Get Full Version of the Exam Question No.131Which command is required for bonnet filter on Cisco ASA to function properly?dynamic-filter inspect tcp /80dynamic-filter whitelistinspect botnetinspect dns dynamic-filter-snoopCorrect Answer: D Question No.132Which host attributes can be assigned in compliance white list?Verified unverified and complaintVerified and unverifiedVerified, unverified and evaluatedComplaint, noncompliant and not evaluatedComplaint and Read more [...]
Get Full Version of the Exam Question No.121Which two statements about the Cisco FireAMP solution are true? (Choose two.)It can perform dynamic analysis in the Fire AMP Private Cloud.The FireAMP Connector can detect malware in network traffic and when files are downloaded.The FireAMP Private Cloud provides an on-premises option for file disposition lookups and retrospect generation.The FireAMP Connector is compatible with antivirus software on the endpoint, Read more [...]
Get Full Version of the Exam Question No.111Which two options are open-source SDN controllers? (choose two)OpendaylightBig Cloud FabricApplication Policy Infrastructure ControllerOpenContrailVirtual Application Networks SDN ControllerCorrect Answer: AD Question No.112A customer is developing a strategy to deal with Wanna Cry variants that defect sandboxing attempts and mask their present analyzed. Which four mechanisms can be used in this strategy?Employ a Read more [...]
Get Full Version of the Exam Question No.101Refer to the exhibit. Which type of packet can trigger the rate hmrter m the given configurator?Only DSCP 8000 packetsOnly DSCP 1 packetsOnly DSCP 1500 packetsDSCP 1, 1500, 3000, and 8000 packetsOnly DSCP 3000 packetsCorrect Answer: A Question No.102Refer to the exhibit. Customer has opened a case with Cisco TAC reporting issue client supposed to login to the network using MAB is no longer able to access a Looking Read more [...]
Get Full Version of the Exam Question No.91Which two options are benefits of the Cisco ASA transparent firewall mode? (Choose two)It can establish routing adjacencies.It can perform dynamic routing.It can be added to an existing network without significant reconfiguration.It supports extended ACLs to allow Layer 3 traffic to pass from higher to lower security interfaces.It provides SSL VPN support.Correct Answer: CD Question No.92Refer to the exhibit. What Read more [...]
Get Full Version of the Exam Question No.81Which statement about MDM with the Cisco ISE is true?The MDM#39;s server certificate must be imported into the Cisco ISE Certificate Store before the MDM and ISE can establish a connection.MDM servers can generate custom ACLs for the Cisco ISE to apply to network devices.The Cisco ISE supports a built-in list of MDM dictionary attributes it can use in authorization policies.The Cisco ISE supports limited built-in Read more [...]
Get Full Version of the Exam Question No.71Refer to the exhibit. Which data format is used in this script?JSONYANGAPIXMLJavaScriptCorrect Answer: D Question No.72Which command sequence do you enter to add the host to the CISCO object group?object-group network CISCO group-object network CISCO network-object object network CISCO network-object host network CISCO group-object Answer: Read more [...]
Get Full Version of the Exam Question No.61Which two statements about ping flood attacks are true? (Choose two.)They attack by sending ping requests to the broadcast address of the network.They use SYN packets.The attack is intended to overwhelm the CPU of the target victim.They use UDP packets.They use ICMP packets.They attack by sending ping requests to the return address of the network.Correct Answer: CE Question No.62What are two features that helps to Read more [...]
Get Full Version of the Exam Question No.51In a Cisco ASA multiple-context mode of operation configuration, what three session types are resourcelimited by default when their context is a member of the default class? (Choose three.)SSL VPN sessionsTelnet sessionsTCP sessionIPSec sessionsASDM sessionsSSH sessionsCorrect Answer: BDF Question No.52Refer to the exhibit. What are two effects of the given configuration? (Choose two.)It enables the ASA to download Read more [...]
Get Full Version of the Exam Question No.41Which two characteristics of DTLS are true? (Choose two.)It supports long data transfers and connectionless data transfers.It includes a retransmission method because it uses an unreliable datagram transport.It includes a congestion control mechanism.It is used mostly by applications that use application layer object-security protocols.It completes key negotiation and bulk data transfer over a single channel.It cannot Read more [...]
Get Full Version of the Exam Question No.31Refer to the exhibit. Which effect of this configuration is true?If the RADIUS server is unreachable, SSH users cannot authenticate.Users must be in the RADIUS server to access the serial console.Users accessing the device via SSH and those accessing enable mode are authenticated against the RADIUS serverAll commands are validated by the RADIUS server before the device executes them.Only SSH users are authenticated Read more [...]