Topic 1: Exam Pool A
What is a characteristic of traffic storm control behavior?
A.
Traffic storm control drops all broadcast and multicast traffic if the combined traffic
exceeds the level within the interval.
B.
Traffic storm control cannot determine if the packet is unicast or broadcast
C.
Traffic storm control monitors incoming traffic levels over a 10-second traffic storm
control interval.
D.
Traffic storm control uses the Individual/Group bit in the packet source address to
determine if the packet is unicast or broadcast
Traffic storm control drops all broadcast and multicast traffic if the combined traffic
exceeds the level within the interval.
An organization has a Cisco Stealthwatch Cloud deployment in their environment. Cloud logging is working as expected, but logs are not being received from the on-premise network, what action will resolve this issue?
A.
Configure security appliances to send syslogs to Cisco Stealthwatch Cloud
B.
Configure security appliances to send NetFlow to Cisco Stealthwatch Cloud
C.
Deploy a Cisco FTD sensor to send events to Cisco Stealthwatch Cloud
D.
Deploy a Cisco Stealthwatch Cloud sensor on the network to send data to Cisco
Stealthwatch Cloud
Deploy a Cisco Stealthwatch Cloud sensor on the network to send data to Cisco
Stealthwatch Cloud
Which attack is preventable by Cisco ESA but not by the Cisco WSA?
A.
buffer overflow
B.
DoS
C.
SQL injection
D.
phishing
phishing
What are two functions of secret key cryptography? (Choose two)
A.
key selection without integer factorization
B.
utilization of different keys for encryption and decryption
C.
utilization of large prime number iterations
D.
provides the capability to only know the key on one side
E.
utilization of less memory
utilization of different keys for encryption and decryption
provides the capability to only know the key on one side
What are the two most commonly used authentication factors in multifactor authentication?
(Choose two)
A.
biometric factor
B.
time factor
C.
confidentiality factor
D.
knowledge factor
E.
encryption factor
biometric factor
knowledge factor
https://www.cisco.com/c/en/us/products/security/what-is-multi-factorauthentication.htmlThe two most popular authentication factors are knowledge and inherent (including biometrics like fingerprint,face, and retina scans. Biometrics is used commonly in mobile devices).
Due to a traffic storm on the network, two interfaces were error-disabled, and both
interfaces sent SNMP traps.
Which two actions must be taken to ensure that interfaces are put back into service?
(Choose two)
A.
Have Cisco Prime Infrastructure issue an SNMP set command to re-enable the ports
after the pre
configured interval.
B.
Use EEM to have the ports return to service automatically in less than 300 seconds
C.
Enter the shutdown and no shutdown commands on the interfaces
D.
Enable the snmp-server enable traps command and wait 300 seconds
E.
Ensure that interfaces are configured with the error-disable detection and recovery
feature
Enter the shutdown and no shutdown commands on the interfaces
Ensure that interfaces are configured with the error-disable detection and recovery
feature
You can also bring up the port by using these
commands:+ The “shutdown” interface configuration command followed by the “no
shutdown” interface configurationcommand restarts the disabled port.+ The “errdisable
recovery cause …” global configuration command enables the timer to automatically
recover error-disabled state, and the “errdisable recovery interval interval” global
configuration command specifies the time to recover error-disabled state.
When planning a VPN deployment, for which reason does an engineer opt for an
active/active FlexVPN
configuration as opposed to DMVPN?
A.
Multiple routers or VRFs are required
B.
Traffic is distributed statically by default
C.
Floating static routes are required
D.
HSRP is used for faliover
Traffic is distributed statically by default
What is a characteristic of Firepower NGIPS inline deployment mode?
A.
ASA with Firepower module cannot be deployed.
B.
It cannot take actions such as blocking traffic.
C.
It is out-of-band from traffic.
D.
It must have inline interface pairs configured
It must have inline interface pairs configured
Which term describes when the Cisco Firepower downloads threat intelligence updates
from Cisco Talos?
A.
consumption
B.
sharing
C.
analysis
D.
authoring
consumption
we will showcase Cisco Threat Intelligence
Director (CTID) an exciting feature on Cisco’s FirepowerManagement Center (FMC)
product offering that automates the operationalization of threat intelligence. TID has the
ability to consume threat intelligence via STIX over TAXII and allows uploads/downloads of
STIX and simple blacklists. Reference: https://blogs.cisco.com/developer/automate-threatintelligence-
using-cisco-threat-intelligencedirector
Drag and drop the capabilities of Cisco Firepower versus Cisco AMP from the left into the
appropriate category on the right.
Application
Description automatically generated with low confidence
ExplanationThe Firepower System uses network discovery and identity policies to collect
host, application, and user data for traffic on your network. You can use certain types of
discovery and identity data to build a comprehensive map of your network assets, perform
forensic analysis, behavioral profiling, access control, and mitigate and respond to the
vulnerabilities and exploits to which your organization is susceptible.The Cisco Advanced
Malware Protection (AMP) solution enables you to detect and block malware, continuously
analyze for malware, and get retrospective alerts. AMP for Networks delivers networkbased
advanced malware protection that goes beyond point-in-time detection to protect
your organization across the entire attack continuum – before, during, and after an attack.
Designed for Cisco Firepower® network threat appliances, AMP for Networks detects,
blocks, tracks, and contains malware threats across multiple threat vectors within a single
system. It also provides the visibility and control necessary to protect your organization
against highly sophisticated, targeted, zero-day, and persistent advanced malware threats.
| Page 16 out of 63 Pages |
| Previous |
Copyright © - All Rights Reserved