- All Exams Instant Download
Which port configuration is missing?
Refer to the exhibit. An engineer configured wired 802.1x on the network and is unable to get a laptop to authenticate. Which port configuration is missing?A . authentication open B. dotlx reauthentication C. cisp enable D. dot1x pae authenticatorView AnswerAnswer: D
Which two preventive measures are used to control cross-site scripting? (Choose two)
Which two preventive measures are used to control cross-site scripting? (Choose two)A . Enable client-side scripts on a per-domain basis. B. Incorporate contextual output encoding/escaping. C. Disable cookie inspection in the HTML inspection engine. D. Run untrusted HTML input through an HTML sanitization engine. E. Same Site cookie attribute should...
What are the two most commonly used authentication factors in multifactor authentication? (Choose two)
What are the two most commonly used authentication factors in multifactor authentication? (Choose two)A . biometric factor B. time factor C. confidentiality factor D. knowledge factor E. encryption factorView AnswerAnswer: A,D Explanation: Reference: https://www.cisco.com/c/en/us/products/security/what-is-multi-factor-authentication.html The two most popular authentication factors are knowledge and inherent (including biometrics like fingerprint, face, and...
Why would a user choose an on-premises ESA versus the CES solution?
Why would a user choose an on-premises ESA versus the CES solution?A . Sensitive data must remain onsite. B. Demand is unpredictable. C. The server team wants to outsource this service. D. ESA is deployed inline.View AnswerAnswer: A
What are two reasons for implementing a multifactor authentication solution such as Duo Security provide to an organization? (Choose two)
What are two reasons for implementing a multifactor authentication solution such as Duo Security provide to an organization? (Choose two)A . flexibility of different methods of 2FA such as phone callbacks, SMS passcodes, and push notifications B. single sign-on access to on-premises and cloud applications C. integration with 802.1x security...
Which IPS engine detects ARP spoofing?
Which IPS engine detects ARP spoofing?A . Atomic ARP Engine B. Service Generic Engine C. ARP Inspection Engine D. AIC EngineView AnswerAnswer: A
What is a required prerequisite to enable malware file scanning for the Secure Internet Gateway?
What is a required prerequisite to enable malware file scanning for the Secure Internet Gateway?A . Enable IP Layer enforcement. B. Activate the Advanced Malware Protection license C. Activate SSL decryption. D. Enable Intelligent Proxy.View AnswerAnswer: D
What are two list types within AMP for Endpoints Outbreak Control? (Choose two)
What are two list types within AMP for Endpoints Outbreak Control? (Choose two)A . blocked ports B. simple custom detections C. command and control D. allowed applications E. URLView AnswerAnswer: B,D Explanation: Advanced Malware Protection (AMP) for Endpoints offers a variety of lists, referred to as Outbreak Control, that allow...
How is DNS tunneling used to exfiltrate data out of a corporate network?
How is DNS tunneling used to exfiltrate data out of a corporate network?A . It corrupts DNS servers by replacing the actual IP address with a rogue address to collect information or start other attacks. B. It encodes the payload with random characters that are broken into short strings and...
What is the function of Cisco Cloudlock for data security?
What is the function of Cisco Cloudlock for data security?A . data loss prevention B. controls malicious cloud apps C. detects anomalies D. user and entity behavior analyticsView AnswerAnswer: A
