An organization configures Cisco Umbrella to be used for its DNS services. The organization must be able to block traffic based on the subnet that the endpoint is on but it sees only the requests from its public IP address instead of each internal IP address. What must be done to resolve this issue?
Which Cisco ASA Platform mode disables the threat detection features except for Advanced Threat
Statistics?
An organization has a Cisco Stealthwatch Cloud deployment in their environment. Cloud logging is working as expected, but logs are not being received from the on-premise network, what action will resolve this issue?
A network engineer is deciding whether to use stateful or stateless failover when configuring two ASAs for high availability. What is the connection status in both cases?
Drag and drop the common security threats from the left onto the definitions on the right.
In an IaaS cloud services model, which security function is the provider responsible for managing?
Which two actions does the Cisco identity Services Engine posture module provide that ensures endpoint security?(Choose two.)
What are two benefits of using Cisco Duo as an MFA solution? (Choose two.)
What are two functions of TAXII in threat intelligence sharing? (Choose two.)
What are two facts about WSA HTTP proxy configuration with a PAC file? (Choose two.)
An engineer has been tasked with configuring a Cisco FTD to analyze protocol fields and detect anomalies in the traffic from industrial systems. What must be done to meet these requirements?
Which posture assessment requirement provides options to the client for remediation and requires the
remediation within a certain timeframe?
What is the difference between Cross-site Scripting and SQL Injection, attacks?
A Cisco ESA administrator has been tasked with configuring the Cisco ESA to ensure there are no viruses before quarantined emails are delivered. In addition, delivery of mail from known bad mail servers must be prevented. Which two actions must be taken in order to meet these requirements? (Choose two)
An engineer has enabled LDAP accept queries on a listener. Malicious actors must be prevented from quickly
identifying all valid recipients. What must be done on the Cisco ESA to accomplish this goal?
Which flaw does an attacker leverage when exploiting SQL injection vulnerabilities?
Which two statements about a Cisco WSA configured in Transparent mode are true? (Choose two)
Which Cisco product is open, scalable, and built on IETF standards to allow multiple security products from
Cisco and other vendors to share data and interoperate with each other?
Which feature of Cisco ASA allows VPN users to be postured against Cisco ISE without requiring an inline
posture node?
What can be integrated with Cisco Threat Intelligence Director to provide information about security threats,
which allows the SOC to proactively automate responses to those threats?
A network engineer is configuring DMVPN and entered the crypto isakmp key cisc0380739941 address 0.0.0.0 command on hostA. The tunnel is not being established to hostB. What action is needed to authenticate the VPN?
An engineer wants to generate NetFlow records on traffic traversing the Cisco ASA. Which Cisco ASA
command must be used?
What is the purpose of the Decrypt for Application Detection feature within the WSA Decryption options?
Which deployment model is the most secure when considering risks to cloud adoption?
Which Cisco Advanced Malware protection for Endpoints deployment architecture is designed to keep data
within a network perimeter?
When wired 802.1X authentication is implemented, which two components are required? (Choose two)
Which protocol provides the strongest throughput performance when using Cisco AnyConnect VPN?
Which threat involves software being used to gain unauthorized access to a computer system?
An engineer used a posture check on a Microsoft Windows endpoint and discovered that the MS17-010 patch
was not installed, which left the endpoint vulnerable to WannaCry ransomware. Which two solutions mitigate
the risk of this ransom ware infection? (Choose two)
Which two tasks allow NetFlow on a Cisco ASA 5500 Series firewall? (Choose two)
Which two characteristics of messenger protocols make data exfiltration difficult to detect and prevent?
(Choose two)
Which PKI enrollment method allows the user to separate authentication and enrollment actions and also
provides an option to specify HTTP/TFTP commands to perform file retrieval from the server?
Refer to the exhibit.
An engineer configured wired 802.1x on the network and is unable to get a laptop to authenticate. Which port configuration is missing?
Refer to the exhibit.
What does the number 15 represent in this configuration?
In which two ways does Easy Connect help control network access when used with Cisco TrustSec? (Choose two)
Drag and drop the Firepower Next Generation Intrusion Prevention System detectors from the left onto the correct definitions on the right.
Which term describes when the Cisco Firepower downloads threat intelligence updates from Cisco Talos?
Which group within Cisco writes and publishes a weekly newsletter to help cybersecurity professionals remain
aware of the ongoing and most prevalent threats?
What does Cisco AMP for Endpoints use to help an organization detect different families of malware?
Drag and drop the suspicious patterns for the Cisco Tetration platform from the left onto the correct definitions on the right.
An organization is trying to implement micro-segmentation on the network and wants to be able to gain visibility on the applications within the network. The solution must be able to maintain and force compliance. Which product should be used to meet these requirements?
Drag and drop the capabilities of Cisco Firepower versus Cisco AMP from the left into the appropriate category on the right.
Drag and drop the capabilities from the left onto the correct technologies on the right.
An organization has two systems in their DMZ that have an unencrypted link between them for communication.
The organization does not have a defined password policy and uses several default accounts on the systems.
The application used on those systems also have not gone through stringent code reviews. Which vulnerability
would help an attacker brute force their way into the systems?
A network administrator is configuring SNMPv3 on a new router. The users have already been created;
however, an additional configuration is needed to facilitate access to the SNMP views. What must the
administrator do to accomplish this?
Drag and drop the solutions from the left onto the solution's benefits on the right.
When configuring ISAKMP for IKEv1 Phase1 on a Cisco IOS router, an administrator needs to input the
command crypto isakmp key cisco address 0.0.0.0. The administrator is not sure what the IP addressing in this command issued for. What would be the effect of changing the IP address from 0.0.0.0 to 1.2.3.4?
When planning a VPN deployment, for which reason does an engineer opt for an active/active FlexVPN
configuration as opposed to DMVPN?
Which two aspects of the cloud PaaS model are managed by the customer but not the provider? (Choose two)
An organization has noticed an increase in malicious content downloads and wants to use Cisco Umbrella to prevent this activity for suspicious domains while allowing normal web traffic. Which action will accomplish this task?
An organization has a Cisco ESA set up with policies and would like to customize the action assigned for
violations. The organization wants a copy of the message to be delivered with a message added to flag it as a
DLP violation. Which actions must be performed in order to provide this capability?
A user has a device in the network that is receiving too many connection requests from multiple machines.
Which type of attack is the device undergoing?
Which two conditions are prerequisites for stateful failover for IPsec? (Choose two)
Which two kinds of attacks are prevented by multifactor authentication? (Choose two)
Which policy represents a shared set of features or parameters that define the aspects of a managed device that are likely to be similar to other managed devices in a deployment?
What is the result of running the crypto isakmp key ciscXXXXXXXX address 172.16.0.0 command?
An engineer needs to add protection for data in transit and have headers in the email message Which configuration is needed to accomplish this goal?
Refer to the exhibit.
Refer to the exhibit. A Cisco ISE administrator adds a new switch to an 802.1X deployment and has difficulty with some endpoints gaining access.
Most PCs and IP phones can connect and authenticate using their machine certificate credentials. However printer and video cameras cannot base d on the interface configuration provided, what must be to get these devices on to the network using Cisco ISE for authentication and authorization while maintaining security controls?
An engineer is trying to decide between using L2TP or GRE over IPsec for their site-to-site VPN implementation. What must be un solution?
With regard to RFC 5176 compliance, how many IETF attributes are supported by the RADIUS CoA feature?
Cisco SensorBase gaihers threat information from a variety of Cisco products and services and performs analytics to find patterns on threats Which term describes this process?
How does the Cisco WSA enforce bandwidth restrictions for web applications?
Using Cisco Cognitive Threat Analytics, which platform automatically blocks risky sites, and test unknown sites for hidden advanced threats before allowing users to click them?
Which Cisco security solution secures public, private, hybrid, and community clouds?
Which API method and required attribute are used to add a device into Cisco DNA Center with the native API?
When a transparent authentication fails on the Web Security Appliance, which type of access does the end user get?
An organization uses Cisco FMC to centrally manage multiple Cisco FTD devices The default management port conflicts with other communications on the network and must be changed What must be done to ensure that all devices can communicate together?
A customer has various external HTTP resources available including Intranet Extranet and Internet, with a
proxy configuration running in explicit mode. Which method allows the client desktop browsers to be configured
to select when to connect direct or when to use the proxy?