Join the discussion
Question 1/667
What is the function of the Context Directory Agent?
Correct Answer: C
Cisco Context Directory Agent (CDA) is a mechanism that maps IP Addresses to usernames in order to allow security gateways to understand which user is using which IP Address in the network, so those security gateways can now make decisions based on those users (or the groups to which the users belong to). CDA runs on a Cisco Linux machine; monitors in real time a collection of Active Directory domain controller (DC) machines for authentication-related events that generally indicate user logins; learns, analyzes, and caches mappings of IP Addresses and user identities in its database; and makes the latest mappings available to its consumer devices. Reference: https://www.cisco.com/c/en/us/td/docs/security/ibf/cda_10/Install_Config_guide/cda10/ cda_oveviw.html security gateways to understand which user is using which IP Address in the network, so those security gateways can now make decisions based on those users (or the groups to which the users belong to).
CDA runs on a Cisco Linux machine; monitors in real time a collection of Active Directory domain controller (DC) machines for authentication-related events that generally indicate user logins; learns, analyzes, and caches mappings of IP Addresses and user identities in its database; and makes the latest mappings available to its consumer devices.
Reference:
Cisco Context Directory Agent (CDA) is a mechanism that maps IP Addresses to usernames in order to allow security gateways to understand which user is using which IP Address in the network, so those security gateways can now make decisions based on those users (or the groups to which the users belong to). CDA runs on a Cisco Linux machine; monitors in real time a collection of Active Directory domain controller (DC) machines for authentication-related events that generally indicate user logins; learns, analyzes, and caches mappings of IP Addresses and user identities in its database; and makes the latest mappings available to its consumer devices. Reference: https://www.cisco.com/c/en/us/td/docs/security/ibf/cda_10/Install_Config_guide/cda10/ cda_oveviw.html
CDA runs on a Cisco Linux machine; monitors in real time a collection of Active Directory domain controller (DC) machines for authentication-related events that generally indicate user logins; learns, analyzes, and caches mappings of IP Addresses and user identities in its database; and makes the latest mappings available to its consumer devices.
Reference:
Cisco Context Directory Agent (CDA) is a mechanism that maps IP Addresses to usernames in order to allow security gateways to understand which user is using which IP Address in the network, so those security gateways can now make decisions based on those users (or the groups to which the users belong to). CDA runs on a Cisco Linux machine; monitors in real time a collection of Active Directory domain controller (DC) machines for authentication-related events that generally indicate user logins; learns, analyzes, and caches mappings of IP Addresses and user identities in its database; and makes the latest mappings available to its consumer devices. Reference: https://www.cisco.com/c/en/us/td/docs/security/ibf/cda_10/Install_Config_guide/cda10/ cda_oveviw.html
Add Comments
- Other Question (667q)
- Q1. What is the function of the Context Directory Agent?...
- Q2. A network administrator is configuring a switch to use Cisco ISE for 802.1X. An endpoint i...
- Q3. Refer to the exhibit (Exhibit) When configuring this access control rule in Cisco FMC, wha...
- Q4. What is a characteristic of a bridge group in ASA Firewall transparent mode?...
- Q5. Drag and drop the steps from the left into the correct order on the right to enable AppDyn...
- Q6. Drag and drop the descriptions from the left onto the correct protocol versions on the rig...
- Q7. Which two fields are defined in the NetFlow flow? {Choose two.)...
- Q8. Drag and drop the Firepower Next Generation Intrustion Prevention System detectors from th...
- Q9. What is the function of SDN southbound API protocols?...
- Q10. Drag and drop the descriptions from the left onto the encryption algorithms on the right. ...
- Q11. Refer to the exhibit. (Exhibit) A network administrator configured a site-to-site VPN tunn...
- Q12. Which API is used for Content Security?
- Q13. Which two conditions are prerequisites for stateful failover for IPsec? (Choose two)...
- Q14. What is the Cisco API-based broker that helps reduce compromises, application risks, and d...
- Q15. Which protocol provides the strongest throughput performance when using Cisco AnyConnect V...
- Q16. Refer to the exhibit. (Exhibit) What are two indications of the Cisco Firepower Services M...
- Q17. What is the purpose of the certificate signing request when adding a new certificate for a...
- Q18. Drag and drop the deployment models from the left onto the explanations on the right. (Exh...
- Q19. Which risk is created when using an Internet browser to access cloud-based service?...
- Q20. Drag and drop the Firepower Next Generation Intrustion Prevention System detectors from th...
- Q21. Which posture assessment requirement provides options to the client for remediation and re...
- Q22. An engineer is configuring their router to send NetfFow data to Stealthwatch which has an ...
- Q23. How is Cisco Umbrella configured to log only security events?...
- Q24. Drag and drop the deployment models from the left onto the explanations on the right. (Exh...
- Q25. What is the Cisco API-based broker that helps reduce compromises, application risks, and d...
- Q26. Which feature is supported when deploying Cisco ASAv within AWS public cloud?...
- Q27. When Cisco and other industry organizations publish and inform users of known security fin...
- Q28. Refer to the exhibit. (Exhibit) What will happen when this Python script is run?...
- Q29. Refer to the exhibit. import requests url = https://api.amp.cisco.com/v1/computers headers...
- Q30. Which two risks is a company vulnerable to if it does not have a well-established patching...
- Q31. Which functions of an SDN architecture require southbound APIs to enable communication?...
- Q32. When network telemetry is implemented, what is important to be enabled across all network ...
- Q33. Which Cisco platform ensures that machines that connect to organizational networks have th...
- Q34. Drag and drop the threats from the left onto examples of that threat on the right (Exhibit...
- Q35. A Cisco ESA administrator has been tasked with configuring the Cisco ESA to ensure there a...
- Q36. Refer to the exhibit. (Exhibit) What does the API do when connected to a Cisco security ap...
- Q37. How does Cisco Advanced Phishing Protection protect users?...
- Q38. Drag and drop the capabilities from the left onto the correct technologies on the right. (...
- Q39. Drag and drop the descriptions from the left onto the correct protocol versions on the rig...
- Q40. An engineer is configuring a Cisco ESA and wants to control whether to accept or reject em...
- Q41. Which two probes are configured to gather attributes of connected endpoints using Cisco Id...
- Q42. Which telemetry data captures variations seen within the flow, such as the packets TTL, IP...
- Q43. What are two reasons for implementing a multifactor authentication solution such as Duo Se...
- Q44. Which two activities can be done using Cisco DNA Center? (Choose two.)...
- Q45. With Cisco AMP for Endpoints, which option shows a list of all files that have been execut...
- Q46. Which telemetry data captures variations seen within the flow, such as the packets TTL, IP...
- Q47. A Cisco ESA network administrator has been tasked to use a newly installed service to help...
- Q48. What is a prerequisite when integrating a Cisco ISE server and an AD domain?...
- Q49. What are two security benefits of an MDM deployment? (Choose two.)...
- Q50. Drag and drop the capabilities of Cisco Firepower versus Cisco AMP from the left into the ...
- Q51. Which two activities can be done using Cisco DNA Center? (Choose two)...
- Q52. What Cisco command shows you the status of an 802.1X connection on interface gi0/1?...
- Q53. Drag and drop the features of Cisco ASA with Firepower from the left onto the benefits on ...
- Q54. Refer to the exhibit. (Exhibit) The DHCP snooping database resides on router R1, and dynam...
- Q55. Which cryptographic process provides origin confidentiality, integrity, and origin authent...
- Q56. Refer to the exhibit. (Exhibit) Which command was used to generate this output and to show...
- Q57. Refer to the exhibit. (Exhibit) What does the number 15 represent in this configuration?...
- Q58. What is the purpose of the Cisco Endpoint loC feature?...
- Q59. An email administrator is setting up a new Cisco ESA. The administrator wants to enable th...
- Q60. Which two capabilities does TAXII support? (Choose two)...
- Q61. Which threat intelligence standard contains malware hashes?...
- Q62. Refer to the exhibit. (Exhibit) Which type of authentication is in use?...
- Q63. Drag and drop the capabilities from the left onto the correct technologies on the right. (...
- Q64. With Cisco AMP for Endpoints, which option shows a list of all files that have been execut...
- Q65. Which two are valid suppression types on a Cisco Next Generation Intrusion Prevention Syst...
- Q66. Due to a traffic storm on the network, two interfaces were error-disabled, and both interf...
- Q67. An administrator is configuring a DHCP server to better secure their environment. They nee...
- Q68. Which type of API is being used when a controller within a software-defined network archit...
- Q69. A network administrator is configuring a rule in an access control policy to block certain...
- Q70. Drag and drop the descriptions from the left onto the correct protocol versions on the rig...
- Q71. Refer to the exhibit. (Exhibit) Traffic is not passing through IPsec site-to-site VPN on t...
- Q72. Which policy is used to capture host information on the Cisco Firepower Next Generation In...
- Q73. An engineer needs a cloud solution that will monitor traffic, create incidents based on ev...
- Q74. Which two descriptions of AES encryption are true? (Choose two.)...
- Q75. In which cloud services model is the tenant responsible for virtual machine OS patching?...
- Q76. Which risk is created when using an Internet browser to access cloud-based service?...
- Q77. Which CoA response code is sent if an authorization state is changed successfully on a Cis...
- Q78. Where are individual sites specified to be blacklisted in Cisco Umbrella?...
- Q79. Which two features are used to configure Cisco ESA with a multilayer approach to fight vir...
- Q80. Drag and drop the concepts from the left onto the correct descriptions on the right (Exhib...
- Q81. What must be used to share data between multiple security products?...
- Q82. An engineer must force an endpoint to re-authenticate an already authenticated session wit...
- Q83. When web policies are configured in Cisco Umbrella, what provides the ability to ensure th...
- Q84. Drag and drop the exploits from the left onto the type of security vulnerability on the ri...
- Q85. On which part of the IT environment does DevSecOps focus?...
- Q86. Why is it important for the organization to have an endpoint patching strategy?...
- Q87. Refer to the exhibit. (Exhibit) A network administrator configured a site-to-site VPN tunn...
- Q88. How does Cisco Stealthwatch Cloud provide security for cloud environments?...
- Q89. Which solution should be leveraged for secure access of a CI/CD pipeline?...
- Q90. A customer has various external HTTP resources available including Intranet Extranet and I...
- Q91. Which two risks is a company vulnerable to if it does not have a well-established patching...
- Q92. What is a functional difference between a cisco ASA and a cisco IOS router with Zone-based...
- Q93. Which two parameters are used to prevent a data breach in the cloud? (Choose two.)...
- Q94. Elliptic curve cryptography is a stronger more efficient cryptography method meant to repl...
- Q95. What are the two most commonly used authentication factors in multifactor authentication? ...
- Q96. In which situation should an Endpoint Detection and Response solution be chosen versus an ...
- Q97. What is the purpose of a NetFlow version 9 template record?...
- Q98. What is a feature of container orchestration?
- Q99. Which two fields are defined in the NetFlow flow? (Choose two)...
- Q100. What are the two most commonly used authentication factors in multifactor authentication? ...
- Q101. Refer to the exhibit. Which command was used to generate this output and to show which por...
- Q102. The Cisco ASA must support TLS proxy for encrypted Cisco Unified Communications traffic. W...
- Q103. An engineer must configure Cisco AMP for Endpoints so that it contains a list of files tha...
- Q104. An engineer must force an endpoint to re-authenticate an already authenticated session wit...
- Q105. Which security product enables administrators to deploy Kubernetes clusters in air-gapped ...
- Q106. An engineer is configuring 802.1X authentication on Cisco switches in the network and is u...
- Q107. Drag and drop the Firepower Next Generation Intrusion Prevention System detectors from the...
- Q108. Which method is used to deploy certificates and configure the supplicant on mobile devices...
- Q109. Refer to the exhibit. (Exhibit) The DHCP snooping database resides on router R1, and dynam...
- Q110. Refer to the exhibit. (Exhibit) What will happen when this Python script is run?...
- Q111. Drag and drop the threats from the left onto examples of that threat on the right (Exhibit...
- Q112. What is provided by the Secure Hash Algorithm in a VPN?...
- Q113. Refer to the exhibit. (Exhibit) When configuring a remote access VPN solution terminating ...
- Q114. Refer to the exhibit. (Exhibit) What is a result of the configuration?...
- Q115. What are two ways a network administrator transparently identifies users using Active Dire...
- Q116. How does DNS Tunneling exfiltrate data?
- Q117. A customer has various external HTTP resources available including Intranet Extranet and I...
- Q118. Drag and drop the descriptions from the left onto the encryption algorithms on the right. ...
- Q119. Which Cisco solution integrates Encrypted Traffic Analytics to perform enhanced visibility...
- Q120. An engineer is configuring AMP for endpoints and wants to block certain files from executi...
- Q121. Which action controls the amount of URI text that is stored in Cisco WSA logs files?...
- Q122. What are two workload security models? (Choose two.)...
- Q123. In which form of attack is alternate encoding, such as hexadecimal representation, most of...
- Q124. Which two key and block sizes are valid for AES? (Choose two)...
- Q125. Which two configurations must be made on Cisco ISE and on Cisco TrustSec devices to force ...
- Q126. What provides visibility and awareness into what is currently occurring on the network?...
- Q127. What is the most common type of data exfiltration that organizations currently experience?...
- Q128. Which exfiltration method does an attacker use to hide and encode data inside DNS requests...
- Q129. A Cisco ESA network administrator has been tasked to use a newly installed service to help...
- Q130. Drag and drop the descriptions from the left onto the encryption algorithms on the right. ...
- Q131. An organization wants to secure users, data, and applications in the cloud. The solution m...
- Q132. An organization has a Cisco ESA set up with policies and would like to customize the actio...
- Q133. Drag and drop the solutions from the left onto the solution's benefits on the right. (Exhi...
- Q134. Refer to the exhibit. (Exhibit) A network administrator configures command authorization f...
- Q135. When MAB is configured for use within the 802.1X environment, an administrator must create...
- Q136. An organization is trying to implement micro-segmentation on the network and wants to be a...
- Q137. An organization is trying to implement micro-segmentation on the network and wants to be a...
- Q138. Which compliance status is shown when a configured posture policy requirement is not met?...
- Q139. Configure the Cisco ESA to modify policies based on the traffic seen. What is a benefit of...
- Q140. What are two reasons for implementing a multifactor authentication solution such as Duo Se...
- Q141. Drag and drop the capabilities from the left onto the correct technologies on the right. (...
- Q142. Which ID store requires that a shadow user be created on Cisco ISE for the admin login to ...
- Q143. Refer to the exhibit. (Exhibit) A network administrator configures command authorization f...
- Q144. Drag and drop the threats from the left onto examples of that threat on the right (Exhibit...
- Q145. Which Dos attack uses fragmented packets to crash a target machine?...
- Q146. Drag and drop the descriptions from the left onto the correct protocol versions on the rig...
- Q147. An engineer used a posture check on a Microsoft Windows endpoint and discovered that the M...
- Q148. Drag and drop the solutions from the left onto the solution's benefits on the right. (Exhi...
- Q149. A network administrator is using the Cisco ESA with AMP to upload files to the cloud for a...
- Q150. What is provided by the Secure Hash Algorithm in a VPN?...
- Q151. An administrator is configuring a DHCP server to better secure their environment. They nee...
- Q152. A network administrator configures Dynamic ARP Inspection on a switch. After Dynamic ARP I...
- Q153. An administrator is adding a new Cisco ISE node to an existing deployment. What must be do...
- Q154. Which public cloud provider supports the Cisco Next Generation Firewall Virtual?...
- Q155. Which Cisco product is open, scalable, and built on IETF standards to allow multiple secur...
- Q156. Drag and drop the cloud security assessment components from the left onto the definitions ...
- Q157. An engineer configured a new network identity in Cisco Umbrella but must verify that traff...
- Q158. Which compliance status is shown when a configured posture policy requirement is not met?...
- Q159. What is the purpose of the My Devices Portal in a Cisco ISE environment?...
- Q160. What provides visibility and awareness into what is currently occurring on the network?...
- Q161. What is the purpose of CA in a PKI?
- Q162. Which DevSecOps implementation process gives a weekly or daily update instead of monthly o...
- Q163. Using Cisco Firepower's Security Intelligence policies, upon which two criteria is Firepow...
- Q164. An organization has a Cisco Stealthwatch Cloud deployment in their environment. Cloud logg...
- Q165. Refer to the exhibit. (Exhibit) Which statement about the authentication protocol used in ...
- Q166. What is the function of the Context Directory Agent?...
- Q167. What is a difference between FlexVPN and DMVPN?...
- Q168. An email administrator is setting up a new Cisco ESA. The administrator wants to enable th...
- Q169. Refer to the exhibit. (Exhibit) What are two indications of the Cisco Firepower Services M...
- Q170. A network administrator is configuring a switch to use Cisco ISE for 802.1X. An endpoint i...
- Q171. A user has a device in the network that is receiving too many connection requests from mul...
- Q172. What are two benefits of Flexible NetFlow records? (Choose two)...
- Q173. What must be configured in Cisco ISE to enforce reauthentication of an endpoint session wh...
- Q174. Drag and drop the cloud security assessment components from the left onto the definitions ...
- Q175. Refer to the exhibit. (Exhibit) What does the API do when connected to a Cisco security ap...
- Q176. Drag and drop the threats from the left onto examples of that threat on the right (Exhibit...
- Q177. Which feature requires a network discovery policy on the Cisco Firepower Next Generation I...
- Q178. Which two behavioral patterns characterize a ping of death attack? (Choose two)...
- Q179. What is the function of the crypto is a kmp key cisc406397954 address 0.0.0.0 0.0.0.0 comm...
- Q180. Refer to the exhibit. (Exhibit) What does the number 15 represent in this configuration?...
- Q181. Refer to the exhibit. (Exhibit) Which type of authentication is in use?...
- Q182. Which Cisco security solution secures public, private, hybrid, and community clouds?...
- Q183. Drag and drop the threats from the left onto examples of that threat on the right (Exhibit...
- Q184. Refer to the exhibit. (Exhibit) What does the number 15 represent in this configuration?...
- Q185. A network administrator is configuring SNMPv3 on a new router. The users have already been...
- Q186. Which two parameters are used for device compliance checks? (Choose two.)...
- Q187. Which factor must be considered when choosing the on-premise solution over the cloud-based...
- Q188. Drag and drop the concepts from the left onto the correct descriptions on the right (Exhib...
- Q189. A network engineer has configured a NTP server on a Cisco ASA. The Cisco ASA has IP reacha...
- Q190. Which benefit is provided by ensuring that an endpoint is compliant with a posture policy ...
- Q191. Which characteristic is unique to a Cisco WSAv as compared to a physical appliance?...
- Q192. Why should organizations migrate to an MFA strategy for authentication?...
- Q193. Using Cisco Cognitive Threat Analytics, which platform automatically blocks risky sites, a...
- Q194. Drag and drop the exploits from the left onto the type of security vulnerability on the ri...
- Q195. Which two features of Cisco Email Security can protect your organization against email thr...
- Q196. What is the purpose of the certificate signing request when adding a new certificate for a...
- Q197. An engineer is configuring web filtering for a network using Cisco Umbrella Secure Interne...
- Q198. Which algorithm provides asymmetric encryption?...
- Q199. Drag and drop the cloud security assessment components from the left onto the definitions ...
- Q200. Drag and drop the solutions from the left onto the solution's benefits on the right. (Exhi...
- Q201. What are two DDoS attack categories? (Choose two.)...
- Q202. An organization wants to secure users, data, and applications in the cloud The solution mu...
- Q203. What is a language format designed to exchange threat intelligence that can be transported...
- Q204. An engineer is deploying Cisco Advanced Malware Protection (AMP) for Endpoints and wants t...
- Q205. An organization has DHCP servers set up to allocate IP addresses to clients on the LAN. Wh...
- Q206. An organization has two machines hosting web applications. Machine 1 is vulnerable to SQL ...
- Q207. Why is it important to have logical security controls on endpoints even though the users a...
- Q208. Which network monitoring solution uses streams and pushes operational data to provide a ne...
- Q209. Which type of DNS abuse exchanges data between two computers even when there is no direct ...
- Q210. Which two protocols must be configured to authenticate end users to the Web Security Appli...
- Q211. Which IPS engine detects ARP spoofing?
- Q212. Which two cryptographic algorithms are used with IPsec? {Choose two.)...
- Q213. Which action must be taken in the AMP for Endpoints console to detect specific MD5 signatu...
- Q214. Drag and drop the common security threats from the left onto the definitions on the right....
- Q215. What is a description of microsegmentation?
- Q216. Which suspicious pattern enables the Cisco Tetration platform to learn the normal behavior...
- Q217. Which product allows Cisco FMC to push security intelligence observable to its sensors fro...
- Q218. Drag and drop the steps from the left into the correct order on the right to enable AppDyn...
- Q219. Refer to the exhibit. (Exhibit) Which type of authentication is in use?...
- Q220. Which two capabilities of Integration APIs are utilized with Cisco DNA center? (Choose two...
- Q221. What are two DDoS attack categories? (Choose two.)...
- Q222. Drag and drop the descriptions from the left onto the encryption algorithms on the right. ...
- Q223. Which type of API is being used when a security application notifies a controller within a...
- Q224. An organization is trying to improve their Defense in Depth by blocking malicious destinat...
- Q225. What is the purpose of the Decrypt for Application Detection feature within the WSA Decryp...
- Q226. Refer to the exhibit. (Exhibit) A network administrator configures command authorization f...
- Q227. Which two fields are defined in the NetFlow flow? {Choose two.)...
- Q228. What is the difference between Cross-site Scripting and SQL Injection, attacks?...
- Q229. Drag and drop the concepts from the left onto the correct descriptions on the right (Exhib...
- Q230. An engineer is implementing Cisco CES in an existing Microsoft Office 365 environment and ...
- Q231. An engineer wants to automatically assign endpoints that have a specific OUI into a new en...
- Q232. Drag and drop the capabilities from the left onto the correct technologies on the right. (...
- Q233. Which license is required for Cisco Security Intelligence to work on the Cisco Next Genera...
- Q234. When configuring ISAKMP for IKEv1 Phase1 on a Cisco IOS router, an administrator needs to ...
- Q235. An organization wants to secure users, data, and applications in the cloud. The solution m...
- Q236. What must be configured in Cisco ISE to enforce reauthentication of an endpoint session wh...
- Q237. An organization recently installed a Cisco W3A and would like to take advantage of the AVC...
- Q238. An organization is implementing URL blocking using Cisco Umbrell a. The users are able to ...
- Q239. Drag and drop the capabilities of Cisco Firepower versus Cisco AMP from the left into the ...
- Q240. Drag and drop the concepts from the left onto the correct descriptions on the right (Exhib...
- Q241. Drag and drop the capabilities from the left onto the correct technologies on the right. (...
- Q242. Refer to the exhibit. (Exhibit) A network administrator configured a site-to-site VPN tunn...
- Q243. Drag and drop the NetFlow export formats from the left onto the descriptions on the right....
- Q244. What is a capability of Cisco ASA Netflow?
- Q245. Which factor must be considered when choosing the on-premise solution over the cloud-based...
- Q246. What is managed by Cisco Security Manager?
- Q247. What are two functionalities of northbound and southbound APIs within Cisco SDN architectu...
- Q248. What is managed by Cisco Security Manager?
- Q249. Which Cisco DNA Center Intent API action is used to retrieve the number of devices known t...
- Q250. Drag and drop the cloud security assessment components from the left onto the definitions ...
- Q251. Which algorithm is an NGE hash function?
- Q252. Which type of dashboard does Cisco DNA Center provide for complete control of the network?...
- Q253. What does Cisco AMP for Endpoints use to help an organization detect different families of...
- Q254. An engineer must modify a policy to block specific addresses using Cisco Umbrell a. The po...
- Q255. Drag and drop the NetFlow export formats from the left onto the descriptions on the right....
- Q256. Which feature is supported when deploying Cisco ASAv within AWS public cloud?...
- Q257. Which two conditions are prerequisites for stateful failover for IPsec? (Choose two)...
- Q258. Refer to the exhibit. (Exhibit) An organization is using DHCP Snooping within their networ...
- Q259. A small organization needs to reduce the VPN bandwidth load on their headend Cisco ASA in ...
- Q260. What is a capability of Cisco ASA Netflow?
- Q261. An MDM provides which two advantages to an organization with regards to device management?...
- Q262. What are two types of managed intercloud fabric deployment models? (Choose two.)...
- Q263. An engineer wants to generate NetFlow records on traffic traversing the Cisco ASA. Which C...
- Q264. Refer to the exhibit. import requests url = https://api.amp.cisco.com/v1/computers headers...
- Q265. Which Dos attack uses fragmented packets to crash a target machine?...
- Q266. Refer to the exhibit. (Exhibit) An engineer is implementing a certificate based VPN. What ...
- Q267. Refer to the exhibit. (Exhibit) Which command was used to display this output?...
- Q268. An organization is receiving SPAM emails from a known malicious domain What must be config...
- Q269. Which open source tool does Cisco use to create graphical visualizations of network teleme...
- Q270. Which policy represents a shared set of features or parameters that define the aspects of ...
- Q271. In an IaaS cloud services model, which security function is the provider responsible for m...
- Q272. Which Cisco platform provides an agentless solution to provide visibility across the netwo...
- Q273. In which two ways does a system administrator send web traffic transparently to the Web Se...
- Q274. How is DNS tunneling used to exfiltrate data out of a corporate network?...
- Q275. When a next-generation endpoint security solution is selected for a company, what are two ...
- Q276. What are two rootkit types? (Choose two)
- Q277. Which cloud service model offers an environment for cloud consumers to develop and deploy ...
- Q278. Which security solution protects users leveraging DNS-layer security?...
- Q279. Which type of DNS abuse exchanges data between two computers even when there is no direct ...
- Q280. Which feature requires a network discovery policy on the Cisco Firepower Next Generation I...
- Q281. An organization is implementing URL blocking using Cisco Umbrell a. The users are able to ...
- Q282. What is the function of SDN southbound API protocols?...
- Q283. Which statement about IOS zone-based firewalls is true?...
- Q284. Drag and drop the features of Cisco ASA with Firepower from the left onto the benefits on ...
- Q285. Refer to the exhibit. (Exhibit) What is a result of the configuration?...
- Q286. Which two prevention techniques are used to mitigate SQL injection attacks? (Choose two.)...
- Q287. In which situation should an Endpoint Detection and Response solution be chosen versus an ...
- Q288. Drag and drop the features of Cisco ASA with Firepower from the left onto the benefits on ...
- Q289. What are two features of NetFlow flow monitoring? (Choose two.)...
- Q290. What provides visibility and awareness into what is currently occurring on the network?...
- Q291. Which policy is used to capture host information on the Cisco Firepower Next Generation In...
- Q292. What is a capability of Cisco ASA Netflow?
- Q293. Drag and drop the VPN functions from the left onto the description on the right. (Exhibit)...
- Q294. After deploying a Cisco ESA on your network, you notice that some messages fail to reach t...
- Q295. What are two features of NetFlow flow monitoring? (Choose two)...
- Q296. A network engineer is configuring NetFlow top talkers on a Cisco router Drag and drop the ...
- Q297. An administrator is trying to determine which applications are being used in the network b...
- Q298. What are two benefits of Flexible NetFlow records? (Choose two)...
- Q299. An organization wants to secure data in a cloud environment Its security model requires th...
- Q300. With which components does a southbound API within a software-defined network architecture...
- Q301. What is managed by Cisco Security Manager?
- Q302. Refer to the exhibit. (Exhibit) Traffic is not passing through IPsec site-to-site VPN on t...
- Q303. An engineer needs a cloud solution that will monitor traffic, create incidents based on ev...
- Q304. Refer to the exhibit. (Exhibit) An organization is using DHCP Snooping within their networ...
- Q305. An organization has a Cisco Stealthwatch Cloud deployment in their environment. Cloud logg...
- Q306. Which technology must be used to implement secure VPN connectivity among company branches ...
- Q307. Refer to the exhibit. (Exhibit) Which command was used to generate this output and to show...
- Q308. Which Talos reputation center allows you to track the reputation of IP addresses for email...
- Q309. What is a benefit of conducting device compliance checks?...
- Q310. In which cloud services model is the tenant responsible for virtual machine OS patching?...
- Q311. Which service allows a user export application usage and performance statistics with Cisco...
- Q312. Which two endpoint measures are used to minimize the chances of falling victim to phishing...
- Q313. Which cloud service model offers an environment for cloud consumers to develop and deploy ...
- Q314. Drag and drop the exploits from the left onto the type of security vulnerability on the ri...
- Q315. Which two key and block sizes are valid for AES? (Choose two)...
- Q316. Which feature is supported when deploying Cisco ASAv within AWS public cloud?...
- Q317. What is the purpose of the My Devices Portal in a Cisco ISE environment?...
- Q318. What is a benefit of using telemetry over SNMP to configure new routers for monitoring pur...
- Q319. Which statement describes a serverless application?...
- Q320. Which product allows Cisco FMC to push security intelligence observable to its sensors fro...
- Q321. Which type of dashboard does Cisco DNA Center provide for complete control of the network?...
- Q322. Drag and drop the descriptions from the left onto the correct protocol versions on the rig...
- Q323. An engineer needs to add protection for data in transit and have headers in the email mess...
- Q324. An engineer is adding a Cisco DUO solution to the current TACACS+ deployment using Cisco I...
- Q325. Based on the NIST 800-145 guide, which cloud architecture is provisioned for exclusive use...
- Q326. How is DNS tunneling used to exfiltrate data out of a corporate network?...
- Q327. What are two rootkit types? (Choose two)
- Q328. What is the benefit of installing Cisco AMP for Endpoints on a network?...
- Q329. Which protocol provides the strongest throughput performance when using Cisco AnyConnect V...
- Q330. Refer to the exhibit. (Exhibit) Which statement about the authentication protocol used in ...
- Q331. Which two activities can be done using Cisco DNA Center? (Choose two)...
- Q332. Drag and drop the posture assessment flow actions from the left into a sequence on the rig...
- Q333. Refer to the exhibit. (Exhibit) An organization is using DHCP Snooping within their networ...
- Q334. An engineer notices traffic interruption on the network. Upon further investigation, it is...
- Q335. An organization has two systems in their DMZ that have an unencrypted link between them fo...
- Q336. An engineer notices traffic interruption on the network. Upon further investigation, it is...
- Q337. Drag and drop the VPN functions from the left onto the description on the right. (Exhibit)...
- Q338. With regard to RFC 5176 compliance, how many IETF attributes are supported by the RADIUS C...
- Q339. An engineer is adding a Cisco DUO solution to the current TACACS+ deployment using Cisco I...
- Q340. An engineer is configuring Cisco WSA and needs to deploy it in transparent mode. Which con...
- Q341. Which PKI enrollment method allows the user to separate authentication and enrollment acti...
- Q342. Drag and drop the capabilities from the left onto the correct technologies on the right. (...
- Q343. Which algorithm provides asymmetric encryption?...
- Q344. Refer to the exhibit. (Exhibit) What is the result of using this authentication protocol i...
- Q345. Drag and drop the descriptions from the left onto the encryption algorithms on the right. ...
- Q346. What is an attribute of the DevSecOps process?...
- Q347. Which metric is used by the monitoring agent to collect and output packet loss and jitter ...
- Q348. A network administrator is using the Cisco ESA with AMP to upload files to the cloud for a...
- Q349. What provides visibility and awareness into what is currently occurring on the network?...
- Q350. Which parameter is required when configuring a Netflow exporter on a Cisco Router?...
- Q351. Which flaw does an attacker leverage when exploiting SQL injection vulnerabilities?...
- Q352. Drag and drop the suspicious patterns for the Cisco Tetration platform from the left onto ...
- Q353. Which form of attack is launched using botnets?...
- Q354. Drag and drop the NetFlow export formats from the left onto the descriptions on the right....
- Q355. What is a difference between GETVPN and iPsec?...
- Q356. A network administrator is configuring a rule in an access control policy to block certain...
- Q357. Which solution supports high availability in routed or transparent mode as well as in nort...
- Q358. Which benefit does endpoint security provide the overall security posture of an organizati...
- Q359. Which two capabilities does TAXII support? (Choose two)...
- Q360. What does the Cloudlock Apps Firewall do to mitigate security concerns from an application...
- Q361. Refer to the exhibit. (Exhibit) What will happen when the Python script is executed?...
- Q362. Drag and drop the descriptions from the left onto the encryption algorithms on the right. ...
- Q363. Drag and drop the VPN functions from the left onto the description on the right. (Exhibit)...
- Q364. Which statement about IOS zone-based firewalls is true?...
- Q365. R157 (Exhibit) Which type of authentication is in use?...
- Q366. An organization has two machines hosting web applications. Machine 1 is vulnerable to SQL ...
- Q367. What is a benefit of using Cisco CWS compared to an on-premises Cisco WSA?...
- Q368. Authorized What is a prerequisite when integrating a Cisco ISE server and an AD domain?...
- Q369. An engineer notices traffic interruption on the network. Upon further investigation, it is...
- Q370. What is the difference between deceptive phishing and spear phishing?...
- Q371. A network engineer is configuring NetFlow top talkers on a Cisco router Drag and drop the ...
- Q372. . Refer to the exhibit What will happen when the Python script is executed?...
- Q373. Which Cisco solution does Cisco Umbrella integrate with to determine if a URL is malicious...
- Q374. A Cisco ESA administrator has been tasked with configuring the Cisco ESA to ensure there a...
- Q375. A Cisco ESA network administrator has been tasked to use a newly installed service to help...
- Q376. Drag and drop the solutions from the left onto the solution's benefits on the right. (Exhi...
- Q377. Where are individual sites specified to be blacklisted in Cisco Umbrella?...
- Q378. Which capability is provided by application visibility and control?...
- Q379. Which two capabilities of Integration APIs are utilized with Cisco DNA center? (Choose two...
- Q380. Which technology provides a combination of endpoint protection endpoint detection, and res...
- Q381. Using Cisco Firepower's Security Intelligence policies, upon which two criteria is Firepow...
- Q382. An engineer wants to generate NetFlow records on traffic traversing the Cisco ASA. Which C...
- Q383. Which two request of REST API are valid on the Cisco ASA Platform? (Choose two.)...
- Q384. Drag and drop the Firepower Next Generation Intrusion Prevention System detectors from the...
- Q385. What are two benefits of Flexible NetFlow records? (Choose two)...
- Q386. Drag and drop the descriptions from the left onto the encryption algorithms on the right. ...
- Q387. What do tools like Jenkins, Octopus Deploy, and Azure DevOps provide in terms of applicati...
- Q388. An organization wants to secure data in a cloud environment. Its security model requires t...
- Q389. Which group within Cisco writes and publishes a weekly newsletter to help cybersecurity pr...
- Q390. What is a commonality between DMVPN and FlexVPN technologies?...
- Q391. An organization recently installed a Cisco WSA and would like to take advantage of the AVC...
- Q392. Which term describes when the Cisco Firepower downloads threat intelligence updates from C...
- Q393. How does Cisco Umbrella archive logs to an enterprise owned storage?...
- Q394. What provides total management for mobile and PC including managing inventory and device t...
- Q395. Refer to the exhibit. (Exhibit) Consider that any feature of DNS requests, such as the len...
- Q396. Drag and drop the threats from the left onto examples of that threat on the right (Exhibit...
- Q397. Drag and drop the capabilities of Cisco Firepower versus Cisco AMP from the left into the ...
- Q398. Which two request of REST API are valid on the Cisco ASA Platform? (Choose two.)...
- Q399. Which two aspects of the cloud PaaS model are managed by the customer but not the provider...
- Q400. Which feature within Cisco Umbrella allows for the ability to inspect secure HTTP traffic?...
- Q401. Which deployment model is the most secure when considering risks to cloud adoption?...
- Q402. An organization deploys multiple Cisco FTD appliances and wants to manage them using one c...
- Q403. What is the most commonly used protocol for network telemetry?...
- Q404. An organization recently installed a Cisco WSA and would like to take advantage of the AVC...
- Q405. Drag and drop the threats from the left onto examples of that threat on the right (Exhibit...
- Q406. A network engineer has entered the snmp-server user andy myv3 auth sha cisco priv aes 256 ...
- Q407. A network administrator is using the Cisco ESA with AMP to upload files to the cloud for a...
- Q408. Which attack is preventable by Cisco ESA but not by the Cisco WSA?...
- Q409. After a recent breach, an organization determined that phishing was used to gain initial a...
- Q410. When choosing an algorithm to us, what should be considered about Diffie Hellman and RSA f...
- Q411. Refer to the exhibit. (Exhibit) What are two indications of the Cisco Firepower Services M...
- Q412. In which cloud services model is the tenant responsible for virtual machine OS patching?...
- Q413. Which telemetry data captures variations seen within the flow, such as the packets TTL, IP...
- Q414. Which type of API is being used when a controller within a software-defined network archit...
- Q415. Drag and drop the exploits from the left onto the type of security vulnerability on the ri...
- Q416. Refer to the exhibit. (Exhibit) When configuring a remote access VPN solution terminating ...
- Q417. Drag and drop the cloud security assessment components from the left onto the definitions ...
- Q418. Which capability is exclusive to a Cisco AMP public cloud instance as compared to a privat...
- Q419. Drag and drop the capabilities of Cisco Firepower versus Cisco AMP from the left into the ...
- Q420. Which Cisco platform ensures that machines that connect to organizational networks have th...
- Q421. Which two key and block sizes are valid for AES? (Choose two.)...
- Q422. Which VPN technology can support a multivendor environment and secure traffic between site...
- Q423. With which components does a southbound API within a software-defined network architecture...
- Q424. An organization is implementing URL blocking using Cisco Umbrell a. The users are able to ...
- Q425. Which flaw does an attacker leverage when exploiting SQL injection vulnerabilities?...
- Q426. What are two benefits of Flexible NetFlow records? (Choose two)...
- Q427. Refer to the exhibit. (Exhibit) An engineer configured wired 802.1x on the network and is ...
- Q428. What is a benefit of using Cisco FMC over Cisco ASDM?...
- Q429. An engineer used a posture check on a Microsoft Windows endpoint and discovered that the M...
- Q430. How is DNS tunneling used to exfiltrate data out of a corporate network?...
- Q431. Refer to the exhibit. What function does the API key perform while working with https://ap...
- Q432. For Cisco IOS PKI, which two types of Servers are used as a distribution point for CRLs?...
- Q433. Refer to the exhibit. (Exhibit) What is the result of this Python script of the Cisco DNA ...
- Q434. Using Cisco Firepower's Security Intelligence policies, upon which two criteria is Firepow...
- Q435. What is the intent of a basic SYN flood attack?...
- Q436. In which two ways does the Cisco Advanced Phishing Protection solution protect users? (Cho...
- Q437. Which feature of Cisco ASA allows VPN users to be postured against Cisco ISE without requi...
- Q438. Which network monitoring solution uses streams and pushes operational data to provide a ne...
- Q439. Which technology should be used to help prevent an attacker from stealing usernames and pa...
- Q440. Refer to the exhibit. (Exhibit) A network administrator configures command authorization f...
- Q441. An engineer enabled SSL decryption for Cisco Umbrella intelligent proxy and needs to ensur...
- Q442. Drag and drop the Firepower Next Generation Intrusion Prevention System detectors from the...
- Q443. An administrator is configuring a DHCP server to better secure their environment. They nee...
- Q444. Which attack is preventable by Cisco ESA but not by the Cisco WSA?...
- Q445. Refer to the exhibit. What is a result of the configuration?...
- Q446. Which two methods must be used to add switches into the fabric so that administrators can ...
- Q447. A company identified a phishing vulnerability during a pentest What are two ways the compa...
- Q448. Which proxy mode must be used on Cisco WSA to redirect TCP traffic with WCCP?...
- Q449. An organization received a large amount of SPAM messages over a short time period. In orde...
- Q450. Which endpoint protection and detection feature performs correlation of telemetry, files, ...
- Q451. Drag and drop the common security threats from left onto the definitions on the right. (Ex...
- Q452. Drag and drop the steps from the left into the correct order on the right to enable AppDyn...
- Q453. What is the difference between deceptive phishing and spear phishing?...
- Q454. Refer to the exhibit. (Exhibit) Traffic is not passing through IPsec site-to-site VPN on t...
- Q455. Which proxy mode must be used on Cisco WSA to redirect TCP traffic with WCCP?...
- Q456. Drag and drop the Firepower Next Generation Intrustion Prevention System detectors from th...
- Q457. An engineer wants to generate NetFlow records on traffic traversing the Cisco ASA. Which C...
- Q458. Which command enables 802.1X globally on a Cisco switch?...
- Q459. A network administrator needs to find out what assets currently exist on the network. Thir...
- Q460. Which solution protects hybrid cloud deployment workloads with application visibility and ...
- Q461. A university policy must allow open access to resources on the Internet for research, but ...
- Q462. When Cisco and other industry organizations publish and inform users of known security fin...
- Q463. Refer to the exhibit. What does this Python script accomplish?...
- Q464. Drag and drop the threats from the left onto examples of that threat on the right (Exhibit...
- Q465. Drag and drop the exploits from the left onto the type of security vulnerability on the ri...
- Q466. How is data sent out to the attacker during a DNS tunneling attack?...
- Q467. In which two ways does Easy Connect help control network access when used with Cisco Trust...
- Q468. What is the benefit of installing Cisco AMP for Endpoints on a network?...
- Q469. Drag and drop the NetFlow export formats from the left onto the descriptions on the right....
- Q470. Which VPN provides scalability for organizations with many remote sites?...
- Q471. What is the purpose of CA in a PKI?
- Q472. Drag and drop the common security threats from the left onto the definitions on the right....
- Q473. What can be integrated with Cisco Threat Intelligence Director to provide information abou...
- Q474. With Cisco AMP for Endpoints, which option shows a list of all files that have been execut...
- Q475. Which feature requires a network discovery policy on the Cisco Firepower Next Generation I...
- Q476. Drag and drop the capabilities from the left onto the correct technologies on the right. (...
- Q477. An organization is selecting a cloud architecture and does not want to be responsible for ...
- Q478. An administrator wants to ensure that all endpoints are compliant before users are allowed...
- Q479. An organization is trying to implement micro-segmentation on the network and wants to be a...
- Q480. Drag and drop the capabilities from the left onto the correct technologies on the right. (...
- Q481. What is the difference between Cross-site Scripting and SOL Injection attacks?...
- Q482. Drag and drop the Firepower Next Generation Intrustion Prevention System detectors from th...
- Q483. What is the benefit of integrating Cisco ISE with a MDM solution?...
- Q484. How does Cisco Workload Optimization Manager help mitigate application performance issues?...
- Q485. Refer to the exhibit. (Exhibit) Which command was used to display this output?...
- Q486. An organization received a large amount of SPAM messages over a short time period. In orde...
- Q487. A network engineer is tasked with configuring a Cisco ISE server to implement external aut...
- Q488. Drag and drop the posture assessment flow actions from the left into a sequence on the rig...
- Q489. Which two capabilities does an MDM provide? (Choose two.)...
- Q490. Which two kinds of attacks are prevented by multifactor authentication? (Choose two.)...
- Q491. What is the benefit of integrating cisco ISE with a MDM solution?...
- Q492. What is a characteristic of a bridge group in ASA Firewall transparent mode'?...
- Q493. A network engineer is trying to figure out whether FlexVPN or DMVPN would fit better in th...
- Q494. A Cisco ESA network administrator has been tasked to use a newly installed service to help...
- Q495. Drag and drop the Firepower Next Generation Intrustion Prevention System detectors from th...
- Q496. Which two deployment model configurations are supported for Cisco FTDv in AWS? (Choose two...
- Q497. Which endpoint solution protects a user from a phishing attack?...
- Q498. Refer to the exhibit. (Exhibit) A network engineer is testing NTP authentication and reali...
- Q499. What is a commonality between DMVPN and FlexVPN technologies?...
- Q500. Drag and drop the exploits from the left onto the type of security vulnerability on the ri...
- Q501. Drag and drop the cryptographic algorithms for IPsec from the left onto the cryptographic ...
- Q502. Which two fields are defined in the NetFlow flow? {Choose two.)...
- Q503. Refer to the exhibit. (Exhibit) Which statement about the authentication protocol used in ...
- Q504. Which group within Cisco writes and publishes a weekly newsletter to help cybersecurity pr...
- Q505. Which suspicious pattern enables the Cisco Tetration platform to learn the normal behavior...
- Q506. A Cisco Firepower administrator needs to configure a rule to allow a new application that ...
- Q507. What are two recommended approaches to stop DNS tunneling for data exfiltration and comman...
- Q508. Which attack type attempts to shut down a machine or network so that users are not able to...
- Q509. Drag and drop the descriptions from the left onto the correct protocol versions on the rig...
- Q510. DRAG DROP Drag and drop the steps from the left into the correct order on the right to ena...
- Q511. An engineer has been tasked with implementing a solution that can be leveraged for securin...
- Q512. Drag and drop the descriptions from the left onto the encryption algorithms on the right. ...
- Q513. Which solution is made from a collection of secure development practices and guidelines th...
- Q514. An administrator is trying to determine which applications are being used in the network b...
- Q515. Which type of attack is social engineering?
- Q516. An engineer is configuring Cisco WSA and needs to enable a separated email transfer flow f...
- Q517. What is a difference between GETVPN and IPsec?...
- Q518. Which RADIUS attribute can you use to filter MAB requests in an 802.1 x deployment?...
- Q519. An organization is trying to implement micro-segmentation on the network and wants to be a...
- Q520. Drag and drop the cloud security assessment components from the left onto the definitions ...
- Q521. Drag and drop the threats from the left onto examples of that threat on the right (Exhibit...
- Q522. Drag and drop the common security threats from the left onto the definitions on the right....
- Q523. Refer to the exhibit. (Exhibit) A network administrator configures command authorization f...
- Q524. For Cisco IOS PKI, which two types of Servers are used as a distribution point for CRLs? (...
- Q525. Drag and drop the NetFlow export formats from the left onto the descriptions on the right....
- Q526. What are the two types of managed Intercloud Fabric deployment models? (Choose two.)...
- Q527. In an laaS cloud services modal, which security function is the provider responsible for m...
- Q528. An engineer wants to generate NetFlow records on traffic traversing the Cisco ASA. Which C...
- Q529. An organization is trying to implement micro-segmentation on the network and wants to be a...
- Q530. A network administrator is using the Cisco ESA with AMP to upload files to the cloud for a...
- Q531. Refer to the exhibit. (Exhibit) What function does the API key perform while working with ...
- Q532. What are two ways a network administrator transparently identifies users using Active Dire...
- Q533. Which flaw does an attacker leverage when exploiting SQL injection vulnerabilities?...
- Q534. Which two commands are required when configuring a flow-export action on a Cisco ASA? (Cho...
- Q535. Drag and drop the Firepower Next Generation Intrustion Prevention System detectors from th...
- Q536. Which attack is preventable by Cisco ESA but not by the Cisco WSA?...
- Q537. Which two aspects of the cloud PaaS model are managed by the customer but not the provider...
- Q538. Refer to the exhibit. (Exhibit) Which command was used to display this output?...
- Q539. A switch with Dynamic ARP Inspection enabled has received a spoofed ARP response on a trus...
- Q540. Which two application layer preprocessors are used by Firepower Next Generation Intrusion ...
- Q541. Which proxy mode must be used on Cisco WSA to redirect TCP traffic with WCCP?...
- Q542. Why is it important to have a patching strategy for endpoints?...
- Q543. Which technology enables integration between Cisco ISE and other platforms to gather and s...
- Q544. Drag and drop the solutions from the left onto the solution's benefits on the right. (Exhi...
- Q545. A Cisco ESA administrator has been tasked with configuring the Cisco ESA to ensure there a...
- Q546. Refer to the exhibit. What is the result of using this authentication protocol in the conf...
- Q547. Which two capabilities does TAXII support? (Choose two.)...
- Q548. Which two application layer preprocessors are used by Firepower Next Generation Intrusion ...
- Q549. Which network monitoring solution uses streams and pushes operational data to provide a ne...
- Q550. An engineer has enabled LDAP accept queries on a listener. Malicious actors must be preven...
- Q551. What is an advantage of the Cisco Umbrella roaming client?...
- Q552. Which type of dashboard does Cisco DNA Center provide for complete control of the network?...
- Q553. How does Cisco Advanced Phishing Protection protect users?...
- Q554. An organization has two systems in their DMZ that have an unencrypted link between them fo...
- Q555. Which configuration method provides the options to prevent physical and virtual endpoint d...
- Q556. What is a benefit of performing device compliance?...
- Q557. An engineer used a posture check on a Microsoft Windows endpoint and discovered that the M...
- Q558. What are two list types within AMP for Endpoints Outbreak Control? (Choose two)...
- Q559. Drag and drop the descriptions from the left onto the correct protocol versions on the rig...
- Q560. Which two deployment modes does the Cisco ASA FirePOWER module support? (Choose two.)...
- Q561. A network engineer has configured a NTP server on a Cisco ASA. The Cisco ASA has IP reacha...
- Q562. Drag and drop the NetFlow export formats from the left onto the descriptions on the right....
- Q563. Refer to the exhibit. (Exhibit) What does the number 15 represent in this configuration?...
- Q564. What are the two types of managed Intercloud Fabric deployment models? (Choose two)...
- Q565. How does Cisco Umbrella archive logs to an enterprise-owned storage?...
- Q566. Refer to the exhibit. (Exhibit) Which configuration item makes it possible to have the AAA...
- Q567. What is the purpose of CA in a PKI?
- Q568. Which solution for remote workers enables protection, detection, and response on the endpo...
- Q569. Which two aspects of the cloud PaaS model are managed by the customer but not the provider...
- Q570. With which components does a southbound API within a software-defined network architecture...
- Q571. An engineer needs a solution for TACACS+ authentication and authorization for device admin...
- Q572. Which two fields are defined in the NetFlow flow? (Choose two)...
- Q573. What is the benefit of integrating Cisco ISE with a MDM solution?...
- Q574. In which two ways does Easy Connect help control network access when used with Casco Trust...
- Q575. Which API method and required attribute are used to add a device into Cisco DNA Center wit...
- Q576. What is the difference between deceptive phishing and spear phishing?...
- Q577. Refer to the traffic storm on the network, two interfaces were error-disabled and both int...
- Q578. Drag and drop the capabilities from the left onto the correct technologies on the right. (...
- Q579. Drag and drop the solutions from the left onto the solution's benefits on the right. (Exhi...
- Q580. An administrator wants to ensure that all endpoints are compliant before users are allowed...
- Q581. What are two differences between a Cisco WSA that is running in transparent mode and one r...
- Q582. With Cisco AMP for Endpoints, which option shows a list of all files that have been execut...
- Q583. An engineer is implementing NTP authentication within their network and has configured bot...
- Q584. Refer to the exhibit. (Exhibit) Which type of authentication is in use?...
- Q585. An engineer wants to automatically assign endpoints that have a specific OUI into a new en...
- Q586. An organization received a large amount of SPAM messages over a short time period. In orde...
- Q587. Refer to the exhibit. (Exhibit) What does the number 15 represent in this configuration?...
- Q588. How does Cisco Advanced Phishing Protection protect users?...
- Q589. What is a difference between FlexVPN and DMVPN?...
- Q590. I I An engineer musiet up 200 new laptops on a network and wants to prevent the users from...
- Q591. An engineer integrates Cisco FMC and Cisco ISE using pxGrid Which role is assigned for Cis...
- Q592. Which flaw does an attacker leverage when exploiting SQL injection vulnerabilities?...
- Q593. What is the function of SDN southbound API protocols?...
- Q594. What is the primary benefit of deploying an ESA in hybrid mode?...
- Q595. Refer to the exhibit. All servers are in the same VLAN/Subnet. DNS Server-1 and DNS Server...
- Q596. What is the result of running the crypto isakmp key ciscXXXXXXXX address 172.16.0.0 comman...
- Q597. Drag and drop the cryptographic algorithms for IPsec from the left onto the cryptographic ...
- Q598. Which Cisco ASA deployment model is used to filter traffic between hosts in the same IP su...
- Q599. Which attack is commonly associated with C and C++ programming languages?...
- Q600. Drag and drop the common security threats from the left onto the definitions on the right....
- Q601. Which two services must remain as on-premises equipment when a hybrid email solution is de...
- Q602. Which two request of REST API are valid on the Cisco ASA Platform? (Choose two)...
- Q603. A company is experiencing exfiltration of credit card numbers that are not being stored on...
- Q604. Which two deployment modes does the Cisco ASA FirePower module support? (Choose two)...
- Q605. Drag and drop the suspicious patterns for the Cisco Tetration platform from the left onto ...
- Q606. An engineer is trying to securely connect to a router and wants to prevent insecure algori...
- Q607. An engineer has enabled LDAP accept queries on a listener. Malicious actors must be preven...
- Q608. Drag and drop the descriptions from the left onto the correct protocol versions on the rig...
- Q609. Which solution combines Cisco IOS and IOS XE components to enable administrators to recogn...
- Q610. A network administrator is configuring a rule in an access control policy to block certain...
- Q611. Which form of attack is launched using botnets?...
- Q612. Drag and drop the descriptions from the left onto the correct protocol versions on the rig...
- Q613. An administrator needs to configure the Cisco ASA via ASDM such that the network managemen...
- Q614. What is the primary difference between an Endpoint Protection Platform and an Endpoint Det...
- Q615. Which group within Cisco writes and publishes a weekly newsletter to help cybersecurity pr...
- Q616. What is a key difference between Cisco Firepower and Cisco ASA?...
- Q617. Drag and drop the capabilities from the left onto the correct technologies on the right. (...
- Q618. A Cisco FTD engineer is creating a new IKEv2 policy called s2s00123456789 for their organi...
- Q619. An organization has DHCP servers set up to allocate IP addresses to clients on the LAN. Wh...
- Q620. What is the purpose of the certificate signing request when adding a new certificate for a...
- Q621. Where are individual sites specified to be blacklisted in Cisco Umbrella?...
- Q622. Which information is required when adding a device to Firepower Management Center?...
- Q623. In which situation should an Endpoint Detection and Response solution be chosen versus an ...
- Q624. What features does Cisco FTDv provide over ASAv?...
- Q625. What are the two most commonly used authentication factors in multifactor authentication? ...
- Q626. Refer to the exhibit. (Exhibit) Which command was used to generate this output and to show...
- Q627. How does Cisco Advanced Phishing Protection protect users?...
- Q628. An organization uses Cisco FMC to centrally manage multiple Cisco FTD devices. The default...
- Q629. Refer to the exhibit. (Exhibit) An engineer must configure a Cisco switch to perform PPP a...
- Q630. What is a key difference between Cisco Firepower and Cisco ASA?...
- Q631. What are two Trojan malware attacks? (Choose two)...
- Q632. Refer to the exhibit. (Exhibit) What is a result of the configuration?...
- Q633. An organization has noticed an increase in malicious content downloads and wants to use Ci...
- Q634. Drag and drop the security solutions from the left onto the benefits they provide on the r...
- Q635. Drag and drop the cloud security assessment components from the left onto the definitions ...
- Q636. Which two activities can be done using Cisco DNA Center? (Choose two.)...
- Q637. Which suspicious pattern enables the Cisco Tetration platform to learn the normal behavior...
- Q638. Drag and drop the VPN functions from the left onto the description on the right. (Exhibit)...
- Q639. Refer to the exhibit. (Exhibit) Refer to the exhibit. A Cisco ISE administrator adds a new...
- Q640. When planning a VPN deployment, for which reason does an engineer opt for an active/active...
- Q641. What is the function of the Context Directory Agent?...
- Q642. What are two DDoS attack categories? (Choose two)...
- Q643. Drag and drop the posture assessment flow actions from the left into a sequence on the rig...
- Q644. (Exhibit)
- Q645. Which two services must remain as on-premises equipment when a hybrid email solution is de...
- Q646. A Cisco Firepower administrator needs to configure a rule to allow a new application that ...
- Q647. Refer to the exhibit. (Exhibit) What does the API do when connected to a Cisco security ap...
- Q648. Which Cisco security solution provides patch management in the cloud?...
- Q649. What is a benefit of using Cisco CWS compared to an on-premises Cisco WSA?...
- Q650. Refer to the exhibit. (Exhibit) An organization is using DHCP Snooping within their networ...
- Q651. When a transparent authentication fails on the Web Security Appliance, which type of acces...
- Q652. An organization is using Cisco Firepower and Cisco Meraki MX for network security and need...
- Q653. An engineer needs a solution for TACACS+ authentication and authorization for device admin...
- Q654. An engineer wants to generate NetFlow records on traffic traversing the Cisco ASA. Which C...
- Q655. I I An engineer musi set up 200 new laptops on a network and wants to prevent the users fr...
- Q656. What must be configured in Cisco ISE to enforce reauthentication of an endpoint session wh...
- Q657. What are two Detection and Analytics Engines of Cognitive Threat Analytics? (Choose two.)...
- Q658. How is DNS tunneling used to exfiltrate data out of a corporate network?...
- Q659. Refer to the exhibit. When configuring a remote access VPN solution terminating on the Cis...
- Q660. Refer to the exhibit. (Exhibit) Which type of authentication is in use?...
- Q661. What is a commonality between DMVPN and FlexVPN technologies?...
- Q662. How does a cloud access security broker function?...
- Q663. Refer to the exhibit. Which command was used to display this output?...
- Q664. An administrator is establishing a new site-to-site VPN connection on a Cisco IOS router. ...
- Q665. What is a benefit of using Cisco FMC over Cisco ASDM?...
- Q666. An organization is receiving SPAM emails from a known malicious domain What must be config...
- Q667. When NetFlow is applied to an interface, which component creates the flow monitor cache th...
