Topic 1: Exam Pool A
A mall provides security services to customers with a shared appliance. The mall wants separation of management on the shared appliance. Which ASA deployment mode meets these needs?
A.
routed mode
B.
transparent mode
C.
multiple context mode
D.
multiple zone mode
multiple context mode
An organization is using Cisco Firepower and Cisco Meraki MX for network security and
needs to centrally
manage cloud policies across these platforms. Which software should be used to accomplish this goal?
A.
Cisco Defense Orchestrator
B.
Cisco Secureworks
C.
Cisco DNA Center
D.
Cisco Configuration Professional
Cisco Defense Orchestrator
Drag and drop the threats from the left onto examples of that threat on the right
A data breach is the intentional or unintentional release of secure or
private/confidential information to anuntrusted environment.When your credentials have
been compromised, it means someone other than you may be in possession of your
account information, such as your username and/or password.
What is a difference between DMVPN and sVTI?
A.
DMVPN supports tunnel encryption, whereas sVTI does not.
B.
DMVPN supports dynamic tunnel establishment, whereas sVTI does not.
C.
DMVPN supports static tunnel establishment, whereas sVTI does not.
D.
DMVPN provides interoperability with other vendors, whereas sVTI does not.
DMVPN supports dynamic tunnel establishment, whereas sVTI does not.
What is the function of the Context Directory Agent?
A.
maintains users’ group memberships
B.
relays user authentication requests from Web Security Appliance to Active Directory
C.
reads the Active Directory logs to map IP addresses to usernames
D.
accepts user authentication requests on behalf of Web Security Appliance for user
identification
reads the Active Directory logs to map IP addresses to usernames
https://www.cisco.com/c/en/us/td/docs/security/ibf/cda_10/Install_Config_guide/cda10/cda_oveviw.html
Why would a user choose an on-premises ESA versus the CES solution?
A.
Sensitive data must remain onsite
B.
Demand is unpredictable.
C.
The server team wants to outsource this service.
D.
ESA is deployed inline.
Sensitive data must remain onsite
What are two list types within AMP for Endpoints Outbreak Control? (Choose two)
A.
blocked ports
B.
simple custom detections
C.
command and control
D.
allowed applications
E.
URL
simple custom detections
allowed applications
Advanced Malware Protection (AMP) for Endpoints offers a
variety of lists, referred to as Outbreak Control, that allow you to customize it to your needs.
The main lists are: Simple Custom Detections, Blocked Applications, Allowed Applications,
Advanced Custom Detections, and IP Blocked and Allowed Lists.A Simple Custom
Detection list is similar to a blocked list. These are files that you want to detect
andquarantine.Allowed applications lists are for files you never want to convict. Some
examples are a custom application that is detected by a generic engine or a standard
image that you use throughout the company Reference:
https://docs.amp.cisco.com/AMP-for-Endpoints-User-Guide.pdf
What are two Trojan malware attacks? (Choose two)
A.
Frontdoor
B.
Rootkit
C.
Smurf
D.
Backdoor
E.
Sync
Rootkit
Backdoor
An organization has two systems in their DMZ that have an unencrypted link between them
for communication.
The organization does not have a defined password policy and uses several default
accounts on the systems.
The application used on those systems also have not gone through stringent code reviews.
Which vulnerability
would help an attacker brute force their way into the systems?
A.
weak passwords
B.
lack of input validation
C.
missing encryption
D.
lack of file permission
missing encryption
An administrator is trying to determine which applications are being used in the network but
does not want the
network devices to send metadata to Cisco Firepower. Which feature should be used to
accomplish this?
A.
NetFlow
B.
Packet Tracer
C.
Network Discovery
D.
Access Control
Network Discovery
| Page 8 out of 63 Pages |
| Previous |
Copyright © - All Rights Reserved