- All Exams Instant Download
Which two preventive measures are used to control cross-site scripting? (Choose two.)
Which two preventive measures are used to control cross-site scripting? (Choose two.)A . Enable client-side scripts on a per-domain basis.B . Incorporate contextual output encoding/escaping.C . Disable cookie inspection in the HTML inspection engine.D . Run untrusted HTML input through an HTML sanitization engine.E . SameSite cookie attribute should not...
What are the two most commonly used authentication factors in multifactor authentication? (Choose two.)
What are the two most commonly used authentication factors in multifactor authentication? (Choose two.)A . biometric factorB . time factorC . confidentiality factorD . knowledge factorE . encryption factorView AnswerAnswer: AD
Which statement about the configuration of Cisco ASA NetFlow v9 Secure Event Logging is true?
Which statement about the configuration of Cisco ASA NetFlow v9 Secure Event Logging is true?A . To view bandwidth usage for NetFlow records, the QoS feature must be enabled.B . A sysopt command can be used to enable NSEL on a specific interface.C . NSEL can be used without a...
Which two conditions are prerequisites for stateful failover for IPsec? (Choose two.)
Which two conditions are prerequisites for stateful failover for IPsec? (Choose two.)A . Only the IKE configuration that is set up on the active device must be duplicated on the standby device; the IPsec configuration is copied automatically.B . The active and standby devices can run different versions of the...
Which two key and block sizes are valid for AES? (Choose two.)
Which two key and block sizes are valid for AES? (Choose two.)A . 64-bit block size, 112-bit key lengthB . 64-bit block size, 168-bit key lengthC . 128-bit block size, 192-bit key lengthD . 128-bit block size, 256-bit key lengthE . 192-bit block size, 256-bit key lengthView AnswerAnswer: CD Explanation:...
Which command enables 802.1X globally on a Cisco switch?
Which command enables 802.1X globally on a Cisco switch?A . dot1x system-auth-controlB . dot1x pae authenticatorC . authentication port-control autoD . aaa new-modelView AnswerAnswer: A Explanation: Reference: https://www.cisco.com/c/en/us/td/docs/routers/nfvis/switch_command/b-nfvis-switch-commandreference/802_1x_commands.html
Which list contains the allowed recipient addresses?
An engineer is configuring a Cisco ESA and wants to control whether to accept or reject email messages to a recipient address. Which list contains the allowed recipient addresses?A . SATB . BATC . HATD . RATView AnswerAnswer: D
Which network monitoring solution uses streams and pushes operational data to provide a near real-time view of activity?
Which network monitoring solution uses streams and pushes operational data to provide a near real-time view of activity?A . SNMPB . SMTPC . syslogD . model-driven telemetryView AnswerAnswer: D Explanation: Reference: https://developer.cisco.com/docs/ios-xe/#!streaming-telemetry-quick-start-guide
Which feature requires a network discovery policy on the Cisco Firepower Next Generation Intrusion Prevention System?
Which feature requires a network discovery policy on the Cisco Firepower Next Generation Intrusion Prevention System?A . security intelligenceB . impact flagsC . health monitoringD . URL filteringView AnswerAnswer: A
For which two conditions can an endpoint be checked using ISE posture assessment? (Choose two.)
For which two conditions can an endpoint be checked using ISE posture assessment? (Choose two.)A . computer identityB . Windows serviceC . user identityD . Windows firewallE . default browserView AnswerAnswer: BD
