System? It inspects hosts that meet the profile with more intrusion rules It defines a traffic baseline for traffic anomaly deduction It allows traffic if it does not meet the profile It blocks traffic if it does not meet the profile.
Which IPS engine detects ARP spoofing? AIC Engine Atomic ARP Engine Service Generic Engine ARP Inspection Engine.
An engineer needs a solution for TACACS+ authentication and authorization for device administration. The engineer also wants to enhance wired and wireless network security by requiring users and endpoints to use 802.1X, MAB, or WebAuth. Which product meets all of these requirements? Cisco Prime Infrastructure Cisco Identity Services Engine Cisco Stealthwatch Cisco AMP for Endpoints .
What are two Detection and Analytics Engines of Cognitive Threat Analytics? (Choose two.) data exfiltration command and control communication intelligent proxy snort URL categorization .
Which Cisco product provides proactive endpoint protection and allows administrators to centrally manage the deployment? NGFW AMP WSA ESA.
Refer to the exhibit. R9 is running FLEXVPN with peer R10 at 20.1.4.10 using a pre-shared key "ccier10". The IPSec tunnel is sourced from 172.16.2.0/24 network and is included in EIGRP routing process. BGP nexthop is AS 345 with address 20.1.3.12. It has been reported that FLEXVPN is down. What could be the issue ? A. Incorrect IPSec profile configuration B. Incorrect tunnel network address in EIGRP routing process C. Incorrect tunnel source for the tunnel interface. D. Incorrect keyring configuration E. Incorrect IKEv2 profile configuration. F. Incorrect local Network address in BGP routing process .
Which function is the primary function of Cisco AMP threat Grid? monitoring network traffic automated malware analysis applying a real-time URI blacklist automated email encryption.
An administrator wants to ensure that all endpoints are compliant before users are allowed access on the corporatenetwork. The endpoints must have the corporate antivirus application installed and be running the latest build of Windows. - What must the administrator implement to ensure that all devices are compliant before they are allowed on the network? Cisco Identity Services Engine and AnyConnect Posture module Cisco Stealthwatch and Cisco Identity Services Engine integration Cisco ASA firewall with Dynamic Access Policies configured Cisco Identity Services Engine with PxGrid services enabled.
In which form of attack is alternate encoding, such as hexadecimal representation, most often observed? smurf distributed denial of service cross-site scripting rootkit exploit.
Which deployment model is the most secure when considering risks to cloud adoption? public cloud hybrid cloud community cloud private cloud.
Which network monitoring solution uses streams and pushes operational data to provide a near real-time view of activity? SNMP SMTP syslog model-driven telemetry.
Which two features of Cisco DNA Center are used in a Software Defined Network solution? (Choose two.) accounting assurance automation authentication encryption.
What is a difference between FlexVPN and DMVPN? FlexVPN uses IKEvI or IKEv2. DMVPN uses only IKEv2 DMVPN uses only IKEvI FlexVPN uses only IKEv2. DMVPN uses IKEvI or IKEv2. FlexVPN only uses IKEvI FlexVPN uses IKEv2. DMVPN uses IKEvI or IKEv2.
What is a characteristic of Firepower NGIPS inline deployment mode? It cannot take actions such as blocking traffic. ASA with Firepower module cannot be deployed. it must have inline interface pairs configured. It is out-of-band from traffic.
Using Cisco Firepower's Security Intelligence policies, upon which two criteria is Firepower block based? (Choose two.) protocol IDs URLs IP addresses port numbers MAC addresses.
How does Cisco Umbrella archive logs to an enterprise-owned storage? by using the Application Programming Interface to fetch the logs by sending logs via syslog to an on-premises or cloud-based syslog server by the system administrator downloading the logs from the Cisco Umbrella web portal by being configured to send logs to a self-managed AWS S3 bucket.
Which flaw does an attacker leverage when exploiting SQL injection vulnerabilities? user input validation in a web page or web application Linux and Windows operating systems database web page images.
Drag and grog Portscan detection Port Sweep Decoy Portscan Distributed Portscan.
What are two Detection and Analytics Engines of Cognitive Threat Analytics? (Choose two.) data exfiltration command and control communication intelligent proxy snort URL categorization.
Which two activities can be done using Cisco DNA Center? (Choose two.) DHCP design accounting DNS provision .
Which connection mechanism does the eSTREAMER service use to communicate? IPsec tunnels with 3DES or AES encryption TCP over SSL only SSH EAP-TLS tunnels TCP with optional SSL encryption IPsec tunnels with 3DES encryption only .
Which benefit does endpoint security provide the overall security posture of an organization? It streamlines the incident response process to automatically perform digital forensics on the endpoint It allows the organization to mitigate web-based attacks as long as the user is active in the domain. It allows the organization to detect and respond to threats at the edge of the network. It allows the organization to detect and mitigate threats that the perimeter security devices do not detect. .
Which VPN technology can support a multivendor environment and secure traffic between sites? SSL VPN GET VPN FlexVPN DMVPN.
Under which two circumstances is a CoA issued? (Choose two.) A new authentication rule was added to the policy on the Policy Service node. An endpoint is deleted on the Identity Service Engine server. A new Identity Source Sequence is created and referenced in the authentication policy. An endpoint is profiled for the first time. A new Identity Service Engine server is added to the deployment with the Administration persona. .
What is the difference between deceptive phishing and spear phishing? Deceptive phishing is an attacked aimed at a specific user in the organization who holds a C-level role. A spear phishing campaign is aimed at a specific person versus a group of people. Spear phishing is when the attack is aimed at the C-level executives of an organization. Deceptive phishing hijacks and manipulates the DNS server of the victim and redirects the user to a false webpage.
Which two prevention techniques are used to mitigate SQL injection attacks? (Choose two.) Check integer, float, or Boolean string parameters to ensure accurate values. Use prepared statements and parameterized queries. Secure the connection between the web and the app tier. Write SQL code instead of using object-relational mapping libraries. Block SQL code execution in the web application database login.
Which exfiltration method does an attacker use to hide and encode data inside DNS requests and queries? DNS tunneling DNSCrypt DNS security DNSSEC .
What is the result of running the crypto isakmp key ciscXXXXXXXX address 172.16.0.0 command? authenticates the IKEv2 peers in the 172.16.0.0/16 range by using the key ciscXXXXXXXX authenticates the IP address of the 172.16.0.0/32 peer by using the key ciscXXXXXXXX authenticates the IKEv1 peers in the 172.16.0.0/16 range by using the key ciscXXXXXXXX secures all the certificates in the IKE exchange by using the key ciscXXXXXXXX .
What is the function of Cisco Cloudlock for data security? data loss prevention controls malicious cloud apps detects anomalies user and entity behavior analytics.
How is ICMP used an exfiltration technique? by flooding the destination host with unreachable packets by sending large numbers of ICMP packets with a targeted hosts source IP address using an IP broadcast address by encrypting the payload in an ICMP packet to carry out command and control tasks on a compromised host by overwhelming a targeted host with ICMP echo-request packets .
Which Talos reputation center allows for tracking the reputation of IP addresses for email and web traffic? IP and Domain Reputation Center File Reputation Center IP Slock List Center AMP Reputation Center.
The main function of northbound APIs in the SDN architecture is to enable communication between which two areas of a network? SDN controller and the cloud management console and the SDN controller management console and the cloud SDN controller and the management solution.
Which feature is supported when deploying Cisco ASAv within AWS public cloud? multiple context mode user deployment of Layer 3 networks IPv6 clustering.
What are the advantages of using LDAP over AD? LDAP allows for granular policy control, whereas AD does not. LDAP provides for faster authentication LDAP can be configured to use primary and secondary servers, whereas AD cannot. LDAP does not require ISE to join the AD domain The closest LDAP servers are used for Authentication.
Which benefit does endpoint security provide to the overall security posture of an organization? It streamlines the incident response process to automatically perform digital forensics on the endpoint. It allows the organization to mitigate web-based attacks as long as the user is active in the domain It allows the organization to detect and respond to threats at the edge of the network. It allows the organization to detect and mitigate threats that the perimeter security devices do not detect.
A network administrator configures Dynamic ARP Inspection on a switch. After Dynamic ARP Inspection is applied, all users on that switch are unable to communicate with any destination. The network administrator checks the interface status of all interfaces, and there is no err-disabled interface. What is causing this problem? The IP arp inspection limit command is applied to all interfaces and is blocking the traffic of all users. DHCP snooping has not been enabled on all VLANs. The no IP arp inspection trust command is applied on all user host interfaces Dynamic ARP Inspection has not been enabled on all VLANs.
Which statement about IOS zone-based firewalls is true? An unassigned interface can communicate with assigned interfaces Only one interface can be assigned to a zone. An interface can be assigned to multiple zones. An interface can be assigned only to one zone.
Under which two circumstances is a CoA issued? (Choose two.) A new authentication rule was added to the policy on the Policy Service node. An endpoint is deleted on the Identity Service Engine server. A new Identity Source Sequence is created and referenced in the authentication policy. An endpoint is profiled for the first time. A new Identity Service Engine server is added to the deployment with the Administration persona.
Which Cisco security solution protects remote users against phishing attacks when they are not connected to the VPN? Cisco Firepower Cisco Umbrella Cisco Stealthwatch NGIPS.
What can be integrated with the Cisco Threat Intelligence Director to provide information about security threats, which allows the SOC to proactively automate responses to those threats? Cisco Umbrella External Threat Feeds Cisco Threat Grid Cisco Stealthwatch.
An engineer is configuring a Cisco ESA and wants to control whether to accept or reject email messages to a recipient address. Which list contains the allowed recipient addresses? SAT BAT HAT RAT.
Which API is used for Content Security? NX-OS API IOS XR API OpenVuln API AsyncOS API .
What is the primary role of the Cisco Email Security Appliance? Mail Submission Agent Mail Transfer Agent Mail Delivery Agent Mail User Agent .
Windows supplicant connected to SW2 cannot establish HTTP session using FQDN. Based on the provided outputs, what could be the potential issue? A. Issue with the DACL pushed for the session. B. Issue with assigned SGT to the session. C. User is not authenticated. D. MAB should be used for port authentication and authorization. E. Issue with assigned VLAN to the session. F. User is not authorized. .
Which attack is commonly associated with C and C++ programming languages? cross-site scripting water holing DDoS buffer overflow .
Which proxy mode must be used on Cisco WSA to redirect TCP traffic with WCCP? transparent redirection forward proxy gateway.
How does Cisco Umbrella archive logs to an enterprise-owned storage? by using the Application Programming Interface to fetch the logs by sending logs via syslog to an on-premises or cloud-based syslog server by the system administrator downloading the logs from the Cisco Umbrella web portal by being configured to send logs to a self-managed AWS S3 bucket.
Which technology is used to improve web traffic performance by proxy caching? WSA Firepower FireSIGHT ASA.
Drag and drog.
Which feature is configured for managed devices in the device platform settings of the Firepower Management Center? quality of service time synchronization network address translations intrusion policy.
Which two kinds of attacks are prevented by multifactor authentication? (Choose two.) phishing brute force man-in-the-middle DDOS tear drop .
Which two key and block sizes are valid for AES? (Choose two.) 64-bit block size, 112-bit key length 64-bit block size, 168-bit key length 128-bit block size, 192-bit key length 128-bit block size, 256-bit key length 192-bit block size, 256-bit key length .
In which cloud services model is the tenant responsible for virtual machine OS patching? IaaS UCaaS PaaS SaaS.
Which statement about the configuration of Cisco ASA NetFlow v9 Secure Event Logging is true? To view bandwidth usage for NetFlow records, the QoS feature must be enabled. A sysopt command can be used to enable NSEL on a specific interface. NSEL can be used without a collector configured. A flow-export event type must be defined under a policy. .
An engineer configured a new network identity in Cisco Umbrella but must verify that traffic is being routed through the Cisco Umbrella network. Which action tests the routing? Ensure that the client computers are pointing to the on-premises DNS servers. Enable the Intelligent Proxy to validate that traffic is being routed correctly Add the public IP address that the client computers are behind to a Core Identity. Browse to http://welcome.umbrellA.com/ to validate that the new identity is working. .
What is a language format designed to exchange threat intelligence that can be transported over the TAXII protocol? STIX XMPP pxGrid SMTP.
What are two list types within AMP for Endpoints Outbreak Control? (Choose two.) blocked ports simple custom detections command and control allowed applications URL.
Which two application layer preprocessors are used by Firepower Next Generation Intrusion Prevention System? (Choose two SIP inline normalization SSL packet decoder modbus.
Refer to the exhibit. What is a result of the configuration? A.Traffic from the DMZ network is redirected. B.Traffic from the inside network is redirected. C. All TCP traffic is redirected. D.Traffic from the inside and DMZ networks is redirected.
Which information is required when adding a device to Firepower Management Center? username and password encryption method device serial number registration key.
Which two services must remain as on-premises equipment when a hybrid email solution is deployed? (Choose two.) DDoS antispam antivirus encryption DLP.
What is a characteristic of Cisco ASA Netflow v9 Secure Event Logging? It tracks flow-create, flow-teardown, and flow-denied events It provides stateless IP flow tracking that exports all records of a specific flow It tracks the flow continuously and provides updates every 10 seconds. Its events match all traffic classes in parallel.
Which feature within Cisco Umbrella allows for the ability to inspect secure HTTP traffic? File Analysis SafeSearch SSL Decryption Destination Lists.
Denunciar test Consentimiento Condiciones de uso