- All Exams Instant Download
Why would a user choose an on-premises ESA versus the CES solution?
Why would a user choose an on-premises ESA versus the CES solution?A . Sensitive data must remain onsite. B. Demand is unpredictable. C. The server team wants to outsource this service. D. ESA is deployed inline.View AnswerAnswer: A
What are two reasons for implementing a multifactor authentication solution such as Duo Security provide to an organization? (Choose two)
What are two reasons for implementing a multifactor authentication solution such as Duo Security provide to an organization? (Choose two)A . flexibility of different methods of 2FA such as phone callbacks, SMS passcodes, and push notifications B. single sign-on access to on-premises and cloud applications C. integration with 802.1x security...
Which IPS engine detects ARP spoofing?
Which IPS engine detects ARP spoofing?A . Atomic ARP Engine B. Service Generic Engine C. ARP Inspection Engine D. AIC EngineView AnswerAnswer: A
What is a required prerequisite to enable malware file scanning for the Secure Internet Gateway?
What is a required prerequisite to enable malware file scanning for the Secure Internet Gateway?A . Enable IP Layer enforcement. B. Activate the Advanced Malware Protection license C. Activate SSL decryption. D. Enable Intelligent Proxy.View AnswerAnswer: D
What are two list types within AMP for Endpoints Outbreak Control? (Choose two)
What are two list types within AMP for Endpoints Outbreak Control? (Choose two)A . blocked ports B. simple custom detections C. command and control D. allowed applications E. URLView AnswerAnswer: B,D Explanation: Advanced Malware Protection (AMP) for Endpoints offers a variety of lists, referred to as Outbreak Control, that allow...
How is DNS tunneling used to exfiltrate data out of a corporate network?
How is DNS tunneling used to exfiltrate data out of a corporate network?A . It corrupts DNS servers by replacing the actual IP address with a rogue address to collect information or start other attacks. B. It encodes the payload with random characters that are broken into short strings and...
What is the function of Cisco Cloudlock for data security?
What is the function of Cisco Cloudlock for data security?A . data loss prevention B. controls malicious cloud apps C. detects anomalies D. user and entity behavior analyticsView AnswerAnswer: A
Which two deployment modes does the Cisco ASA FirePower module support? (Choose two)
Which two deployment modes does the Cisco ASA FirePower module support? (Choose two)A . transparent mode B. routed mode C. inline mode D. active mode E. passive monitor-only modeView AnswerAnswer: C,D Explanation: Reference: https://www.cisco.com/c/en/us/td/docs/security/asa/asa92/asdm72/firewall/asa-firewall-asdm/modules-sfr.html
command must be used?
An engineer wants to generate NetFlow records on traffic traversing the Cisco ASA. Which Cisco ASA command must be used? A. flow-export destination inside 1.1.1.1 2055 B. ip flow monitor input C. ip flow-export destination 1.1.1.1 2055 D. flow exporterView AnswerAnswer: A Explanation: Reference: https://www.cisco.com/c/en/us/td/docs/security/asa/asa84/configuration/guide/asa_84_cli_config/monitor_nsel.html
What is a commonality between DMVPN and FlexVPN technologies?
What is a commonality between DMVPN and FlexVPN technologies?A . FlexVPN and DMVPN use IS-IS routing protocol to communicate with spokes B. FlexVPN and DMVPN use the new key management protocol C. FlexVPN and DMVPN use the same hashing algorithms D. IOS routers run the same NHRP code for DMVPN...
