Bộ đề thi chứng chỉ CCNP Security

Bạn đang xem bản rút gọn của tài liệu. Xem và tải ngay bản đầy đủ của tài liệu tại đây (1.04 MB, 54 trang )

Implementing and Operating Cisco Security Core Technologies (SCOR 350-701)

Exam Name: Implementing and Operating Cisco Security Core Technologies (SCOR 350-701)
Exam Code: 350-701
Exam Price: $400 (USD)
Duration: 120 mins
Number of Questions: 60
Passing Score: 825/1000
350-701 Exam Engine is rigorously checked before being put up for sale. We make sure there is nothing
irrelevant in 370-401 exam products and you get latest questions. We strive to deliver the best 370-401 exam
product for top grades in your first attempt.
Developed by: Hussain & Aaron
Dump Vendor: Homer Co., Ltd
Contact us:
Website: COMING SOON
© 2020 Homer Co., Ltd

Get Latest & Actual Exam's Question and Answers from © Homer CO., LTD. We cover ALL Cisco and Non-Cisco Exam Dumps.
Cisco Written & LAB Dump, AWS, Azure, Oracle, Huawei, Aruba, Fortinet, F5, RedHat Linux, Comptia, CEHv10, Palo Alto, Check Point, EC Council and many more.
"We make sale ONLY if the dump is stable" Contact us:

QUESTION 1
Which attack is commonly associated with C and C++ programming languages?
A.
B.
C.
D.

cross-site scriptingwrong
DDoS

buffer overflow
water holing

Correct Answer: C
QUESTION 2
What is a language format designed to exchange threat intelligence that can be transported over the TAXII protocol?
A.
B.
C.
D.

SMTPwrong
pxGrid
STIX
XMPP

Correct Answer: C
QUESTION 3
Which two preventive measures are used to control cross-site scripting? (Choose two)
A.
B.
C.
D.
E.

Disable cookie inspection in the HTML inspection engine.wrong
Incorporate contextual output encoding/escaping
Enable client-side scripts on a per-domain basis
Run untrusted HTML input through an HTML sanitization engine.
Same Site cookie attribute should not be used.

Correct Answer: BC
QUESTION 4
Which two mechanisms are used to control phishing attacks? (Choose two)
A. Use antispyware software.wrong
B. Implement email filtering techniques.
C. Revoke expired CRL of the websites.

Get Latest & Actual Exam's Question and Answers from © Homer CO., LTD. We cover ALL Cisco and Non-Cisco Exam Dumps.
Cisco Written & LAB Dump, AWS, Azure, Oracle, Huawei, Aruba, Fortinet, F5, RedHat Linux, Comptia, CEHv10, Palo Alto, Check Point, EC Council and many more.
"We make sale ONLY if the dump is stable" Contact us:

D. Enable browser alerts for fraudulent websites.
E. Define security group memberships.
Correct Answer: BD
QUESTION 5
In which form of attack is alternate encoding, such as hexadecimal representation, most often observed?
A.
B.
C.
D.

rootkit exploitwrong
Smurf
distributed denial of service
cross-site scripting

Correct Answer: D
QUESTION 6

Which two behavioral patterns characterize a ping of death attack? (Choose two)
A.
B.
C.
D.
E.

Malformed packets are used to crash systems.
The attack is fragmented into groups of 8 octets before transmission.
The attack is fragmented into groups of 16 octets before transmission.
Publicly accessible DNS servers are typically used to execute the attack.
Short synchronized bursts of traffic are used to disrupt TCP connections.

Correct Answer: AB
QUESTION 7
What is the difference between deceptive phishing and spear phishing?
A.
B.
C.
D.

Deceptive phishing hijacks and manipulates the DNS server of the victim and redirects the user to a false webpage.
A spear phishing campaign is aimed at a specific person versus a group of people.
Spear phishing is when the attack is aimed at the C-level executives of an organization.
Deceptive phishing is an attacked aimed at a specific user in the organization who holds a C-level role.

Correct Answer: B
QUESTION 8
Which two endpoint measures are used to minimize the chances of falling victim to phishing and social engineering attacks? (Choose two)

Correlation

Correct Answer: AD
QUESTION 10
Which flaw does an attacker leverage when exploiting SQL injection vulnerabilities?
A.
B.
C.
D.

web page images
database
Linux and Windows operating systems
user input validation in a web page or web application

Correct Answer: D
QUESTION 11
Which two prevention techniques are used to mitigate SQL injection attacks? (Choose two)
A.
B.
C.
D.
E.

Secure the connection between the web and the app tier.
Use prepared statements and parameterized queries.
Check integer, float, or Boolean string parameters to ensure accurate values.
Block SQL code execution in the web application database login.
Write SQL code instead of using object-relational mapping libraries.

Correct Answer: C
QUESTION 14
Which PKI enrollment method allows the user to separate authentication and enrollment actions and also provides an option to specify HTTP/TFTP
commands to perform file retrieval from the server?
A.
B.
C.
D.

profile
url
terminal
selfsigned

Correct Answer: A
QUESTION 15
Which two risks is a company vulnerable to if it does not have a well-established patching solution for endpoints? (Choose two)
A. ARP spoofing
B. exploits
C. malware

Get Latest & Actual Exam's Question and Answers from © Homer CO., LTD. We cover ALL Cisco and Non-Cisco Exam Dumps.
Cisco Written & LAB Dump, AWS, Azure, Oracle, Huawei, Aruba, Fortinet, F5, RedHat Linux, Comptia, CEHv10, Palo Alto, Check Point, EC Council and many more.
"We make sale ONLY if the dump is stable" Contact us:

D. eavesdropping
E. denial-of-service attacks
Correct Answer: BC

QUESTION 16
What are two rootkit types? (Choose two)
A.
B.
C.
D.
E.

bootloader
buffer mode
registry
virtual
user mode

Correct Answer: A
QUESTION 17
Which threat involves software being used to gain unauthorized access to a computer system?
A.
B.
C.
D.

ping of death
HTTP flood
virus
NTP amplification

Correct Answer: C
QUESTION 18
Elliptic curve cryptography is a stronger more efficient cryptography method meant to replace which current encryption technology?

A.
B.
C.
D.

3DES
DES
RSA
AES

Correct Answer: C
QUESTION 19
Which two descriptions of AES encryption are true? (Choose two)

Get Latest & Actual Exam's Question and Answers from © Homer CO., LTD. We cover ALL Cisco and Non-Cisco Exam Dumps.
Cisco Written & LAB Dump, AWS, Azure, Oracle, Huawei, Aruba, Fortinet, F5, RedHat Linux, Comptia, CEHv10, Palo Alto, Check Point, EC Council and many more.
"We make sale ONLY if the dump is stable" Contact us:

A.
B.
C.
D.
E.

AES is more secure than 3DES.
AES can use a 168-bit key for encryption.
AES can use a 256-bit key for encryption.
AES encrypts and decrypts a key three times in sequence.
AES is less secure than 3DES.

Correct Answer: AC
QUESTION 20
Which algorithm provides encryption and authentication for data plane communication?
A.
B.
C.
D.

SHA-96
SHA-384
AES-GCM
AES-256

Correct Answer: C
QUESTION 21
Which two key and block sizes are valid for AES? (Choose two)
A.
B.
C.
D.
E.

128-bit block size, 192-bit key length
128-bit block size, 256-bit key length
64-bit block size, 168-bit key length
192-bit block size, 256-bit key length
64-bit block size, 112-bit key length

Correct Answer: AB

QUESTION 22
What is the result of running the crypto isakmp key ciscXXXXXXXX address 172.16.0.0 command?
A.
B.
C.
D.

authenticates the IKEv2 peers in the 172.16.0.0/16 range by using the key ciscXXXXXXXX
authenticates the IP address of the 172.16.0.0/32 peer by using the key ciscXXXXXXXX
authenticates the IKEv1 peers in the 172.16.0.0/16 range by using the key ciscXXXXXXXX
secures all the certificates in the IKE exchange by using the key ciscXXXXXXXX

Correct Answer: B

Get Latest & Actual Exam's Question and Answers from © Homer CO., LTD. We cover ALL Cisco and Non-Cisco Exam Dumps.
Cisco Written & LAB Dump, AWS, Azure, Oracle, Huawei, Aruba, Fortinet, F5, RedHat Linux, Comptia, CEHv10, Palo Alto, Check Point, EC Council and many more.
"We make sale ONLY if the dump is stable" Contact us:

QUESTION 23
Which technology must be used to implement secure VPN connectivity among company branches over a private IP cloud with any-to-any scalable
connectivity?
A.
B.
C.
D.

DMVPN
FlexVPN
IPsec DVTI

GET VPN

Correct Answer: D
QUESTION 24
Which two conditions are prerequisites for stateful failover for IPsec? (Choose two)
A. Only the IKE configuration that is set up on the active device must be duplicated on the standby device; the IPsec configuration is copied
automatically
B. The active and standby devices can run different versions of the Cisco IOS software but must be the same type of device.
C. The IPsec configuration that is set up on the active device must be duplicated on the standby device
D. Only the IPsec configuration that is set up on the active device must be duplicated on the standby device; the IKE configuration is copied
automatically.
E. The active and standby devices must run the same version of the Cisco IOS software and must be the same type of device.
Correct Answer: CE
QUESTION 25
Which VPN technology can support a multivendor environment and secure traffic between sites?
A.
B.
C.
D.

SSL VPN
GET VPN
FlexVPN
DMVPN

Correct Answer: B
QUESTION 26
A network engineer is configuring DMVPN and entered the crypto isakmp key cisc0380739941 address 0.0.0.0 command on hostA. The tunnel is not
being established to hostB. What action is needed to authenticate the VPN?
A. Change isakmp to ikev2 in the command on hostA.

Get Latest & Actual Exam's Question and Answers from © Homer CO., LTD. We cover ALL Cisco and Non-Cisco Exam Dumps.
Cisco Written & LAB Dump, AWS, Azure, Oracle, Huawei, Aruba, Fortinet, F5, RedHat Linux, Comptia, CEHv10, Palo Alto, Check Point, EC Council and many more.
"We make sale ONLY if the dump is stable" Contact us:

B. Enter the command with a different password on hostB.
C. Enter the same command on hostB.
D. Change the password on hostA to the default password.
Correct Answer: C
QUESTION 27
Refer to the exhibit.

Get Latest & Actual Exam's Question and Answers from © Homer CO., LTD. We cover ALL Cisco and Non-Cisco Exam Dumps.
Cisco Written & LAB Dump, AWS, Azure, Oracle, Huawei, Aruba, Fortinet, F5, RedHat Linux, Comptia, CEHv10, Palo Alto, Check Point, EC Council and many more.
"We make sale ONLY if the dump is stable" Contact us:

A network administrator configured a site-to-site VPN tunnel between two Cisco IOS routers, and hosts are unable to communicate between two sites of
VPN. The network administrator runs the debug crypto isakmp sa command to track VPN status. What is the problem according to this command
output?
A.
B.
C.
D.

hashing algorithm mismatch
encryption algorithm mismatch
authentication key mismatch
interesting traffic was not applied

Correct Answer: C
QUESTION 28
What is a difference between FlexVPN and DMVPN?
A.
B.
C.
D.

DMVPN uses IKEv1 or IKEv2, FlexVPN only uses IKEv1
DMVPN uses only IKEv1 FlexVPN uses only IKEv2
FlexVPN uses IKEv2, DMVPN uses IKEv1 or IKEv2
FlexVPN uses IKEv1 or IKEv2, DMVPN uses only IKEv2

Correct Answer: C
QUESTION 29
Which protocol provides the strongest throughput performance when using Cisco AnyConnect VPN?
A.
B.
C.
D.

TLSv1.2
TLSv1.1
BJTLSv1
DTLSv1

Correct Answer: D
QUESTION 30
What is a commonality between DMVPN and FlexVPN technologies?

A.
B.
C.
D.

FlexVPN and DMVPN use IS-IS routing protocol to communicate with spokes
FlexVPN and DMVPN use the new key management protocol
FlexVPN and DMVPN use the same hashing algorithms
IOS routers run the same NHRP code for DMVPN and FlexVPN

Get Latest & Actual Exam's Question and Answers from © Homer CO., LTD. We cover ALL Cisco and Non-Cisco Exam Dumps.
Cisco Written & LAB Dump, AWS, Azure, Oracle, Huawei, Aruba, Fortinet, F5, RedHat Linux, Comptia, CEHv10, Palo Alto, Check Point, EC Council and many more.
"We make sale ONLY if the dump is stable" Contact us:

Correct Answer: D
QUESTION 31
Which functions of an SDN architecture require southbound APIs to enable communication?
A.
B.
C.
D.

management console and the cloud
management console and the SDN controller
SDN controller and the cloud
SDN controller and the network elements

Correct Answer: D
QUESTION 32

Which two features of Cisco DNA Center are used in a Software Defined Network solution? (Choose two)
A.
B.
C.
D.
E.

accounting
encryption
assurance
automation
authentication

Correct Answer: CD
QUESTION 33
The main function of northbound APIs in the SDN architecture is to enable communication between which two areas of a network?
A.
B.
C.
D.

SDN controller and the cloud
management console and the cloud
management console and the SDN controller
SDN controller and the management solution

Correct Answer: D
QUESTION 34
Which two request of REST API are valid on the Cisco ASA Platform? (Choose two)
A. push

B. options

Get Latest & Actual Exam's Question and Answers from © Homer CO., LTD. We cover ALL Cisco and Non-Cisco Exam Dumps.
Cisco Written & LAB Dump, AWS, Azure, Oracle, Huawei, Aruba, Fortinet, F5, RedHat Linux, Comptia, CEHv10, Palo Alto, Check Point, EC Council and many more.
"We make sale ONLY if the dump is stable" Contact us:

C. connect
D. put
E. get
Correct Answer: AD
QUESTION 35
Refer to the exhibit.

What does the API do when connected to a Cisco security appliance?
A.
B.
C.
D.

create an SNMP pull mechanism for managing AMP
gather network telemetry information from AMP for endpoints
get the process and PID information from the computers in the network
gather the network interface information about the computers AMP sees

Correct Answer: D
QUESTION 36
Refer to the exhibit.
Get Latest & Actual Exam's Question and Answers from © Homer CO., LTD. We cover ALL Cisco and Non-Cisco Exam Dumps.
Cisco Written & LAB Dump, AWS, Azure, Oracle, Huawei, Aruba, Fortinet, F5, RedHat Linux, Comptia, CEHv10, Palo Alto, Check Point, EC Council and many more.

"We make sale ONLY if the dump is stable" Contact us:

What is the result of this Python script of the Cisco DNA Center API?
A. adds a switch to Cisco DNA Center
B. adds authentication to a switch
C. receives information about a switch
Correct Answer: A

Get Latest & Actual Exam's Question and Answers from © Homer CO., LTD. We cover ALL Cisco and Non-Cisco Exam Dumps.
Cisco Written & LAB Dump, AWS, Azure, Oracle, Huawei, Aruba, Fortinet, F5, RedHat Linux, Comptia, CEHv10, Palo Alto, Check Point, EC Council and many more.
"We make sale ONLY if the dump is stable" Contact us:

QUESTION 37
Which API is used for Content Security?
A.
B.
C.
D.

OpenVuln API
IOS XR API
NX-OS API
AsyncOS API

Correct Answer: D
QUESTION 38
Which option is the main function of Cisco Firepower impact flags?
A.

B.
C.
D.

They alert administrators when critical events occur.
They identify data that the ASA sends to the Firepower module.
They correlate data about intrusions and vulnerability.
They highlight known and suspected malicious IP addresses in reports.

Correct Answer: C
QUESTION 39
Which two deployment model configurations are supported for Cisco FTDv in AWS? (Choose two)
A.
B.
C.
D.
E.

Cisco FTDv configured in routed mode and IPv6 configured
Cisco FTDv configured in routed mode and managed by a physical FMC appliance on premises
Cisco FTDv configured in routed mode and managed by an FMCv installed in AWS
Cisco FTDv with two management interfaces and one traffic interface configured
Cisco FTDv with one management interface and two traffic interfaces configured

Correct Answer: BC
QUESTION 40
The Cisco ASA must support TLS proxy for encrypted Cisco Unified Communications traffic. Where must the ASA be added on the Cisco UC Manager
platform?
A. Endpoint Trust List
B. Secured Collaboration Proxy

C. Certificate Trust List

Get Latest & Actual Exam's Question and Answers from © Homer CO., LTD. We cover ALL Cisco and Non-Cisco Exam Dumps.
Cisco Written & LAB Dump, AWS, Azure, Oracle, Huawei, Aruba, Fortinet, F5, RedHat Linux, Comptia, CEHv10, Palo Alto, Check Point, EC Council and many more.
"We make sale ONLY if the dump is stable" Contact us:

D. Enterprise Proxy Service
Correct Answer: C
QUESTION 41
Which two deployment modes does the Cisco ASA FirePower module support? (Choose two)
A.
B.
C.
D.
E.

routed mode
active mode
transparent mode
inline mode
passive monitor-only mode

Correct Answer: DE
QUESTION 42
Which feature is configured for managed devices in the device platform settings of the Firepower Management Center?
A.
B.
C.
D.

time synchronization
network address translations
quality of service
intrusion policy

Correct Answer: A
QUESTION 43
Which information is required when adding a device to Firepower Management Center?
A.
B.
C.
D.

encryption method
username and password
device serial number
registration key

Correct Answer: D
QUESTION 44
Which two are valid suppression types on a Cisco Next Generation Intrusion Prevention System? (Choose two)
A. Protocol

Get Latest & Actual Exam's Question and Answers from © Homer CO., LTD. We cover ALL Cisco and Non-Cisco Exam Dumps.
Cisco Written & LAB Dump, AWS, Azure, Oracle, Huawei, Aruba, Fortinet, F5, RedHat Linux, Comptia, CEHv10, Palo Alto, Check Point, EC Council and many more.
"We make sale ONLY if the dump is stable" Contact us:

B.

C.
D.
E.

Source
Port
Application
Rule

Correct Answer: BE
QUESTION 45
Which feature requires a network discovery policy on the Cisco Firepower Next Generation Intrusion Prevention System?
A.
B.
C.
D.

Security Intelligence
URL Filtering
Impact Flags
Health Monitoring

Correct Answer: C
QUESTION 46
Which license is required for Cisco Security Intelligence to work on the Cisco Next Generation Intrusion Prevention System?
A.
B.
C.
D.

protect
malware
URL filtering
control

Correct Answer: A
QUESTION 47
On Cisco Firepower Management Center, which policy is used to collect health modules alerts from managed devices?
A.
B.
C.
D.
E.

health policy
correlation policy
system policy
health awareness policy
access control policy

Correct Answer: A
QUESTION 48
Get Latest & Actual Exam's Question and Answers from © Homer CO., LTD. We cover ALL Cisco and Non-Cisco Exam Dumps.
Cisco Written & LAB Dump, AWS, Azure, Oracle, Huawei, Aruba, Fortinet, F5, RedHat Linux, Comptia, CEHv10, Palo Alto, Check Point, EC Council and many more.
"We make sale ONLY if the dump is stable" Contact us:

What is a characteristic of Cisco ASA Netflow v9 Secure Event Logging?
A.
B.

C.
D.

Its events match all traffic classes in parallel.
It tracks the flow continuously and provides updates every 10 seconds.
It tracks flow-create, flow-teardown, and flow-denied events.
It provides stateless IP flow tracking that exports all records of a specific flow.

Correct Answer: C
QUESTION 49
Which two application layer preprocessors are used by Firepower Next Generation Intrusion Prevention System? (Choose two)
A.
B.
C.
D.
E.

SSL
packet decoder
SIP
modbus
inline normalization

Correct Answer: AC
QUESTION 50
Which feature is supported when deploying Cisco ASAv within AWS public cloud?
A.
B.
C.
D.

user deployment of Layer 3 networks
multiple context mode
clustering
IPv6

Correct Answer: A
QUESTION 51
A mall provides security services to customers with a shared appliance. The mall wants separation of management on the shared appliance. Which ASA
deployment mode meets these needs?
A.
B.
C.
D.

routed mode
transparent mode
multiple zone mode
multiple context mode

Get Latest & Actual Exam's Question and Answers from © Homer CO., LTD. We cover ALL Cisco and Non-Cisco Exam Dumps.
Cisco Written & LAB Dump, AWS, Azure, Oracle, Huawei, Aruba, Fortinet, F5, RedHat Linux, Comptia, CEHv10, Palo Alto, Check Point, EC Council and many more.
"We make sale ONLY if the dump is stable" Contact us:

Correct Answer: D
QUESTION 52
Which two tasks allow NetFlow on a Cisco ASA 5500 Series firewall? (Choose two)
A.
B.

C.
D.
E.

Define a NetFlow collector by using the flow-export command.
Enable NetFlow Version 9.
Create an ACL to allow UDP traffic on port 9996.
Create a class map to match interesting traffic.
Apply NetFlow Exporter to the outside interface in the inbound direction.

Correct Answer: AE
QUESTION 53
How many interfaces per bridge group does an ASA bridge group deployment support?
A.
B.
C.
D.

up to 8
up to 4
up to 16
up to 2

Correct Answer: B
QUESTION 54
Which policy is used to capture host information on the Cisco Firepower Next Generation Intrusion Prevention System?
A.
B.
C.
D.

Intrusion
Correlation
Access Control
Network Discovery

Correct Answer: D
QUESTION 55
Which statement describes a traffic profile on a Cisco Next Generation Intrusion Prevention System?
A. It inspects hosts that meet the profile with more intrusion rules.
B. It defines a traffic baseline for traffic anomaly deduction.
C. It allows traffic if it does not meet the profile.

Get Latest & Actual Exam's Question and Answers from © Homer CO., LTD. We cover ALL Cisco and Non-Cisco Exam Dumps.
Cisco Written & LAB Dump, AWS, Azure, Oracle, Huawei, Aruba, Fortinet, F5, RedHat Linux, Comptia, CEHv10, Palo Alto, Check Point, EC Council and many more.
"We make sale ONLY if the dump is stable" Contact us:

D. It blocks traffic if it does not meet the profile.
Correct Answer: B
QUESTION 56
Which statement about the configuration of Cisco ASA NetFlow v9 Secure Event Logging is true?
A.
B.
C.
D.

To view bandwidth usage for NetFlow records, the QoS feature must be enabled.
A flow-export event type must be defined under a policy.
NSEL can be used without a collector configured.

A sysopt command can be used to enable NSEL on a specific interface.

Correct Answer: B
QUESTION 57
Which ASA deployment mode can provide separation of management on a shared appliance?
A.
B.
C.
D.

transparent firewall mode
routed mode
multiple context mode
DMZ multiple zone mode

Correct Answer: C
QUESTION 58
Which policy represents a shared set of features or parameters that define the aspects of a managed device that are likely to be similar to other
managed devices in a deployment?
A.
B.
C.
D.

Device Management Policy
Group Policy
Platform Service Policy
Access Control Policy

Correct Answer: C

QUESTION 59
Which CLI command is used to register a Cisco FirePower sensor to Firepower Management Center?
A. configure manager <key> add host

Get Latest & Actual Exam's Question and Answers from © Homer CO., LTD. We cover ALL Cisco and Non-Cisco Exam Dumps.
Cisco Written & LAB Dump, AWS, Azure, Oracle, Huawei, Aruba, Fortinet, F5, RedHat Linux, Comptia, CEHv10, Palo Alto, Check Point, EC Council and many more.
"We make sale ONLY if the dump is stable" Contact us:

B. configure system add <host><key>
C. configure manager add <host><key>
D. configure manager delete
Correct Answer: C
QUESTION 60
An engineer wants to generate NetFlow records on traffic traversing the Cisco ASA. Which Cisco ASA command must be used?
A.
B.
C.
D.

ip flow monitor input
flow-export destination inside 1.1.1.1 2055
flow exporter
ip flow-export destination 1.1.1.1 2055

Correct Answer: B
QUESTION 61
Refer to the exhibit. What is a result of the configuration?

Get Latest & Actual Exam's Question and Answers from © Homer CO., LTD. We cover ALL Cisco and Non-Cisco Exam Dumps.

Cisco Written & LAB Dump, AWS, Azure, Oracle, Huawei, Aruba, Fortinet, F5, RedHat Linux, Comptia, CEHv10, Palo Alto, Check Point, EC Council and many more.
"We make sale ONLY if the dump is stable" Contact us:

A.
B.
C.
D.

Traffic from the inside network is redirected
Traffic from the inside and DMZ networks is redirected
All TCP traffic is redirected
Traffic from the DMZ network is redirected

Correct Answer: B
QUESTION 62
Which statement about IOS zone-based firewalls is true?
A.
B.
C.
D.

An unassigned interface can communicate with assigned interfaces
An interface can be assigned to multiple zones.
An interface can be assigned only to one zone.
Only one interface can be assigned to a zone.

Correct Answer: C
QUESTION 63
What is a characteristic of Firepower NGIPS inline deployment mode?

A.
B.
C.
D.

It must have inline interface pairs configured.
ASA with Firepower module cannot be deployed.
It is out-of-band from traffic.
It cannot take actions such as blocking traffic.

Correct Answer: A
QUESTION 64
Which technology is used to improve web traffic performance by proxy caching?
A.
B.
C.
D.

FireSIGHT
WSA
ASA
Firepower

Correct Answer: B
QUESTION 65

Get Latest & Actual Exam's Question and Answers from © Homer CO., LTD. We cover ALL Cisco and Non-Cisco Exam Dumps.
Cisco Written & LAB Dump, AWS, Azure, Oracle, Huawei, Aruba, Fortinet, F5, RedHat Linux, Comptia, CEHv10, Palo Alto, Check Point, EC Council and many more.
"We make sale ONLY if the dump is stable" Contact us:

What is the primary benefit of deploying an ESA in hybrid mode?
A.
B.
C.
D.

You can fine-tune its settings to provide the optimum balance between security and performance for your environment
It provides the lowest total cost of ownership by reducing the need for physical appliances
It provides email security while supporting the transition to the cloud
It provides maximum protection and control of outbound messages

Correct Answer: C
QUESTION 66
Which proxy mode must be used on Cisco WSA to redirect TCP traffic with WCCP?
A.
B.
C.
D.

redirection
forward
transparent
proxy gateway

Correct Answer: C
QUESTION 67
What is the purpose of the Decrypt for Application Detection feature within the WSA Decryption options?
A.
B.

C.
D.

It alerts users when the WSA decrypts their traffic.
It provides enhanced HTTPS application detection for AsyncOS.
It decrypts HTTPS application traffic for unauthenticated users.
It decrypts HTTPS application traffic for authenticated users.

Correct Answer: B
QUESTION 68
What is the primary role of the Cisco Email Security Appliance?
A.
B.
C.
D.

Mail Submission Agent
Mail User Agent
Mail Transfer Agent
Mail Delivery Agent

Correct Answer: C

Get Latest & Actual Exam's Question and Answers from © Homer CO., LTD. We cover ALL Cisco and Non-Cisco Exam Dumps.
Cisco Written & LAB Dump, AWS, Azure, Oracle, Huawei, Aruba, Fortinet, F5, RedHat Linux, Comptia, CEHv10, Palo Alto, Check Point, EC Council and many more.
"We make sale ONLY if the dump is stable" Contact us:

QUESTION 69
Which two features are used to configure Cisco ESA with a multilayer approach to fight viruses and malware? (Choose two)

A.
B.
C.
D.
E.

RAT
white list
Sophos engine
outbreak filters
DLP

Correct Answer: CD
QUESTION 70
Which action controls the amount of URI text that is stored in Cisco WSA logs files?
A.
B.
C.
D.

Configure the advancedproxyconfig command with the HTTPS subcommand
Configure a maximum packet size.
Configure a small log-entry size.
Configure the datasecurityconfig command

Correct Answer: A
QUESTION 71
Which two features of Cisco Email Security can protect your organization against email threats? (Choose two)
A.
B.

C.
D.
E.

NetFlow
Data loss prevention
Time-based one-time passwords
Heuristic-based filtering
Geolocation-based filtering

Correct Answer: BE
QUESTION 72
In which two ways does a system administrator send web traffic transparently to the Web Security Appliance? (Choose two)
A.
B.
C.
D.

reference a Proxy Auto Config file
configure policy-based routing on the network infrastructure
use Web Cache Communication Protocol
configure the proxy IP address in the web-browser settings
Get Latest & Actual Exam's Question and Answers from © Homer CO., LTD. We cover ALL Cisco and Non-Cisco Exam Dumps.
Cisco Written & LAB Dump, AWS, Azure, Oracle, Huawei, Aruba, Fortinet, F5, RedHat Linux, Comptia, CEHv10, Palo Alto, Check Point, EC Council and many more.
"We make sale ONLY if the dump is stable" Contact us:

E. configure Active Directory Group Policies to push proxy settings
Correct Answer: AC
QUESTION 73

After deploying a Cisco ESA on your network, you notice that some messages fail to reach their destinations. Which task can you perform to determine
where each message was lost?
A.
B.
C.
D.

Perform a trace.
Configure the trackingconfig command to enable message tracking.
Review the log files.
Generate a system report.

Correct Answer: B
QUESTION 74
Which two statements about a Cisco WSA configured in Transparent mode are true? (Choose two)
A.
B.
C.
D.
E.

It can handle explicit HTTP requests.
It requires a proxy for the client web browser.
Layer 4 switches can automatically redirect traffic destined to port 80.
It requires a PAC file for the client web browser.
WCCP v2-enabled devices can automatically redirect traffic destined to port 80.

Correct Answer: CE
QUESTION 75
An engineer is configuring a Cisco ESA and wants to control whether to accept or reject email messages to a recipient address. Which list contains the

allowed recipient addresses?
A.
B.
C.
D.

RAT
HAT
SAT
BAT

Correct Answer: A
QUESTION 76
Which two services must remain as on-premises equipment when a hybrid email solution is deployed? (Choose two)

Get Latest & Actual Exam's Question and Answers from © Homer CO., LTD. We cover ALL Cisco and Non-Cisco Exam Dumps.
Cisco Written & LAB Dump, AWS, Azure, Oracle, Huawei, Aruba, Fortinet, F5, RedHat Linux, Comptia, CEHv10, Palo Alto, Check Point, EC Council and many more.
"We make sale ONLY if the dump is stable" Contact us:

A.
B.
C.
D.
E.

antispam
DDoS
encryption
antivirus

DLP

Correct Answer: CE
QUESTION 77
Which Talos reputation center allows you to track the reputation of IP addresses for email and web traffic?
A.
B.
C.
D.

AMP Reputation Center
IP Blacklist Center
IP and Domain Reputation Center
File Reputation Center

Correct Answer: C
QUESTION 78
Why would a user choose an on-premises ESA versus the CES solution?
A.
B.
C.
D.

Demand is unpredictable.
ESA is deployed inline.
Sensitive data must remain onsite.
The server team wants to outsource this service.

Correct Answer: C
QUESTION 79

Which deployment model is the most secure when considering risks to cloud adoption?
A.
B.
C.
D.

Public Cloud
Community Cloud
Private Cloud
Hybrid Cloud

Correct Answer: C
QUESTION 80
Get Latest & Actual Exam's Question and Answers from © Homer CO., LTD. We cover ALL Cisco and Non-Cisco Exam Dumps.
Cisco Written & LAB Dump, AWS, Azure, Oracle, Huawei, Aruba, Fortinet, F5, RedHat Linux, Comptia, CEHv10, Palo Alto, Check Point, EC Council and many more.
"We make sale ONLY if the dump is stable" Contact us:

Bộ đề thi chứng chỉ CCNP Security

Tài liệu liên quan

Tài liệu bạn tìm kiếm đã sẵn sàng tải về