Topic 1: Exam Pool A
An MDM provides which two advantages to an organization with regards to device
management? (Choose two)
A.
asset inventory management
B.
allowed application management
C.
Active Directory group policy management
D.
network device management
E.
critical device management
asset inventory management
allowed application management
Which two actions does the Cisco identity Services Engine posture module provide that
ensures endpoint security?(Choose two.)
A.
The latest antivirus updates are applied before access is allowed.
B.
Assignments to endpoint groups are made dynamically, based on endpoint attributes
C.
Patch management remediation is performed
D.
A centralized management solution is deployed
E.
Endpoint supplicant configuration is deployed
The latest antivirus updates are applied before access is allowed.
A centralized management solution is deployed
A network engineer entered the snmp-server user asmith myv7 auth sha cisco priv aes 256
cisc0xxxxxxxxx command and needs to send SNMP information to a host at 10.255.255.1.
Which
command achieves this goal?
A.
snmp-server host inside 10.255.255.1 version 3 myv7
B.
snmp-server host inside 10.255.255.1 snmpv3 myv7
C.
snmp-server host inside 10.255.255.1 version 3 asmith
D.
snmp-server host inside 10.255.255.1 snmpv3 asmith
snmp-server host inside 10.255.255.1 version 3 asmith
What are two facts about WSA HTTP proxy configuration with a PAC file? (Choose two.)
A.
It is defined as a Transparent proxy deployment
B.
In a dual-NIC configuration, the PAC file directs traffic through the two NICs to the proxy.
C.
The PAC file, which references the proxy, is deployed to the client web browser
D.
It is defined as an Explicit proxy deployment
E.
It is defined as a Bridge proxy deployment
The PAC file, which references the proxy, is deployed to the client web browser
It is defined as an Explicit proxy deployment
Which feature is supported when deploying Cisco ASAv within AWS public cloud?
A.
multiple context mode
B.
user deployment of Layer 3 networks
C.
IPv6
D.
clustering
user deployment of Layer 3 networks
ExplanationThe ASAv on AWS supports the following features:+ Support for
Amazon EC2 C5 instances, the next generation of the Amazon EC2 Compute Optimized instancefamily.+ Deployment in the Virtual Private Cloud (VPC)+ Enhanced networking (SR-IOV) where available+ Deployment from Amazon Marketplace+ Maximum of four vCPUs per instance+ User deployment of L3 networks+ Routed mode (default)Note: The Cisco Adaptive Security Virtual Appliance (ASAv) runs the same software as physical Cisco ASAs to deliver proven security functionality in a virtual form factor. The ASAv can be deployed in the public AWS cloud.It can then be configured to protect virtual and physical data center workloads that expand, contract, or shift their location over time.
Reference: https://www.cisco.com/c/en/us/td/docs/security/asa/asa96/asav/quick-startbook/
asav-96 qsg/asavaws.html
A Cisco ISE engineer configures Central Web Authentication (CWA) for wireless guest
access and must have the guest endpoints redirect to the guest portal for authentication
and authorization. While testing the policy, the engineer notices that the device is not
redirected and instead gets full guest access. What must be done for the redirect to work?
A.
Tag the guest portal in the CWA part of the Common Tasks section of the authorization
profile for the authorization policy line that the unauthenticated devices hit.
B.
Use the track movement option within the authorization profile for the authorization
policy line that the unauthenticated devices hit.
C.
Create an advanced attribute setting of Cisco:cisco-gateway-id=guest within the
authorization profile for the authorization policy line that the unauthenticated devices hit.
D.
Add the DACL name for the Airespace ACL configured on the WLC in the Common
Tasks section of the authorization profile for the authorization policy line that the
unauthenticated devices hit.
Add the DACL name for the Airespace ACL configured on the WLC in the Common
Tasks section of the authorization profile for the authorization policy line that the
unauthenticated devices hit.
Which Cisco solution extends network visibility, threat detection, and analytics to public
cloud environments?
A.
Cisco Umbrella
B.
Cisco Stealthwatch Cloud
C.
Cisco Appdynamics
D.
Cisco CloudLock
Cisco Stealthwatch Cloud
An organization is trying to improve their Defense in Depth by blocking malicious
destinations prior to a connection being established. The solution must be able to block certain applications from being used within the network. Which product should be used to accomplish this goal?
A.
Cisco Firepower
B.
Cisco Umbrella
C.
ISE
D.
AMP
Cisco Umbrella
Cisco Umbrella protects users from accessing malicious domains by proactively analyzing and blocking unsafe destinations – before a connection is ever made. Thus it can protect from phishing attacks by blocking suspicious
domains when users click on the given links that an attacker sent.
An engineer is implementing Cisco CES in an existing Microsoft Office 365 environment
and must route inbound email to Cisco CE.. record must be modified to accomplish this
task?
A.
CNAME
B.
MX
C.
SPF
D.
DKIM
MX
Which Cisco AMP file disposition valid?
A.
pristine
B.
malware
C.
dirty
D.
non malicious
malware
An engineer configured a new network identity in Cisco Umbrella but must verify that traffic is being routed through the Cisco Umbrella network. Which action tests the routing?
A.
Ensure that the client computers are pointing to the on-premises DNS servers.
B.
Enable the Intelligent Proxy to validate that traffic is being routed correctly.
C.
Add the public IP address that the client computers are behind to a Core Identity.
D.
Browse to http://welcome.umbrella.com/ to validate that the new identity is working.
Browse to http://welcome.umbrella.com/ to validate that the new identity is working.
What is a difference between Cisco AMP for Endpoints and Cisco Umbrella?
A.
Cisco AMP for Endpoints is a cloud-based service, and Cisco Umbrella is not.
B.
Cisco AMP for Endpoints prevents connections to malicious destinations, and C malware.
C.
Cisco AMP for Endpoints automatically researches indicators of compromise ..
D.
Cisco AMP for Endpoints prevents, detects, and responds to attacks before and against
Internet threats.
Cisco AMP for Endpoints prevents, detects, and responds to attacks before and against
Internet threats.
Explanation: https://learn-umbrella.cisco.com/i/802005-umbrella-security-report/3?
https://www.cisco.com/site/us/en/products/security/endpoint-security/secureendpoint/
index.html#:~:text=Powerful-EDR-capabilities,from-Kenna-Security
.
Cisco Advanced Malware Protection (AMP) for endpoints can be seen as a replacement for
the traditional antivirus solution. It is a next generation, cloud delivered endpoint protection
platform (EPP), and advanced endpoint detection and response (EDR). Providing
Protection – Detection Response
While Cisco Umbrella can enforce security at the DNS-, IP-, and HTTP/S-layer, this report
does not require that blocking is enabled and only monitors your DNS activity. Any
malicious domains requested and IPs resolved are indicators of compromise (IOC).
Any malicious domains requested and IPs resolved are indicators of compromise (IOC)
| Page 21 out of 53 Pages |
| Previous |