An engineer is configuring 802.1X authentication on Cisco switches in the network and is using CoA as a mechanism. Which port on the firewall must be opened to allow the CoA traffic to traverse the network?
An engineer has been tasked with implementing a solution that can be leveraged for securing the cloud users,
data, and applications. There is a requirement to use the Cisco cloud native CASB and cloud cybersecurity
platform. What should be used to meet these requirements?
What is a capability of Cisco ASA Netflow?
A network administrator is using the Cisco ESA with AMP to upload files to the cloud for analysis. The network
is congested and is affecting communication. How will the Cisco ESA handle any files which need analysis?
Drag and drop the common security threats from the left onto the definitions on the right.
What is the purpose of the My Devices Portal in a Cisco ISE environment?
Drag and drop the VPN functions from the left onto the description on the right.
An engineer notices traffic interruption on the network. Upon further investigation, it is learned that broadcast
packets have been flooding the network. What must be configured, based on a predefined threshold, to
address this issue?
What features does Cisco FTDv provide over ASAv?
An organization has a Cisco ESA set up with policies and would like to customize the action assigned for
violations. The organization wants a copy of the message to be delivered with a message added to flag it as a
DLP violation. Which actions must be performed in order to provide this capability?
An engineer is implementing NTP authentication within their network and has configured both the client and server devices with the command ntp authentication-key 1 md5 Cisc392368270. The server at 1.1.1.1 is attempting to authenticate to the client at 1.1.1.2, however it is unable to do so. Which command is required to enable the client to accept the server’s authentication key?
A network engineer has been tasked with adding a new medical device to the network. Cisco ISE is being used as the NAC server, and the new device does not have a supplicant available. What must be done in order to securely connect this device to the network?
Which term describes when the Cisco Firepower downloads threat intelligence updates from Cisco Talos?
Using Cisco Firepower’s Security Intelligence policies, upon which two criteria is Firepower block based?
(Choose two)
Which type of algorithm provides the highest level of protection against brute-force attacks?
In which type of attack does the attacker insert their machine between two hosts that are communicating with each other?
Which component of Cisco umbrella architecture increases reliability of the service?
Drag and drop the steps from the left into the correct order on the right to enable AppDynamics to monitor an EC2 instance in Amazon Web Services.
In which two ways does Easy Connect help control network access when used with Cisco TrustSec? (Choose two)
Which suspicious pattern enables the Cisco Tetration platform to learn the normal behavior of users?
What is a benefit of performing device compliance?
An organization received a large amount of SPAM messages over a short time period. In order to take action on the messages, it must be determined how harmful the messages are and this needs to happen dynamically.
What must be configured to accomplish this?
A switch with Dynamic ARP Inspection enabled has received a spoofed ARP response on a trusted interface.
How does the switch behave in this situation?
Refer to the exhibit.
An administrator is adding a new Cisco FTD device to their network and wants to manage it with Cisco FMC.
The Cisco FTD is not behind a NAT device. Which command is needed to enable this on the Cisco FTD?
An administrator is trying to determine which applications are being used in the network but does not want the
network devices to send metadata to Cisco Firepower. Which feature should be used to accomplish this?
Which attack is preventable by Cisco ESA but not by the Cisco WSA?
What is the benefit of installing Cisco AMP for Endpoints on a network?
A network administrator is configuring a switch to use Cisco ISE for 802.1X. An endpoint is failing
authentication and is unable to access the network. Where should the administrator begin troubleshooting to verify the authentication details?
For Cisco IOS PKI, which two types of Servers are used as a distribution point for CRLs? (Choose two)
Which public cloud provider supports the Cisco Next Generation Firewall Virtual?
How many interfaces per bridge group does an ASA bridge group deployment support?
A mall provides security services to customers with a shared appliance. The mall wants separation of
management on the shared appliance. Which ASA deployment mode meets these needs?
Which form of attack is launched using botnets?
Which policy is used to capture host information on the Cisco Firepower Next Generation Intrusion Prevention
System?
What is the difference between deceptive phishing and spear phishing?
Elliptic curve cryptography is a stronger more efficient cryptography method meant to replace which current
encryption technology?
When using Cisco AMP for Networks which feature copies a file to the Cisco AMP cloud for analysis?
Which feature within Cisco Umbrella allows for the ability to inspect secure HTTP traffic?
Which deployment model is the most secure when considering risks to cloud adoption?
Where are individual sites specified to be blacklisted in Cisco Umbrella?
The Cisco ASA must support TLS proxy for encrypted Cisco Unified Communications traffic. Where must the
ASA be added on the Cisco UC Manager platform?
Which information is required when adding a device to Firepower Management Center?
Which Cisco product provides proactive endpoint protection and allows administrators to centrally manage the
deployment?
Which two characteristics of messenger protocols make data exfiltration difficult to detect and prevent?
(Choose two)
What are two rootkit types? (Choose two)
An engineer is trying to securely connect to a router and wants to prevent insecure algorithms from being used.
However, the connection is failing. Which action should be taken to accomplish this goal?
Which two activities can be done using Cisco DNA Center? (Choose two)
Which two mechanisms are used to control phishing attacks? (Choose two)
Which PKI enrollment method allows the user to separate authentication and enrollment actions and also
provides an option to specify HTTP/TFTP commands to perform file retrieval from the server?
What is a commonality between DMVPN and FlexVPN technologies?
Which two application layer preprocessors are used by Firepower Next Generation Intrusion Prevention
System? (Choose two)
What is a required prerequisite to enable malware file scanning for the Secure Internet Gateway?
An engineer is configuring AMP for endpoints and wants to block certain files from executing. Which outbreak
control method is used to accomplish this task?
How is Cisco Umbrella configured to log only security events?
Which feature is configured for managed devices in the device platform settings of the Firepower Management
Center?
The main function of northbound APIs in the SDN architecture is to enable communication between which two areas of a network?
Which threat involves software being used to gain unauthorized access to a computer system?
Which SNMPv3 configuration must be used to support the strongest security possible?
Which statement about IOS zone-based firewalls is true?
An engineer used a posture check on a Microsoft Windows endpoint and discovered that the MS17-010 patch
was not installed, which left the endpoint vulnerable to WannaCry ransomware. Which two solutions mitigate
the risk of this ransom ware infection? (Choose two)
A company has 5000 Windows users on its campus. Which two precautions should IT take to prevent WannaCry ransomware from spreading to all clients? (Choose two.)
Which direction do attackers encode data in DNS requests during exfiltration using DNS tunneling?
What is the process of performing automated static and dynamic analysis of files against preloaded
behavioral indicators for threat analysis?
Which benefit does DMVPN provide over GETVPN?
Which IETF attribute is supported for the RADIUS CoA feature?
Which system performs compliance checks and remote wiping?
Drag and drop the exploits from the left onto the type of security vulnerability on the right.
In which two ways does the Cisco Advanced Phishing Protection solution protect users? (Choose two.)
An engineer needs to detect and quarantine a file named abc424400664 zip based on the MD5 signature of the file using the Outbreak Control list feature within Cisco Advanced Malware Protection (AMP) for Endpoints The configured detection method must work on files of unknown disposition Which Outbreak Control list must be configured to provide this?
What are two ways that Cisco Container Platform provides value to customers who utilize cloud service providers? (Choose two.)
What is a benefit of using Cisco CWS compared to an on-premises Cisco WSA?
What is a feature of container orchestration?
Why is it important to have a patching strategy for endpoints?
A large organization wants to deploy a security appliance in the public cloud to form a site-to-site VPN
and link the public cloud environment to the private cloud in the headquarters data center. Which Cisco
security appliance meets these requirements?
An organization has DHCP servers set up to allocate IP addresses to clients on the LAN. What must be done to ensure the LAN switches prevent malicious DHCP traffic while also distributing IP addresses to the correct endpoints?
Which type of data does the Cisco Stealthwatch system collect and analyze from routers, switches, and firewalls?
What is the most commonly used protocol for network telemetry?
Why should organizations migrate to a multifactor authentication strategy?
Which two capabilities of Integration APIs are utilized with Cisco DNA center? (Choose two)
What is a difference between Cisco AMP for Endpoints and Cisco Umbrella?
An administrator is adding a new Cisco ISE node to an existing deployment. What must be done to ensure that the addition of the node will be successful when inputting the FQDN?
Which baseline form of telemetry is recommended for network infrastructure devices?
Which solution is made from a collection of secure development practices and guidelines that developers must follow to build secure applications?
A customer has various external HTTP resources available including Intranet Extranet and Internet, with a
proxy configuration running in explicit mode. Which method allows the client desktop browsers to be configured
to select when to connect direct or when to use the proxy?
II
An engineer musí set up 200 new laptops on a network and wants to prevent the users from moving their laptops around to simplify administration Which switch port MAC address security setting must be used?
An organization wants to implement a cloud-delivered and SaaS-based solution to provide visibility and threat detection across the AWS network. The solution must be deployed without software agents and rely on AWS VPC flow logs instead. Which solution meets these requirements?
What is a functional difference between Cisco AMP for Endpoints and Cisco Umbrella Roaming Client?
What is a function of the Layer 4 Traffic Monitor on a Cisco WSA?
An engineer is deploying Cisco Advanced Malware Protection (AMP) for Endpoints and wants to create a policy that prevents users from executing file named abc424952615.exe without quarantining that file What type of Outbreak Control list must the SHA.-256 hash value for the file be added to in order to accomplish this?
A picture containing application
Description automatically generated
Graphical user interface, text, application
Description automatically generated
