Limited Time Discount Offer 55% Off - Ends in 0d 00h 00m 00s - Coupon code: FIFTYFIVE

ExamsBrite Dumps

Implementing and Operating Cisco Security Core Technologies (SCOR) Question and Answers

Implementing and Operating Cisco Security Core Technologies (SCOR)

Last Update Dec 7, 2022
Total Questions : 583

We are offering FREE 350-701 Cisco exam questions. All you do is to just go and sign up. Give your details, prepare 350-701 free exam questions and then go for complete pool of Implementing and Operating Cisco Security Core Technologies (SCOR) test questions that will help you more.

350-701 pdf

350-701 PDF

$49.5  $109.99
350-701 Engine

350-701 Testing Engine

$58.5  $129.99
350-701 PDF + Engine

350-701 PDF + Testing Engine

$76.5  $169.99
Questions 1

An administrator is trying to determine which applications are being used in the network but does not want the

network devices to send metadata to Cisco Firepower. Which feature should be used to accomplish this?

Options:

A.  

NetFlow

B.  

Packet Tracer

C.  

Network Discovery

D.  

Access Control

Discussion 0
Questions 2

A Cisco Firepower administrator needs to configure a rule to allow a new application that has never been seen

on the network. Which two actions should be selected to allow the traffic to pass without inspection? (Choose

two)

Options:

A.  

permit

B.  

trust

C.  

reset

D.  

allow

E.  

monitor

Discussion 0
Questions 3

Which public cloud provider supports the Cisco Next Generation Firewall Virtual?

Options:

A.  

Google Cloud Platform

B.  

Red Hat Enterprise Visualization

C.  

VMware ESXi

D.  

Amazon Web Services

Discussion 0
Questions 4

What does Cisco AMP for Endpoints use to help an organization detect different families of malware?

Options:

A.  

Ethos Engine to perform fuzzy fingerprinting

B.  

Tetra Engine to detect malware when me endpoint is connected to the cloud

C.  

Clam AV Engine to perform email scanning

D.  

Spero Engine with machine learning to perform dynamic analysis

Discussion 0
Questions 5

A switch with Dynamic ARP Inspection enabled has received a spoofed ARP response on a trusted interface.

How does the switch behave in this situation?

Options:

A.  

It forwards the packet after validation by using the MAC Binding Table.

B.  

It drops the packet after validation by using the IP & MAC Binding Table.

C.  

It forwards the packet without validation.

D.  

It drops the packet without validation.

Discussion 0
Questions 6

An engineer notices traffic interruption on the network. Upon further investigation, it is learned that broadcast

packets have been flooding the network. What must be configured, based on a predefined threshold, to

address this issue?

Options:

A.  

Bridge Protocol Data Unit guard

B.  

embedded event monitoring

C.  

storm control

D.  

access control lists

Discussion 0
Questions 7

Which type of protection encrypts RSA keys when they are exported and imported?

Options:

A.  

file

B.  

passphrase

C.  

NGE

D.  

nonexportable

Discussion 0
Questions 8

An engineer needs a cloud solution that will monitor traffic, create incidents based on events, and integrate with

other cloud solutions via an API. Which solution should be used to accomplish this goal?

Options:

A.  

SIEM

B.  

CASB

C.  

Adaptive MFA

D.  

Cisco Cloudlock

Discussion 0
Questions 9

What is a capability of Cisco ASA Netflow?

Options:

A.  

It filters NSEL events based on traffic

B.  

It generates NSEL events even if the MPF is not configured

C.  

It logs all event types only to the same collector

D.  

It sends NetFlow data records from active and standby ASAs in an active standby failover pair

Discussion 0
Questions 10

Using Cisco Firepower’s Security Intelligence policies, upon which two criteria is Firepower block based?

(Choose two)

Options:

A.  

URLs

B.  

protocol IDs

C.  

IP addresses

D.  

MAC addresses

E.  

port numbers

Discussion 0
Questions 11

An administrator is configuring a DHCP server to better secure their environment. They need to be able to ratelimit the traffic and ensure that legitimate requests are not dropped. How would this be accomplished?

Options:

A.  

Set a trusted interface for the DHCP server

B.  

Set the DHCP snooping bit to 1

C.  

Add entries in the DHCP snooping database

D.  

Enable ARP inspection for the required VLAN

Discussion 0
Questions 12

What is the role of an endpoint in protecting a user from a phishing attack?

Options:

A.  

Use Cisco Stealthwatch and Cisco ISE Integration.

B.  

Utilize 802.1X network security to ensure unauthorized access to resources.

C.  

Use machine learning models to help identify anomalies and determine expected sending behavior.

D.  

Ensure that antivirus and anti malware software is up to date

Discussion 0
Questions 13

Which product allows Cisco FMC to push security intelligence observable to its sensors from other products?

Options:

A.  

Encrypted Traffic Analytics

B.  

Threat Intelligence Director

C.  

Cognitive Threat Analytics

D.  

Cisco Talos Intelligence

Discussion 0
Questions 14

Which two cryptographic algorithms are used with IPsec? (Choose two)

Options:

A.  

AES-BAC

B.  

AES-ABC

C.  

HMAC-SHA1/SHA2

D.  

Triple AMC-CBC

E.  

AES-CBC

Discussion 0
Questions 15

An engineer needs behavioral analysis to detect malicious activity on the hosts, and is configuring the

organization’s public cloud to send telemetry using the cloud provider’s mechanisms to a security device. Which

mechanism should the engineer configure to accomplish this goal?

Options:

A.  

mirror port

B.  

Flow

C.  

NetFlow

D.  

VPC flow logs

Discussion 0
Questions 16

Which component of Cisco umbrella architecture increases reliability of the service?

Options:

A.  

Anycast IP

B.  

AMP Threat grid

C.  

Cisco Talos

D.  

BGP route reflector

Discussion 0
Questions 17

What is a function of 3DES in reference to cryptography?

Options:

A.  

It hashes files.

B.  

It creates one-time use passwords.

C.  

It encrypts traffic.

D.  

It generates private keys.

Discussion 0
Questions 18

What is a key difference between Cisco Firepower and Cisco ASA?

Options:

A.  

Cisco ASA provides access control while Cisco Firepower does not.

B.  

Cisco Firepower provides identity-based access control while Cisco ASA does not.

C.  

Cisco Firepower natively provides intrusion prevention capabilities while Cisco ASA does not.

D.  

Cisco ASA provides SSL inspection while Cisco Firepower does not.

Discussion 0
Questions 19

What are two functions of secret key cryptography? (Choose two)

Options:

A.  

key selection without integer factorization

B.  

utilization of different keys for encryption and decryption

C.  

utilization of large prime number iterations

D.  

provides the capability to only know the key on one side

E.  

utilization of less memory

Discussion 0
Questions 20

What is a functional difference between a Cisco ASA and a Cisco IOS router with Zone-based policy firewall?

Options:

A.  

The Cisco ASA denies all traffic by default whereas the Cisco IOS router with Zone-Based Policy Firewall starts out by allowing all traffic, even on untrusted interfaces

B.  

The Cisco IOS router with Zone-Based Policy Firewall can be configured for high availability, whereas the Cisco ASA cannot

C.  

The Cisco IOS router with Zone-Based Policy Firewall denies all traffic by default, whereas the Cisco ASA starts out by allowing all traffic until rules are added

D.  

The Cisco ASA can be configured for high availability whereas the Cisco IOS router with Zone-Based Policy Firewall cannot

Discussion 0
Questions 21

Which type of API is being used when a security application notifies a controller within a software-defined network architecture about a specific security threat?

Options:

A.  

westbound AP

B.  

southbound API

C.  

northbound API

D.  

eastbound API

Discussion 0
Questions 22

Refer to the exhibit.

What will happen when this Python script is run?

Options:

A.  

The compromised computers and malware trajectories will be received from Cisco AMP

B.  

The list of computers and their current vulnerabilities will be received from Cisco AMP

C.  

The compromised computers and what compromised them will be received from Cisco AMP

D.  

The list of computers, policies, and connector statuses will be received from Cisco AMP

Discussion 0
Questions 23

What are two DDoS attack categories? (Choose two)

Options:

A.  

sequential

B.  

protocol

C.  

database

D.  

volume-based

E.  

screen-based

Discussion 0
Questions 24

Which cryptographic process provides origin confidentiality, integrity, and origin authentication for packets?

Options:

A.  

IKEv1

B.  

AH

C.  

ESP

D.  

IKEv2

Discussion 0
Questions 25

Which two aspects of the cloud PaaS model are managed by the customer but not the provider? (Choose two)

Options:

A.  

virtualization

B.  

middleware

C.  

operating systems

D.  

applications

E.  

data

Discussion 0
Questions 26

What is the benefit of installing Cisco AMP for Endpoints on a network?

Options:

A.  

It provides operating system patches on the endpoints for security.

B.  

It provides flow-based visibility for the endpoints network connections.

C.  

It enables behavioral analysis to be used for the endpoints.

D.  

It protects endpoint systems through application control and real-time scanning

Discussion 0
Questions 27

What are two Trojan malware attacks? (Choose two)

Options:

A.  

Frontdoor

B.  

Rootkit

C.  

Smurf

D.  

Backdoor

E.  

Sync

Discussion 0
Questions 28

Which factor must be considered when choosing the on-premise solution over the cloud-based one?

Options:

A.  

With an on-premise solution, the provider is responsible for the installation and maintenance of the product, whereas with a cloud-based solution, the customer is responsible for it

B.  

With a cloud-based solution, the provider is responsible for the installation, but the customer is responsible for the maintenance of the product.

C.  

With an on-premise solution, the provider is responsible for the installation, but the customer is responsible for the maintenance of the product.

D.  

With an on-premise solution, the customer is responsible for the installation and maintenance of the

product, whereas with a cloud-based solution, the provider is responsible for it.

Discussion 0
Questions 29

An engineer is implementing NTP authentication within their network and has configured both the client and server devices with the command ntp authentication-key 1 md5 Cisc392368270. The server at 1.1.1.1 is attempting to authenticate to the client at 1.1.1.2, however it is unable to do so. Which command is required to enable the client to accept the server’s authentication key?

Options:

A.  

ntp peer 1.1.1.1 key 1

B.  

ntp server 1.1.1.1 key 1

C.  

ntp server 1.1.1.2 key 1

D.  

ntp peer 1.1.1.2 key 1

Discussion 0
Questions 30

Which statement about IOS zone-based firewalls is true?

Options:

A.  

An unassigned interface can communicate with assigned interfaces

B.  

Only one interface can be assigned to a zone.

C.  

An interface can be assigned to multiple zones.

D.  

An interface can be assigned only to one zone.

Discussion 0
Questions 31

Which API is used for Content Security?

Options:

A.  

NX-OS API

B.  

IOS XR API

C.  

OpenVuln API

D.  

AsyncOS API

Discussion 0
Questions 32

Which two statements about a Cisco WSA configured in Transparent mode are true? (Choose two)

Options:

A.  

It can handle explicit HTTP requests.

B.  

It requires a PAC file for the client web browser.

C.  

It requires a proxy for the client web browser.

D.  

WCCP v2-enabled devices can automatically redirect traffic destined to port 80.

E.  

Layer 4 switches can automatically redirect traffic destined to port 80.

Discussion 0
Questions 33

Refer to the exhibit.

What does the number 15 represent in this configuration?

Options:

A.  

privilege level for an authorized user to this router

B.  

access list that identifies the SNMP devices that can access the router

C.  

interval in seconds between SNMPv3 authentication attempts

D.  

number of possible failed attempts until the SNMPv3 user is locked out

Discussion 0
Questions 34

Which technology is used to improve web traffic performance by proxy caching?

Options:

A.  

WSA

B.  

Firepower

C.  

FireSIGHT

D.  

ASA

Discussion 0
Questions 35

Which protocol provides the strongest throughput performance when using Cisco AnyConnect VPN?

Options:

A.  

TLSv1.2

B.  

TLSv1.1

C.  

BJTLSv1

D.  

DTLSv1

Discussion 0
Questions 36

Refer to the exhibit.

Which command was used to display this output?

Options:

A.  

show dot1x all

B.  

show dot1x

C.  

show dot1x all summary

D.  

show dot1x interface gi1/0/12

Discussion 0
Questions 37

What can be integrated with Cisco Threat Intelligence Director to provide information about security threats,

which allows the SOC to proactively automate responses to those threats?

Options:

A.  

Cisco Umbrella

B.  

External Threat Feeds

C.  

Cisco Threat Grid

D.  

Cisco Stealthwatch

Discussion 0
Questions 38

Which functions of an SDN architecture require southbound APIs to enable communication?

Options:

A.  

SDN controller and the network elements

B.  

management console and the SDN controller

C.  

management console and the cloud

D.  

SDN controller and the cloud

Discussion 0
Questions 39

What are two rootkit types? (Choose two)

Options:

A.  

registry

B.  

virtual

C.  

bootloader

D.  

user mode

E.  

buffer mode

Discussion 0
Questions 40

An engineer configured a new network identity in Cisco Umbrella but must verify that traffic is being routed

through the Cisco Umbrella network. Which action tests the routing?

Options:

A.  

Ensure that the client computers are pointing to the on-premises DNS servers.

B.  

Enable the Intelligent Proxy to validate that traffic is being routed correctly.

C.  

Add the public IP address that the client computers are behind to a Core Identity.

D.  

Browse to http://welcome.umbrella.com/ to validate that the new identity is working.

Discussion 0
Questions 41

In which two ways does a system administrator send web traffic transparently to the Web Security Appliance?

(Choose two)

Options:

A.  

configure Active Directory Group Policies to push proxy settings

B.  

configure policy-based routing on the network infrastructure

C.  

reference a Proxy Auto Config file

D.  

configure the proxy IP address in the web-browser settings

E.  

use Web Cache Communication Protocol

Discussion 0
Questions 42

Which two descriptions of AES encryption are true? (Choose two)

Options:

A.  

AES is less secure than 3DES.

B.  

AES is more secure than 3DES.

C.  

AES can use a 168-bit key for encryption.

D.  

AES can use a 256-bit key for encryption.

E.  

AES encrypts and decrypts a key three times in sequence.

Discussion 0
Questions 43

Refer to the exhibit.

What does the API do when connected to a Cisco security appliance?

Options:

A.  

get the process and PID information from the computers in the network

B.  

create an SNMP pull mechanism for managing AMP

C.  

gather network telemetry information from AMP for endpoints

D.  

gather the network interface information about the computers AMP sees

Discussion 0
Questions 44

Which two are valid suppression types on a Cisco Next Generation Intrusion Prevention System? (Choose two)

Options:

A.  

Port

B.  

Rule

C.  

Source

D.  

Application

E.  

Protocol

Discussion 0
Questions 45

An engineer needs a solution for TACACS+ authentication and authorization for device administration.

The engineer also wants to enhance wired and wireless network security by requiring users and endpoints to

use 802.1X, MAB, or WebAuth. Which product meets all of these requirements?

Options:

A.  

Cisco Prime Infrastructure

B.  

Cisco Identity Services Engine

C.  

Cisco Stealthwatch

D.  

Cisco AMP for Endpoints

Discussion 0
Questions 46

Which VPN technology can support a multivendor environment and secure traffic between sites?

Options:

A.  

SSL VPN

B.  

GET VPN

C.  

FlexVPN

D.  

DMVPN

Discussion 0
Questions 47

Refer to the exhibit.

What is a result of the configuration?

Options:

A.  

Traffic from the DMZ network is redirected

B.  

Traffic from the inside network is redirected

C.  

All TCP traffic is redirected

D.  

Traffic from the inside and DMZ networks is redirected

Discussion 0
Questions 48

How is Cisco Umbrella configured to log only security events?

Options:

A.  

per policy

B.  

in the Reporting settings

C.  

in the Security Settings section

D.  

per network in the Deployments section

Discussion 0
Questions 49

Which Talos reputation center allows you to track the reputation of IP addresses for email and web traffic?

Options:

A.  

IP Blacklist Center

B.  

File Reputation Center

C.  

AMP Reputation Center

D.  

IP and Domain Reputation Center

Discussion 0
Questions 50

A malicious user gained network access by spoofing printer connections that were authorized using MAB on

four different switch ports at the same time. What two catalyst switch security features will prevent further

violations? (Choose two)

Options:

A.  

DHCP Snooping

B.  

802.1AE MacSec

C.  

Port security

D.  

IP Device track

E.  

Dynamic ARP inspection

F.  

Private VLANs

Discussion 0
Questions 51

Which two prevention techniques are used to mitigate SQL injection attacks? (Choose two)

Options:

A.  

Check integer, float, or Boolean string parameters to ensure accurate values.

B.  

Use prepared statements and parameterized queries.

C.  

Secure the connection between the web and the app tier.

D.  

Write SQL code instead of using object-relational mapping libraries.

E.  

Block SQL code execution in the web application database login.

Discussion 0
Questions 52

Which two probes are configured to gather attributes of connected endpoints using Cisco Identity Services

Engine? (Choose two)

Options:

A.  

RADIUS

B.  

TACACS+

C.  

DHCP

D.  

sFlow

E.  

SMTP

Discussion 0
Questions 53

What provides the ability to program and monitor networks from somewhere other than the DNAC GUI?

Options:

A.  

NetFlow

B.  

desktop client

C.  

ASDM

D.  

API

Discussion 0
Questions 54

Which two characteristics of messenger protocols make data exfiltration difficult to detect and prevent?

(Choose two)

Options:

A.  

Outgoing traffic is allowed so users can communicate with outside organizations.

B.  

Malware infects the messenger application on the user endpoint to send company data.

C.  

Traffic is encrypted, which prevents visibility on firewalls and IPS systems.

D.  

An exposed API for the messaging platform is used to send large amounts of data.

E.  

Messenger applications cannot be segmented with standard network controls

Discussion 0
Questions 55

Which PKI enrollment method allows the user to separate authentication and enrollment actions and also

provides an option to specify HTTP/TFTP commands to perform file retrieval from the server?

Options:

A.  

url

B.  

terminal

C.  

profile

D.  

selfsigned

Discussion 0
Questions 56

Which Cisco AMP file disposition valid?

Options:

A.  

pristine

B.  

malware

C.  

dirty

D.  

non malicious

Discussion 0
Questions 57

What is the term for having information about threats and threat actors that helps mitigate harmful events that would otherwise compromise networks or systems?

Options:

A.  

trusted automated exchange

B.  

Indicators of Compromise

C.  

The Exploit Database

D.  

threat intelligence

Discussion 0
Questions 58

An engineer is configuring web filtering for a network using Cisco Umbrella Secure Internet Gateway.

The requirement is that all traffic needs to be filtered. Using the SSL decryption feature, which type of

certificate should be presented to the end-user to accomplish this goal?

Options:

A.  

third-party

B.  

self-signed

C.  

organization owned root

D.  

SubCA

Discussion 0
Questions 59

An administrator is configuring N I P on Cisco ASA via ASDM and needs to ensure that rogue NTP servers cannot insert themselves as the authoritative time source Which two steps must be taken to accomplish this task? (Choose two)

Options:

A.  

Specify the NTP version

B.  

Configure the NTP stratum

C.  

Set the authentication key

D.  

Choose the interface for syncing to the NTP server

E.  

Set the NTP DNS hostname

Discussion 0
Questions 60

What two mechanisms are used to redirect users to a web portal to authenticate to ISE for guest services?

(Choose two)

Options:

A.  

multiple factor auth

B.  

local web auth

C.  

single sign-on

D.  

central web auth

E.  

TACACS+

Discussion 0
Questions 61

Which type of attack is social engineering?

Options:

A.  

trojan

B.  

phishing

C.  

malware

D.  

MITM

Discussion 0
Questions 62

An engineer is configuring Cisco Umbrella and has an identity that references two different policies. Which action ensures that the policy that the identity must use takes precedence over the second one?

Options:

A.  

Configure the default policy to redirect the requests to the correct policy

B.  

Place the policy with the most-specific configuration last in the policy order

C.  

Configure only the policy with the most recently changed timestamp

D.  

Make the correct policy first in the policy order

Discussion 0
Questions 63

Which two criteria must a certificate meet before the WSA uses it to decrypt application traffic? (Choose two.)

Options:

A.  

It must include the current date.

B.  

It must reside in the trusted store of the WSA.

C.  

It must reside in the trusted store of the endpoint.

D.  

It must have been signed by an internal CA.

E.  

it must contain a SAN.

Discussion 0
Questions 64

Which Cisco ASA deployment model is used to filter traffic between hosts in the same IP subnet using higher-level protocols without readdressing the network?

Options:

A.  

routed mode

B.  

transparent mode

C.  

single context mode

D.  

multiple context mode

Discussion 0
Questions 65

Why is it important to patch endpoints consistently?

Options:

A.  

Patching reduces the attack surface of the infrastructure.

B.  

Patching helps to mitigate vulnerabilities.

C.  

Patching is required per the vendor contract.

D.  

Patching allows for creating a honeypot.

Discussion 0
Questions 66

An engineer enabled SSL decryption for Cisco Umbrella intelligent proxy and needs to ensure that traffic is inspected without alerting end-users. Which action accomplishes this goal?

Options:

A.  

Restrict access to only websites with trusted third-party signed certificates.

B.  

Modify the user’s browser settings to suppress errors from Cisco Umbrella.

C.  

Upload the organization root CA to Cisco Umbrella.

D.  

Install the Cisco Umbrella root CA onto the user’s device.

Discussion 0
Questions 67

Which service allows a user export application usage and performance statistics with Cisco Application Visibility

and control?

Options:

A.  

SNORT

B.  

NetFlow

C.  

SNMP

D.  

802.1X

Discussion 0
Questions 68

A network engineer must monitor user and device behavior within the on-premises network. This data must be sent to the Cisco Stealthwatch Cloud analytics platform for analysis. What must be done to meet this

requirement using the Ubuntu-based VM appliance deployed in a VMware-based hypervisor?

Options:

A.  

Configure a Cisco FMC to send syslogs to Cisco Stealthwatch Cloud

B.  

Deploy the Cisco Stealthwatch Cloud PNM sensor that sends data to Cisco Stealthwatch Cloud

C.  

Deploy a Cisco FTD sensor to send network events to Cisco Stealthwatch Cloud

D.  

Configure a Cisco FMC to send NetFlow to Cisco Stealthwatch Cloud

Discussion 0
Questions 69

Which system facilitates deploying microsegmentation and multi-tenancy services with a policy-based container?

Options:

A.  

SDLC

B.  

Docker

C.  

Lambda

D.  

Contiv

Discussion 0
Questions 70

What is the difference between EPP and EDR?

Options:

A.  

EPP focuses primarily on threats that have evaded front-line defenses that entered the environment.

B.  

Having an EPP solution allows an engineer to detect, investigate, and remediate modern threats.

C.  

EDR focuses solely on prevention at the perimeter.

D.  

Having an EDR solution gives an engineer the capability to flag offending files at the first sign of malicious behavior.

Discussion 0
Questions 71

Which feature does the laaS model provide?

Options:

A.  

granular control of data

B.  

dedicated, restricted workstations

C.  

automatic updates and patching of software

D.  

software-defined network segmentation

Discussion 0
Questions 72

What are two functionalities of SDN Northbound APIs? (Choose two.)

Options:

A.  

Northbound APIs provide a programmable interface for applications to dynamically configure the network.

B.  

Northbound APIs form the interface between the SDN controller and business applications.

C.  

OpenFlow is a standardized northbound API protocol.

D.  

Northbound APIs use the NETCONF protocol to communicate with applications.

E.  

Northbound APIs form the interface between the SDN controller and the network switches or routers.

Discussion 0
Questions 73

How does a cloud access security broker function?

Options:

A.  

It is an authentication broker to enable single sign-on and multi-factor authentication for a cloud solution

B.  

lt integrates with other cloud solutions via APIs and monitors and creates incidents based on events from the cloud solution

C.  

It acts as a security information and event management solution and receives syslog from other cloud solutions.

D.  

It scans other cloud solutions being used within the network and identifies vulnerabilities

Discussion 0
Questions 74

An organization wants to improve its cybersecurity processes and to add intelligence to its data The organization wants to utilize the most current intelligence data for URL filtering, reputations, and vulnerability information that can be integrated with the Cisco FTD and Cisco WSA What must be done to accomplish these objectives?

Options:

A.  

Create a Cisco pxGrid connection to NIST to import this information into the security products for policy use

B.  

Create an automated download of the Internet Storm Center intelligence feed into the Cisco FTD and Cisco WSA databases to tie to the dynamic access control policies.

C.  

Download the threat intelligence feed from the IETF and import it into the Cisco FTD and Cisco WSA databases

D.  

Configure the integrations with Talos Intelligence to take advantage of the threat intelligence that it provides.

Discussion 0
Questions 75

Which metric is used by the monitoring agent to collect and output packet loss and jitter information?

Options:

A.  

WSAv performance

B.  

AVC performance

C.  

OTCP performance

D.  

RTP performance

Discussion 0
Questions 76

What are two advantages of using Cisco Any connect over DMVPN? (Choose two)

Options:

A.  

It provides spoke-to-spoke communications without traversing the hub

B.  

It allows different routing protocols to work over the tunnel

C.  

It allows customization of access policies based on user identity

D.  

It allows multiple sites to connect to the data center

E.  

It enables VPN access for individual users from their machines

Discussion 0
Questions 77

What are two security benefits of an MDM deployment? (Choose two.)

Options:

A.  

robust security policy enforcement

B.  

privacy control checks

C.  

on-device content management

D.  

distributed software upgrade

E.  

distributed dashboard

Discussion 0
Questions 78

An engineer needs to add protection for data in transit and have headers in the email message Which configuration is needed to accomplish this goal?

Options:

A.  

Provision the email appliance

B.  

Deploy an encryption appliance.

C.  

Map sender !P addresses to a host interface.

D.  

Enable flagged message handling

Discussion 0
Questions 79

An administrator enables Cisco Threat Intelligence Director on a Cisco FMC. Which process uses STIX and allows uploads and downloads of block lists?

Options:

A.  

consumption

B.  

sharing

C.  

editing

D.  

authoring

Discussion 0
Questions 80

An administrator configures a Cisco WSA to receive redirected traffic over ports 80 and 443. The organization requires that a network device with specific WSA integration capabilities be configured to send the traffic to the WSA to proxy the requests and increase visibility, while making this invisible to the users. What must be done on the Cisco WSA to support these requirements?

Options:

A.  

Configure transparent traffic redirection using WCCP in the Cisco WSA and on the network device

B.  

Configure active traffic redirection using WPAD in the Cisco WSA and on the network device

C.  

Use the Layer 4 setting in the Cisco WSA to receive explicit forward requests from the network device

D.  

Use PAC keys to allow only the required network devices to send the traffic to the Cisco WSA

Discussion 0
Questions 81

When a Cisco WSA checks a web request, what occurs if it is unable to match a user-defined policy?

Options:

A.  

It blocks the request.

B.  

It applies the global policy.

C.  

It applies the next identification profile policy.

D.  

It applies the advanced policy.

Discussion 0
Questions 82

An organization is implementing AAA for their users. They need to ensure that authorization is verified for every command that is being entered by the network administrator. Which protocol must be configured in order to provide this capability?

Options:

A.  

EAPOL

B.  

SSH

C.  

RADIUS

D.  

TACACS+

Discussion 0
Questions 83

Which open standard creates a framework for sharing threat intelligence in a machine-digestible format?

Options:

A.  

OpenC2

B.  

OpenlOC

C.  

CybOX

D.  

STIX

Discussion 0
Questions 84

What are two benefits of using an MDM solution? (Choose two.)

Options:

A.  

grants administrators a way to remotely wipe a lost or stolen device

B.  

provides simple and streamlined login experience for multiple applications and users

C.  

native integration that helps secure applications across multiple cloud platforms or on-premises environments

D.  

encrypts data that is stored on endpoints

E.  

allows for centralized management of endpoint device applications and configurations

Discussion 0
Questions 85

In which two ways does the Cisco Advanced Phishing Protection solution protect users? (Choose two.)

Options:

A.  

It prevents use of compromised accounts and social engineering.

B.  

It prevents all zero-day attacks coming from the Internet.

C.  

It automatically removes malicious emails from users' inbox.

D.  

It prevents trojan horse malware using sensors.

E.  

It secures all passwords that are shared in video conferences.

Discussion 0
Questions 86

Which Cisco platform processes behavior baselines, monitors for deviations, and reviews for malicious processes in data center traffic and servers while performing software vulnerability detection?

Options:

A.  

Cisco Tetration

B.  

Cisco ISE

C.  

Cisco AMP for Network

D.  

Cisco AnyConnect

Discussion 0
Questions 87

An organization must add new firewalls to its infrastructure and wants to use Cisco ASA or Cisco FTD.

The chosen firewalls must provide methods of blocking traffic that include offering the user the option to bypass the block for certain sites after displaying a warning page and to reset the connection. Which solution should the organization choose?

Options:

A.  

Cisco FTD because it supports system rate level traffic blocking, whereas Cisco ASA does not

B.  

Cisco ASA because it allows for interactive blocking and blocking with reset to be configured via the GUI, whereas Cisco FTD does not.

C.  

Cisco FTD because it enables interactive blocking and blocking with reset natively, whereas Cisco ASA does not

D.  

Cisco ASA because it has an additional module that can be installed to provide multiple blocking capabilities, whereas Cisco FTD does not.

Discussion 0