Which type of API is being used when a security application notifies a controller within a software-defined network architecture about a specific security threat?
An organization wants to secure users, data, and applications in the cloud. The solution must be API-based and
operate as a cloud-native CASB. Which solution must be used for this implementation?
An organization recently installed a Cisco WSA and would like to take advantage of the AVC engine to allow the organization to create a policy to control application specific activity. After enabling the AVC engine, what must be done to implement this?
A network administrator needs to find out what assets currently exist on the network. Third-party systems need to be able to feed host data into Cisco Firepower. What must be configured to accomplish this?
In an IaaS cloud services model, which security function is the provider responsible for managing?
Drag and drop the VPN functions from the left onto the description on the right.
Which attack type attempts to shut down a machine or network so that users are not able to access it?
Refer to the exhibit.
What will happen when the Python script is executed?
Which cryptographic process provides origin confidentiality, integrity, and origin authentication for packets?
Which risk is created when using an Internet browser to access cloud-based service?
What is the role of an endpoint in protecting a user from a phishing attack?
What is the purpose of the certificate signing request when adding a new certificate for a server?
Which suspicious pattern enables the Cisco Tetration platform to learn the normal behavior of users?
An administrator is configuring a DHCP server to better secure their environment. They need to be able to ratelimit the traffic and ensure that legitimate requests are not dropped. How would this be accomplished?
Refer to the exhibit.
An organization is using DHCP Snooping within their network. A user on VLAN 41 on a new switch is
complaining that an IP address is not being obtained. Which command should be configured on the switch
interface in order to provide the user with network connectivity?
What is a capability of Cisco ASA Netflow?
Drag and drop the suspicious patterns for the Cisco Tetration platform from the left onto the correct definitions on the right.
Drag and drop the common security threats from the left onto the definitions on the right.
An engineer needs a cloud solution that will monitor traffic, create incidents based on events, and integrate with
other cloud solutions via an API. Which solution should be used to accomplish this goal?
Which group within Cisco writes and publishes a weekly newsletter to help cybersecurity professionals remain
aware of the ongoing and most prevalent threats?
Which product allows Cisco FMC to push security intelligence observable to its sensors from other products?
Which cloud model is a collaborative effort where infrastructure is shared and jointly accessed by several organizations from a specific group?
Why is it important to have logical security controls on endpoints even though the users are trained to spot security threats and the network devices already help prevent them?
Which two aspects of the cloud PaaS model are managed by the customer but not the provider? (Choose two)
Drag and drop the capabilities from the left onto the correct technologies on the right.
Which factor must be considered when choosing the on-premise solution over the cloud-based one?
Drag and drop the Firepower Next Generation Intrusion Prevention System detectors from the left onto the correct definitions on the right.
An organization is implementing URL blocking using Cisco Umbrella. The users are able to go to some sites
but other sites are not accessible due to an error. Why is the error occurring?
When planning a VPN deployment, for which reason does an engineer opt for an active/active FlexVPN
configuration as opposed to DMVPN?
In which two ways does Easy Connect help control network access when used with Cisco TrustSec? (Choose two)
Due to a traffic storm on the network, two interfaces were error-disabled, and both interfaces sent SNMP traps.
Which two actions must be taken to ensure that interfaces are put back into service? (Choose two)
What are two Trojan malware attacks? (Choose two)
A network administrator is using the Cisco ESA with AMP to upload files to the cloud for analysis. The network
is congested and is affecting communication. How will the Cisco ESA handle any files which need analysis?
A network administrator is configuring a switch to use Cisco ISE for 802.1X. An endpoint is failing
authentication and is unable to access the network. Where should the administrator begin troubleshooting to verify the authentication details?
What are the two types of managed Intercloud Fabric deployment models? (Choose two.)
Which method is used to deploy certificates and configure the supplicant on mobile devices to gain access to
network resources?
Drag and drop the NetFlow export formats from the left onto the descriptions on the right.
An attacker needs to perform reconnaissance on a target system to help gain access to it. The system has weak passwords, no encryption on the VPN links, and software bugs on the system’s applications. Which
vulnerability allows the attacker to see the passwords being transmitted in clear text?
What is a function of 3DES in reference to cryptography?
Which type of dashboard does Cisco DNA Center provide for complete control of the network?
What is provided by the Secure Hash Algorithm in a VPN?
What is the benefit of installing Cisco AMP for Endpoints on a network?
An engineer has enabled LDAP accept queries on a listener. Malicious actors must be prevented from quickly
identifying all valid recipients. What must be done on the Cisco ESA to accomplish this goal?
Drag and drop the steps from the left into the correct order on the right to enable AppDynamics to monitor an EC2 instance in Amazon Web Services.
Which Cisco platform ensures that machines that connect to organizational networks have the recommended
antivirus definitions and patches to help prevent an organizational malware outbreak?
Which type of protection encrypts RSA keys when they are exported and imported?
What are two DDoS attack categories? (Choose two)
What is the function of SDN southbound API protocols?
An organization is using Cisco Firepower and Cisco Meraki MX for network security and needs to centrally
manage cloud policies across these platforms. Which software should be used to accomplish this goal?
What is an attribute of the DevSecOps process?
What are two differences between a Cisco WSA that is running in transparent mode and one running in explicit mode? (Choose two)
A network engineer is deciding whether to use stateful or stateless failover when configuring two ASAs for high availability. What is the connection status in both cases?
Refer to the exhibit.
An administrator is adding a new Cisco FTD device to their network and wants to manage it with Cisco FMC.
The Cisco FTD is not behind a NAT device. Which command is needed to enable this on the Cisco FTD?
An administrator is trying to determine which applications are being used in the network but does not want the
network devices to send metadata to Cisco Firepower. Which feature should be used to accomplish this?
Which type of algorithm provides the highest level of protection against brute-force attacks?
An engineer is implementing NTP authentication within their network and has configured both the client and server devices with the command ntp authentication-key 1 md5 Cisc392368270. The server at 1.1.1.1 is attempting to authenticate to the client at 1.1.1.2, however it is unable to do so. Which command is required to enable the client to accept the server’s authentication key?
What is a benefit of performing device compliance?
Which two cryptographic algorithms are used with IPsec? (Choose two)
What is a key difference between Cisco Firepower and Cisco ASA?
When configuring ISAKMP for IKEv1 Phase1 on a Cisco IOS router, an administrator needs to input the
command crypto isakmp key cisco address 0.0.0.0. The administrator is not sure what the IP addressing in this command issued for. What would be the effect of changing the IP address from 0.0.0.0 to 1.2.3.4?
Refer to the exhibit.
Traffic is not passing through IPsec site-to-site VPN on the Firepower Threat Defense appliance. What is causing this issue?
A Cisco Firepower administrator needs to configure a rule to allow a new application that has never been seen
on the network. Which two actions should be selected to allow the traffic to pass without inspection? (Choose
two)
How does DNS Tunneling exfiltrate data?
Which solution is more secure than the traditional use of a username and password and encompasses at least two of the methods of authentication?
Which Cisco WSA feature supports access control using URL categories?
What is the benefit of integrating Cisco ISE with a MDM solution?
An organization wants to reduce their attach surface for cloud applications. They want to understand application communications, detect abnormal application Behavior, and detect vulnerabilities within the applications. Which action accomplishes this task?
An organization wants to improve its cybersecurity processes and to add intelligence to its data The organization wants to utilize the most current intelligence data for URL filtering, reputations, and vulnerability information that can be integrated with the Cisco FTD and Cisco WSA What must be done to accomplish these objectives?
Which feature must be configured before implementing NetFlow on a router?
Which two parameters are used to prevent a data breach in the cloud? (Choose two.)
A university policy must allow open access to resources on the Internet for research, but internal workstations are exposed to malware. Which Cisco AMP feature allows the engineering team to determine whether a file is installed on a selected few workstations?
Which threat intelligence standard contains malware hashes?
What are two functionalities of SDN Northbound APIs? (Choose two.)
What is the function of the crypto is a kmp key cisc406397954 address 0.0.0.0 0.0.0.0 command when establishing an IPsec VPN tunnel?
An administrator configures a new destination list in Cisco Umbrella so that the organization can block specific domains for its devices. What should be done to ensure that all subdomains of domain.com are blocked?
Which Cisco platform onboards the endpoint and can issue a CA signed certificate while also automatically configuring endpoint network settings to use the signed endpoint certificate, allowing the endpoint to gain network access?
A network engineer must create an access control list on a Cisco Adaptive Security Appliance firewall. The access control list must permit HTTP traffic to the internet from the organization's inside network 192.168.1.0/24. Which IOS command must oe used to create the access control list?
Which two components do southbound APIs use to communicate with downstream devices? (Choose two.)
An engineer is implementing DHCP security mechanisms and needs the ability to add additional attributes to profiles that are created within Cisco ISE Which action accomplishes this task?
What are two functionalities of northbound and southbound APIs within Cisco SDN architecture? (Choose two.)
What are two benefits of using an MDM solution? (Choose two.)
Which parameter is required when configuring a Netflow exporter on a Cisco Router?
An engineer is implementing Cisco CES in an existing Microsoft Office 365 environment and must route inbound email to Cisco CE.. record must be modified to accomplish this task?
Refer to the exhibit.
A network engineer is testing NTP authentication and realizes that any device synchronizes time with this router and that NTP authentication is not enforced What is the cause of this issue?
An engineer is adding a Cisco DUO solution to the current TACACS+ deployment using Cisco ISE. The engineer wants to authenticate users using their account when they log into network devices. Which action accomplishes this task?
Which two actions does the Cisco Identity Services Engine posture module provide that ensures endpoint security? (Choose two.)
What are two security benefits of an MDM deployment? (Choose two.)
What is a description of microsegmentation?
What is a function of the Layer 4 Traffic Monitor on a Cisco WSA?
Which two commands are required when configuring a flow-export action on a Cisco ASA? (Choose two.)
What are two things to consider when using PAC files with the Cisco WSA? (Choose two.)
Which industry standard is used to integrate Cisco ISE and pxGrid to each other and with other
interoperable security platforms?
An engineer has been tasked with configuring a Cisco FTD to analyze protocol fields and detect anomalies in the traffic from industrial systems. What must be done to meet these requirements?
Refer to the exhibit. All servers are in the same VLAN/Subnet. DNS Server-1 and DNS Server-2 must communicate with each other, and all servers must communicate with default gateway multilayer switch. Which type of private VLAN ports should be configured to prevent communication between DNS servers and the file server?
What is the term for when an endpoint is associated to a provisioning WLAN that is shared with guest
access, and the same guest portal is used as the BYOD portal?
Which configuration method provides the options to prevent physical and virtual endpoint devices that are in the same base EPG or uSeg from being able to communicate with each other with Vmware VDS or Microsoft vSwitch?
What are two functions of TAXII in threat intelligence sharing? (Choose two.)
Why is it important to patch endpoints consistently?
Which command is used to log all events to a destination colector 209.165.201.107?
Drag and drop the deployment models from the left onto the explanations on the right.
Which standard is used to automate exchanging cyber threat information?
Which system performs compliance checks and remote wiping?
Which Cisco ISE feature helps to detect missing patches and helps with remediation?
Drag and drop the cryptographic algorithms for IPsec from the left onto the cryptographic processes on the right.
Drag and drop the concepts from the left onto the correct descriptions on the right
What is a difference between an XSS attack and an SQL injection attack?
What is the process of performing automated static and dynamic analysis of files against preloaded
behavioral indicators for threat analysis?
Drag and drop the exploits from the left onto the type of security vulnerability on the right.
Which algorithm is an NGE hash function?
Which direction do attackers encode data in DNS requests during exfiltration using DNS tunneling?
What is the purpose of a NetFlow version 9 template record?
How does a WCCP-configured router identify if the Cisco WSA is functional?
An administrator is adding a new Cisco ISE node to an existing deployment. What must be done to ensure that the addition of the node will be successful when inputting the FQDN?
An administrator is establishing a new site-to-site VPN connection on a Cisco IOS router. The organization
needs to ensure that the ISAKMP key on the hub is used only for terminating traffic from the IP address of
172.19.20.24. Which command on the hub will allow the administrator to accomplish this?
An engineer must modify an existing remote access VPN using a Cisco AnyConnect Secure Mobility client solution and a Cisco Secure Firewall. Currently, all the traffic generate by the user Is sent to the VPN tunnel and the engineer must now exclude some servers and access them directly instead. Which element must be modified to achieve this goat?
Which CoA response code is sent if an authorization state is changed successfully on a Cisco IOS device?
In which two ways does the Cisco Advanced Phishing Protection solution protect users? (Choose two.)
An engineer must modify a policy to block specific addresses using Cisco Umbrella. The policy is created already and is actively u: of the default policy elements. What else must be done to accomplish this task?
An engineer integrates Cisco FMC and Cisco ISE using pxGrid Which role is assigned for Cisco FMC?
Which Cisco cloud security software centrally manages policies on multiple platforms such as Cisco ASA, Cisco Firepower, Cisco Meraki, and AWS?
Which Cisco DNA Center Intent API action is used to retrieve the number of devices known to a DNA Center?
Which method of attack is used by a hacker to send malicious code through a web application to an unsuspecting user to request that the victim's web browser executes the code?
What must be enabled to secure SaaS-based applications?
An engineer is adding a Cisco router to an existing environment. NTP authentication is configured on all devices in the environment with the command ntp authentication-key 1 md5 Clsc427128380. There are two routers on the network that are configured as NTP servers for redundancy, 192.168.1.110 and 192.168.1.111. 192.168.1.110 is configured as the authoritative time source. What command must be configured on the new router to use 192.168.1.110 as its primary time source without the new router attempting to offer time to existing devices?
An engineer is configuring Cisco WSA and needs to deploy it in transparent mode. Which configuration component must be used to accomplish this goal?
A network administrator is modifying a remote access VPN on an FTD managed by an FMC. The administrator wants to offload traffic to certain trusted domains. The administrator wants this traffic to go out of the client's local internet and send other internet-bound traffic over the VPN Which feature must the administrator configure?
Which two risks is a company vulnerable to if it does not have a well-established patching solution for
endpoints? (Choose two)
Which Talos reputation center allows you to track the reputation of IP addresses for email and web traffic?
What is a characteristic of Dynamic ARP Inspection?
Which benefit does endpoint security provide the overall security posture of an organization?
A malicious user gained network access by spoofing printer connections that were authorized using MAB on
four different switch ports at the same time. What two catalyst switch security features will prevent further
violations? (Choose two)
An MDM provides which two advantages to an organization with regards to device management? (Choose two)
Which two key and block sizes are valid for AES? (Choose two)
Which ID store requires that a shadow user be created on Cisco ISE for the admin login to work?
Which protocol provides the strongest throughput performance when using Cisco AnyConnect VPN?
An engineer is configuring AMP for endpoints and wants to block certain files from executing. Which outbreak
control method is used to accomplish this task?
What is a commonality between DMVPN and FlexVPN technologies?
Which flaw does an attacker leverage when exploiting SQL injection vulnerabilities?
A mall provides security services to customers with a shared appliance. The mall wants separation of
management on the shared appliance. Which ASA deployment mode meets these needs?
Which two endpoint measures are used to minimize the chances of falling victim to phishing and social
engineering attacks? (Choose two)
What are two reasons for implementing a multifactor authentication solution such as Duo Security provide to an
organization? (Choose two)
Which two activities can be done using Cisco DNA Center? (Choose two)
Refer to the exhibit.
Which command was used to display this output?
When wired 802.1X authentication is implemented, which two components are required? (Choose two)
What is the primary difference between an Endpoint Protection Platform and an Endpoint Detection and
Response?
Which two prevention techniques are used to mitigate SQL injection attacks? (Choose two)
Which Cisco security solution protects remote users against phishing attacks when they are not connected to
the VPN?
Which feature of Cisco ASA allows VPN users to be postured against Cisco ISE without requiring an inline
posture node?
Which threat involves software being used to gain unauthorized access to a computer system?
Which two deployment model configurations are supported for Cisco FTDv in AWS? (Choose two)
What is the function of Cisco Cloudlock for data security?
Which option is the main function of Cisco Firepower impact flags?
How many interfaces per bridge group does an ASA bridge group deployment support?
What are the two most commonly used authentication factors in multifactor authentication? (Choose two)
After deploying a Cisco ESA on your network, you notice that some messages fail to reach their destinations.
Which task can you perform to determine where each message was lost?
What are two rootkit types? (Choose two)
Which two probes are configured to gather attributes of connected endpoints using Cisco Identity Services
Engine? (Choose two)
What is a difference between FlexVPN and DMVPN?
A company is experiencing exfiltration of credit card numbers that are not being stored on-premise. The
company needs to be able to protect sensitive data throughout the full environment. Which tool should be used
to accomplish this goal?
What is the difference between deceptive phishing and spear phishing?
Which statement about IOS zone-based firewalls is true?
Which statement about the configuration of Cisco ASA NetFlow v9 Secure Event Logging is true?
Which two preventive measures are used to control cross-site scripting? (Choose two)
What is the purpose of the Decrypt for Application Detection feature within the WSA Decryption options?
Refer to the exhibit.
A network administrator configured a site-to-site VPN tunnel between two Cisco IOS routers, and hosts are unable to communicate between two sites of VPN. The network administrator runs the debug crypto isakmp sa command to track VPN status. What is the problem according to this command output?
Which feature is configured for managed devices in the device platform settings of the Firepower Management
Center?
Which two are valid suppression types on a Cisco Next Generation Intrusion Prevention System? (Choose two)
In which two ways does a system administrator send web traffic transparently to the Web Security Appliance?
(Choose two)
An engineer wants to automatically assign endpoints that have a specific OUI into a new endpoint group. Which
probe must be enabled for this type of profiling to work?
An administrator wants to ensure that all endpoints are compliant before users are allowed access on the
corporate network. The endpoints must have the corporate antivirus application installed and be running the
latest build of Windows 10.
What must the administrator implement to ensure that all devices are compliant before they are allowed on the
network?
Refer to the exhibit.
What does the API do when connected to a Cisco security appliance?
How does Cisco Umbrella archive logs to an enterprise owned storage?
An organization is trying to improve their Defense in Depth by blocking malicious destinations prior to a
connection being established. The solution must be able to block certain applications from being used within the network. Which product should be used to accomplish this goal?
Which feature requires a network discovery policy on the Cisco Firepower Next Generation Intrusion Prevention
System?
When using Cisco AMP for Networks which feature copies a file to the Cisco AMP cloud for analysis?
Which benefit is provided by ensuring that an endpoint is compliant with a posture policy configured in Cisco ISE?
Which two conditions are prerequisites for stateful failover for IPsec? (Choose two)
Why would a user choose an on-premises ESA versus the CES solution?
Which two deployment modes does the Cisco ASA FirePower module support? (Choose two)
Which compliance status is shown when a configured posture policy requirement is not met?
Under which two circumstances is a CoA issued? (Choose two)
What provides visibility and awareness into what is currently occurring on the network?
What Cisco command shows you the status of an 802.1X connection on interface gi0/1?
A network engineer has entered the snmp-server user andy myv3 auth sha cisco priv aes 256
cisc0380739941 command and needs to send SNMP information to a host at 10.255.254.1. Which command achieves this goal?
What is a characteristic of Firepower NGIPS inline deployment mode?
Which Cisco AMP file disposition valid?
Which attack is commonly associated with C and C++ programming languages?
Which license is required for Cisco Security Intelligence to work on the Cisco Next Generation Intrusion
Prevention System?
What is a required prerequisite to enable malware file scanning for the Secure Internet Gateway?