NEW QUESTION 1
An engineer needs a solution for TACACS+ authentication and authorization for device administration. The engineer also wants to enhance wired and wireless network security by requiring users and endpoints to use 802.1X, MAB, or WebAuth. Which product meets all of these requirements?

• A. Cisco Prime Infrastructure
• B. Cisco Identity Services Engine
• C. Cisco Stealthwatch
• D. Cisco AMP for Endpoints

Answer: B

NEW QUESTION 2
How is Cisco Umbrella configured to log only security events?

• A. per policy
• B. in the Reporting settings
• C. in the Security Settings section
• D. per network in the Deployments section

Answer: A

Explanation:
Reference: https://docs.umbrella.com/deployment-umbrella/docs/log-management

NEW QUESTION 3
What are the two most commonly used authentication factors in multifactor authentication? (Choose two.)

• A. biometric factor
• B. time factor
• C. confidentiality factor
• D. knowledge factor
• E. encryption factor

Answer: AD

NEW QUESTION 4
What is the primary difference between an Endpoint Protection Platform and an Endpoint Detection and Response?

• A. EPP focuses on prevention, and EDR focuses on advanced threats that evade perimeter defenses.
• B. EDR focuses on prevention, and EPP focuses on advanced threats that evade perimeter defenses.
• C. EPP focuses on network security, and EDR focuses on device security.
• D. EDR focuses on network security, and EPP focuses on device security.

Answer: A

Explanation:
Reference: https://www.cisco.com/c/en/us/products/security/endpoint-security/what-is-endpoint-detection-response-edr.html

NEW QUESTION 5
Which two behavioral patterns characterize a ping of death attack? (Choose two.)

• A. The attack is fragmented into groups of 16 octets before transmission.
• B. The attack is fragmented into groups of 8 octets before transmission.
• C. Short synchronized bursts of traffic are used to disrupt TCP connections.
• D. Malformed packets are used to crash systems.
• E. Publicly accessible DNS servers are typically used to execute the attack.

Answer: BD

Explanation:
Reference: https://en.wikipedia.org/wiki/Ping_of_death

NEW QUESTION 6
Which feature is supported when deploying Cisco ASAv within AWS public cloud?

• A. multiple context mode
• B. user deployment of Layer 3 networks
• C. IPv6
• D. clustering

Answer: B

Explanation:
Reference: https://www.cisco.com/c/en/us/td/docs/security/asa/asa96/asav/quick-start-book/asav-96-qsg/asav-aws.html

NEW QUESTION 7
An engineer used a posture check on a Microsoft Windows endpoint and discovered that the MS17-010 patch was not installed, which left the endpoint vulnerable to WannaCry ransomware. Which two solutions mitigate the risk of this ransomware infection? (Choose two.)

• A. Configure a posture policy in Cisco Identity Services Engine to install the MS17-010 patch before allowing access on the network.
• B. Set up a profiling policy in Cisco Identity Service Engine to check and endpoint patch level before allowing access on the network.
• C. Configure a posture policy in Cisco Identity Services Engine to check that an endpoint patch level is met before allowing access on the network.
• D. Configure endpoint firewall policies to stop the exploit traffic from being allowed to run and replicate throughout the network.
• E. Set up a well-defined endpoint patching strategy to ensure that endpoints have critical vulnerabilities patched in a timely fashion.

Answer: AC

NEW QUESTION 8
Which feature is configured for managed devices in the device platform settings of the Firepower Management Center?

• A. quality of service
• B. time synchronization
• C. network address translations
• D. intrusion policy

Answer: B

NEW QUESTION 9
DRAG DROP
Drag and drop the descriptions from the left onto the correct protocol versions on the right.
[MISSING]

• A. Yes
• B. Not Mastered

Answer: A

NEW QUESTION 10
An engineer configured a new network identity in Cisco Umbrella but must verify that traffic is being routed through the Cisco Umbrella network. Which action tests the routing?

• A. Ensure that the client computers are pointing to the on-premises DNS servers.
• B. Enable the Intelligent Proxy to validate that traffic is being routed correctly.
• C. Add the public IP address that the client computers are behind to a Core Identity.
• D. Browse to http://welcome.umbrella.com/ to validate that the new identity is working.

Answer: B

NEW QUESTION 11
The main function of northbound APIs in the SDN architecture is to enable communication between which two areas of a network?

• A. SDN controller and the cloud
• B. management console and the SDN controller
• C. management console and the cloud
• D. SDN controller and the management solution

Answer: D

NEW QUESTION 12
Which attack is commonly associated with C and C++ programming languages?

• A. cross-site scripting
• B. water holing
• C. DDoS
• D. buffer overflow

Answer: D

Explanation:
Reference: https://en.wikipedia.org/wiki/Buffer_overflow

NEW QUESTION 13
An engineer is configuring AMP for endpoints and wants to block certain files from executing. Which outbreak control method is used to accomplish this task?

• A. device flow correlation
• B. simple detections
• C. application blocking list
• D. advanced custom detections

Answer: C

NEW QUESTION 14
Which algorithm provides encryption and authentication for data plane communication?

• A. AES-GCM
• B. SHA-96
• C. AES-256
• D. SHA-384

Answer: A

NEW QUESTION 15
Which policy represents a shared set of features or parameters that define the aspects of a managed device that are likely to be similar to other managed devices in a deployment?

• A. group policy
• B. access control policy
• C. device management policy
• D. platform service policy

Answer: D

Explanation:
Reference: https://www.cisco.com/c/en/us/td/docs/security/firepower/622/configuration/guide/fpmc-config-guide-v622/platform_settings_policies_for_managed_devices.pdf

NEW QUESTION 16
Which deployment model is the most secure when considering risks to cloud adoption?

• A. public cloud
• B. hybrid cloud
• C. community cloud
• D. private cloud

Answer: D

NEW QUESTION 17
Which solution protects hybrid cloud deployment workloads with application visibility and segmentation?

• A. Nexus
• B. Stealthwatch
• C. Firepower
• D. Tetration

Answer: D

Explanation:
Reference: https://www.cisco.com/c/en/us/solutions/security/secure-data-center-solution/index.html#~products

NEW QUESTION 18
......