- All Exams Instant Download
Which statement about the device time is true?
Refer to the exhibit. Which statement about the device time is true?A . The time is authoritative, but the NTP process has lost contact with its servers.B . The time is authoritative because the clock is in sync.C . The clock is out of sync.D . NTP is configured incorrectly.E...
Which statement about communication over failover interfaces is true?
Which statement about communication over failover interfaces is true?A . All information that is sent over the failover and stateful failover interfaces is sent as clear text by default.B . All information that is sent over the failover interface is sent as clear text, but the stateful failover link is...
How can you mitigate DCE/RPC evasion techniques while allowing access to the DCE/RPC service?
How can you mitigate DCE/RPC evasion techniques while allowing access to the DCE/RPC service?A . Tunnel DCE/RPC traffic through GRC . Update the IPS signature for Https to validate DCE/RPC connectionsD . Block suspicious hosts from DCE/RPC port 593.E . Configure the DCE/RPC preprocessorView AnswerAnswer: C
If a packet matches more than one class map in an individual feature type's policy map, how does the ASA handle the packet?
If a packet matches more than one class map in an individual feature type's policy map, how does the ASA handle the packet?A . The ASA will apply the actions from only the first matching class map it finds for the feature type.B . The ASA will apply the actions...
What is the only permitted operation for processing multicast traffic on zone-based firewalls?
What is the only permitted operation for processing multicast traffic on zone-based firewalls? A. Only control plane policing can protect the control plane against multicast traffic. B. Stateful inspection of multicast traffic is supported only for the self-zone. C. Stateful inspection for multicast traffic is supported only between the self-zone...
Which statement about the native VLAN is true?
Which statement about the native VLAN is true?A . It is the Cisco-recommended VLAN for user trafficB . It is the Cisco recommended VLAN for switch-management trafficC . It is most secure when it is assigned to VLAN 1D . It is susceptible to VLAN hopping attacksView AnswerAnswer: D
What type of packet creates and performs network operations on a network device?
What type of packet creates and performs network operations on a network device?A . control plane packetsB . data plane packetsC . management plane packetsD . services plane packetsView AnswerAnswer: A Explanation: To send the valid key and to authenticate information from the local host to the peer, use the...
What is a reason for an organization to deploy a personal firewall?
What is a reason for an organization to deploy a personal firewall?A . To protect endpoints such as desktops from malicious activity.B . To protect one virtual network segment from another.C . To determine whether a host meets minimum security posture requirements.D . To create a separate, non-persistent virtual environment...
Which two models of ASA tend to be used in a data center? (Choose two)
Which two models of ASA tend to be used in a data center? (Choose two)A . 5520B . ASA service moduleC . 5555XD . 5540E . 5585XF . 5512XView AnswerAnswer: BE
Which IPS detection method examines network traffic for preconfigured patterns?
Which IPS detection method examines network traffic for preconfigured patterns?A . honey-pot detectionB . policy-based detectionC . anomaly-based detectionD . signature-based detectionView AnswerAnswer: D
