Cuestiones
ayuda
option
Mi Daypo

TEST BORRADO, QUIZÁS LE INTERESESCOR DUMP 1

COMENTARIOS ESTADÍSTICAS RÉCORDS
REALIZAR TEST
Título del test:
SCOR DUMP 1

Descripción:
To study SCOR exam

Autor:
AVATAR
Andres Felipe Gomez Coba
(Otros tests del mismo autor)


Fecha de Creación:
21/09/2021

Categoría:
Informática

Número preguntas: 47
Comparte el test:
Facebook
Twitter
Whatsapp
Comparte el test:
Facebook
Twitter
Whatsapp
Últimos Comentarios
No hay ningún comentario sobre este test.
Temario:
Which Cisco solution does Cisco Umbrella integrate with to determine if a URL is malicious? AMP AnyConnect DynDNS Talos.
An engineer wants to automatically assign endpoints that have a specific OUI into a new endpoint group. Which probe must be enabled for this type of profiling to work? NetFlow DHCP SNMP NMAP.
How is Cisco Umbrella configured to log only security events? In the reporting settings Per network in the Deployment section Per policy In the Security Settings section.
Which PKI enrollment method allows the user to separate authentication and enrollment actions and also provides an option to specify HTTP/TFTP commands to perform file retrieval from the server? Profile Selfsigned Terminal URL.
Which Cisco product is open, scalable and built on IETF standards to allow multiple security products from Cisco and other vendors to share data and interoperate with each other? Firepower Threat Defense Platform Exchange Grid Multifactor Platform Integration Advanced Malware Protection.
What is a difference between FlexVPN and DMVPN? FlexVPN uses IKEv2. DMVPN uses IKEv1 or IKEv2 FlexVPN uses IKEv1 or IKEv2. DMVPN uses only IKEv2 DMVPN uses only IKEv1. FlexVPN uses only IKEv2 DMVPN uses IKEv1 or IKEv2. FlexVPN uses only IKEv1.
Which two conditions are prerequisites for stateful failover IPSec? (choose two) The IPSec configuration that is set up on the active device must be duplicated on the standby device Only the IPSec configuration that is set up on the active device must be duplicated on the standby device, the IKE configuration is copied automatically. Only the IKE configuration that is set up on the active device must be duplicated on the standby device, the IPSec configuration is copied automatically. The active and standby devices can run different versions of the Cisco IOS software but must be the same type of device The active and standby devices must run the same version of the Cisco IOS software and must be the same type of device.
Refer to exhibit. An engineer configured wired 802.1x on the network and is unable to get a laptop to authenticate. Which port configuration is missing? CISP enable dot1x reauthentication authentication open dot1x pae authenticator.
Which feature is configured for managed devices in the device platform settings of the Firepower Management Center? Intrusion policy Quality of Service Time Synchronization Network Address Translations.
Refer to exhibit. Which command was used to display this output? show dot1x show dot1x all show dot1x interface gi1/0/12 show dot1x all summary.
What must be used to share data between multiple products? Cisco Platform Exchange Grid Cisco Advanced Malware Protection Cisco Rapid Threat Containment Cisco Stealthwatch Cloud.
How is DNS tunneling used to exfiltrate data out of a corporate network? It computes DNS servers by replacing the actual IP address with a rogue address to collect information or start other attacks It redirects DNS requests to a malicious server used to steal user credentials which allows further damage and theft on the network It encodes the payload with random characters that are broken into short strings and the DNS server rebuilds the exfiltrated data It leverages the DNS server by permitting recursive lookups so spread the attack to other DNS servers.
Which deployment model is the most secure when considering risks to cloud adoption? Public cloud Community cloud Private cloud Hybrid cloud.
What are two Detection and Analytics Engines of Cognitive Threat Analytics? (choose two) Intelligent proxy Command and control communication Data exfiltration URL categorization SNORT.
An engineer wants to generate NetFlow records on traffic traversing the Cisco ASA. Which Cisco ASA command must be used? ip flow-export destination 1.1.1.1 2055 ip flow monitor <name> input flow exporter <name> flow-export destination inside 1.1.1.1 2055.
What is a commonality between DMVPN and FlexVPN technologies? IOS routers run the same NHRP code for DMVPN and FlexVPN FlexVPN and DMVPN use the new key management protocol IKEv2 FlexVPN and DMVPN use IS-IS routing protocols to communicate with spokes FlexVPN and DMVPN use the same hashing algorithms .
What is the difference between deceptive phishing and spear phishing? Deceptive phishing hijacks and manipulates the DNS server of the victim and redirects the user to a false webpage Deceptive phishing is an attacked aimed at a specific user in the organization who holds a C-level role A spear phishing campaign is aimed at a specific person versus a group of people Spear phishing is when the attack is aimed at the C-level executives of an organization.
What is the function of the Context Directory Agent? Relays user authentication requests from Web Security Appliance to Active Directory Maintains users' group memberships Reads the Active Directory logs to map IP addresses to usernames Accepts user authentication requests on behalf of Web Security Appliance for user identification.
Which feature requires a network discovery policy on the Cisco Firepower Next Generation Intrusion Prevention System? Impact flags Security intelligence Health Monitoring URL filtering.
Which policy represents a shared set of features or parameters that define the aspects of a managed device are likely to be similar to other managed devices in a deployment? Group Policy Device Management Policy Access Control Policy Platform Service Policy.
A network administrator configures Dynamic ARP inspection on a switch After Dynamic ARP inspection is applied all users on that switch are unable to communicate with any destination. The network administrator checks the interface status of all interfaces and there is no err-disabled interface. What is causing this problem? The ip arp inspection limit command is applied on all interfaces and is blocking the traffic of all users The no ip arp inspection trust command is applied on all user host interfaces DHCP snooping has not been enabled on all VLANs Dynamic ARP inspection has not been enabled on all VLANs.
Which two requests methods of REST API are valid on the Cisco ASA platform? (choose two) put get push options connect.
Which Cisco security solution protects remote users against phishing attacks when they are not connected to the VPN? Cisco Stealthwatch Cisco Umbrella Cisco Firepower NGIPS.
In which two ways does a system administrator send web traffic transparently to the Web Security Appliance? (choose two) configure Active Directory Group Policies to push proxy settings use Web Cache Communication Protocol configure policy-based routing on the network infrastructure reference a Proxy Auto Config file Configure the proxy IP address in the web-browser settings.
An MDM provides which two advantages to an organization with regards to device management? (choose two) network device management asset inventory management allowed application management critical device management active directory group policy management.
An engineer configured a new network identity in Cisco Umbrella but must verify that traffic is being routed through the Cisco Umbrella network. Which action tests the routing? Browse to http://welcome.umbrella.com/ to validate that the new identity is working Enable the Intelligent Proxy to validate that traffic is being routed correctly Add the public IP address that the client computers are behind to a Core Identity Ensure that the client computers are pointing to the on-premises DNS servers.
Which compliance status is shown when a configured posture policy requirement is not met? Noncompliant Unknown Compliant Authorized.
The main function of northbound APIs in the SDN architecture is to enable communication between which two areas of a network SDN controller and the cloud SND controller and the management solution management console and the SDN controller management console and the cloud.
Which feature is supported when deploying Cisco ASAv within AWS public cloud? IPv6 Clustering user deployment of layer 3 networks multiple context mode.
Which two risks is a company vulnerable to if it does not have a well-established patching solution for endpoints?(choose two) denial-of-service attacks malware eavesdropping ARP spoofing exploits.
Which protocol provides the strongest throughout performance when using Cisco Anyconnect VPN? DTLSv1 TLSv1.1 TLSv1 TLSv1.2.
What must be configured in Cisco ISE to enforce reauthentication of an endpoint session when an endpoint is deleted from an identity group? external identity source CoA posture assessment SNMP probe.
Which method of attack is used by a hacker to send malicious code through a web application to an unsuspecting user to request that victims web browser executes the code? browser WGET SQL injection buffer overflow cross-site scripting.
How does DNS tunneling exfiltrate data? An attacker registers a domain that a client connects to based on DNS records and sends malware through that connection An attacker opens a reverse DNS shell to get into the client's system and install malware on it An attacker uses a non-standard DNS port to gain access to the organization's DNS servers in order to poison the resolutions An attacker sends an email to the target with the hidden DNS resolvers in it to redirect them to a malicious domain.
What is a key difference between Cisco Firepower and Cisco ASA? Cisco ASA provides access control while Cisco Firepower does not Cisco Firepower provides identity based access control while Cisco ASA does not Cisco ASA provides SSL inspection while Cisco Firepower does not Cisco Firepower natively provides intrusion prevention capabilities while Cisco ASA does not.
What is the benefit of installing Cisco AMP for endpoints on a network? It enables behavioral analysis to be used for the endpoints It protects endpoint systems through application control and real-time scanning It provides flow-based visibility for the endpoints network connections It provides operating system patches on the endpoints for security.
What is a feature of Cisco NetFlow Secure Event logging for Cisco ASAs? Multiple NetFlow collectors are supported Advanced NetFlow v9 templates and legacy v5 formatting are supported Secure NetFlow connections are optimized for Cisco Prime Infrastructure Flow-create events are delayed.
After a recent breach an organization determined that phishing was used to gain initial access to the network before regaining persistence. The information gained from the phishing attack was a result of users visiting known malicious websites. What must be done in order to prevent this from happening in the future? Modify an access policy Modify web proxy settings Modify outbound malware policies Modify identification profiles.
An user has a device in the network that is receiving too many connections requests from multiple machines. Which type of attack is the device undergoing? Pharming Slowloris SYN flood Phishing.
Which type of dashboard does Cisco DNA Center provide for complete control of the network? distributed management service management application management centralized management.
An organization has two machines hosting web applications. Machine 1 is vulnerable to SQL injection while machine 2 is vulnerable to bufer overflow. What action would allow the attacker to gain access to machine 1 but not to machine 2? sniffing the packets between the two hosts sending continuous ping overflowing the buffer's memory inserting malicious commands into the database.
Refer to exhibit. An organization is using DHCP snooping within their network. A user on VLAN 41 on a new switch is complaining that an IP address is not being obtained. Which command should be configured on the switch interface to provide the user with network connectivity? ip dchp snooping verify mac-adress ip dhcp snooping limit 41 ip dhcp snooping vlan 41 ip dhcp snooping trust.
An organization is receiving SPAM emails from a known malicious domain. What must be configured in order to prevent the session during the initial TCP communication? Configure policies to quarantine malicious emails Configure the Cisco ESA to reset the TCP connection Configure policies to stop and reject communication Configure the ESA to drop the malicious emails.
When Cisco and other industry organizations publish and inform users of known security findings and vulnerabilities, which name is used? Common Security Exploits Common Vulnerabilities, Exploits and Threats Common Vulnerabilities and Exposures Common Exploits and Vulnerabilities.
A Cisco Firepower administrator needs to configure a rule to allow a new application that has never been seen on the network. Which two actions should be selected to allow the traffic to pass without inspection?(choose two) allow reset permit monitor trust.
What is an attribute of the DevSecOps process? development security isolated security team security scanning and theoretical vulnerabilities mandated security controls and check lists.
An engineer notices traffic interruptions on the network. Upon further investigation, it is learned that broadcast packets have been flooding the network. What must be configured, based on a predefined threshold, to address this issue? embedded event monitoring bridge protocol data unit guard storm control access control lists.
Denunciar test Consentimiento Condiciones de uso