- All Exams Instant Download
What can the SMTP preprocessor in FirePOWER normalize?
What can the SMTP preprocessor in FirePOWER normalize?A . It can extract and decode email attachments in client to server traffic.B . It can look up the email sender.C . It compares known threats to the email sender.D . It can forward the SMTP traffic to an email filter server.E...
What three actions are limitations when running IPS in promiscuous mode? (Choose three.)
What three actions are limitations when running IPS in promiscuous mode? (Choose three.)A . deny attackerB . deny packetC . modify packetD . request block connectionE . request block hostF . reset TCP connectionView AnswerAnswer: A,B,C Explanation: In promiscuous mode, packets do not flow through the sensor. The disadvantage of...
What is a possible result of this activity?
An attacker installs a rogue switch that sends superior BPDUs on your network. What is a possible result of this activity?A . The switch could offer fake DHCP addresses.B . The switch could become the root bridge.C . The switch could be allowed to join the VTP domain.D . The...
In what type of attack does an attacker virtually change a device's burned-in address in an attempt to circumvent access lists and mask the device's true identity?
In what type of attack does an attacker virtually change a device's burned-in address in an attempt to circumvent access lists and mask the device's true identity?A . gratuitous ARPB . ARP poisoningC . IP spoofingD . MAC spoofingView AnswerAnswer: D Explanation: If a switch receives an inferior BPDU, nothing...
Which two statements about Telnet access to the ASA are true? (Choose two).
Which two statements about Telnet access to the ASA are true? (Choose two).A . You may VPN to the lowest security interface to telnet to an inside interface.B . You must configure an AAA server to enable Telnet.C . You can access all interfaces on an ASA using Telnet.D ....
How does the Cisco ASA use Active Directory to authorize VPN users?
How does the Cisco ASA use Active Directory to authorize VPN users?A . It queries the Active Directory server for a specific attribute for the specified user.B . It sends the username and password to retrieve an ACCEPT or REJECT message from the Active Directory server.C . It downloads and...
Which actions can a promiscuous IPS take to mitigate an attack? (Choose three.)
Which actions can a promiscuous IPS take to mitigate an attack? (Choose three.)A . Modifying packetsB . Requesting connection blockingC . Denying packetsD . Resetting the TCP connectionE . Requesting host blockingF . Denying framesView AnswerAnswer: B,D,E Explanation: Promiscuous Mode Event Actions + Request block host: This event action will...
When a company puts a security policy in place, what is the effect on the company’s business?
When a company puts a security policy in place, what is the effect on the company’s business?A . Minimizing riskB . Minimizing total cost of ownershipC . Minimizing liabilityD . Maximizing complianceView AnswerAnswer: A Explanation: The first step in protecting a business network is creating a security policy. A security...
Which TACACS+ server-authentication protocols are supported on Cisco ASA firewalls? (Choose three.)
Which TACACS+ server-authentication protocols are supported on Cisco ASA firewalls? (Choose three.)A . EAPB . ASCIIC . PAPD . PEAPE . MS-CHAPv1F . MS-CHAPv2View AnswerAnswer: B,C,E Explanation: The ASA supports TACACS+ server authentication with the following protocols: ASCII, PAP, CHAP, and MS- CHAPv1. Source: http://www.cisco.com/c/en/us/td/docs/security/asa/asa91/configuration/general/asa_91_general_c onfig/ aaa_tacacs.pdf
Which statement about Cisco ACS authentication and authorization is true?
Which statement about Cisco ACS authentication and authorization is true?A . ACS servers can be clustered to provide scalability.B . ACS can query multiple Active Directory domains.C . ACS uses TACACS to proxy other authentication servers.D . ACS can use only one authorization profile to allow or deny requests.View AnswerAnswer:...
