Refer to the exhibit. Which command was used to generate this output and to show which ports are authenticating with dot1x or mab?
Ashow authentication registrations
Bshow authentication method
Cshow dot1x all
Dshow authentication sessions
Which two capabilities does TAXII support? (Choose two.)
Aexchange
Bpull messaging
Cbinding
Dcorrelation
Emitigating
Which flaw does an attacker leverage when exploiting SQL injection vulnerabilities?
Auser input validation in a web page or web application
BLinux and Windows operating systems
Cdatabase
Dweb page images
Refer to the exhibit. Which command was used to display this output?
Ashow dot1x all
Bshow dot1x
Cshow dot1x all summary
Dshow dot1x interface gi1/0/12
What provides visibility and awareness into what is currently occurring on the network?
ACMX
BWMI
CCisco Prime Infrastructure
DTelemetry
Which two conditions are prerequisites for stateful failover for IPsec? (Choose two.)
AOnly the IKE configuration that is set up on the active device must be duplicated on the standby device; the IPsec configuration is copied automatically.
BThe active and standby devices can run different versions of the Cisco IOS software but must be the same type of device.
CThe IPsec configuration that is set up on the active device must be duplicated on the standby device.
DOnly the IPsec configuration that is set up on the active device must be duplicated on the standby device; the IKE configuration is copied automatically.
EThe active and standby devices must run the same version of the Cisco IOS software and must be the same type of device.
For which two conditions can an endpoint be checked using ISE posture assessment? (Choose two.)
Acomputer identity
BWindows service
Cuser identity
DWindows firewall
Edefault browser
Which policy represents a shared set of features or parameters that define the aspects of a managed device that are likely to be similar to other managed devices in a deployment?
Agroup policy
Baccess control policy
Cdevice management policy
Dplatform settings policy
Which ID store requires that a shadow user be created on Cisco ISE for the admin login to work?
ARSA SecureID
BInternal Database
CActive Directory
DLDAP
Which two kinds of attacks are prevented by multifactor authentication? (Choose two.)
Aphishing
Bbrute force
Cman-in-the-middle
DDDOS
Etear drop
What can be integrated with Cisco Threat Intelligence Director to provide information about security threats, which allows the SOC to proactively automate responses to those threats?
ACisco Umbrella
BExternal Threat Feeds
CCisco Threat Grid
DCisco Stealthwatch
What are the two most commonly used authentication factors in multifactor authentication? (Choose two.)
Abiometric factor
Btime factor
Cconfidentiality factor
Dknowledge factor
Eencryption factor
Which algorithm provides encryption and authentication for data plane communication?
AAES-GCM
BSHA-96
CAES-256
DSHA-384
Which two endpoint measures are used to minimize the chances of falling victim to phishing and social engineering attacks? (Choose two.)
APatch for cross-site scripting.
BPerform backups to the private cloud.
CProtect against input validation and character escapes in the endpoint.
DInstall a spam and virus email filter.
EProtect systems with an up-to-date antimalware program.
Which feature is configured for managed devices in the device platform settings of the Firepower Management Center?
Aquality of service
Btime synchronization
Cnetwork address translations
Dintrusion policy
An MDM provides which two advantages to an organization with regards to device management? (Choose two.)
Aasset inventory management
Ballowed application management
CAD group policy management
Dnetwork device management
Ecritical device management
Under which two circumstances is a CoA issued? (Choose two.)
AA new authentication rule was added to the policy on the Policy Service node.
BAn endpoint is deleted on the Identity Service Engine server.
CA new Identity Source Sequence is created and referenced in the authentication policy.
DAn endpoint is profiled for the first time.
EA new Identity Service Engine server is added to the deployment with the Administration persona.
What is the difference between deceptive phishing and spear phishing?
ADeceptive phishing is an attacked aimed at a specific user in the organization who holds a C-level role.
BA spear phishing campaign is aimed at a specific person versus a group of people.
CSpear phishing is when the attack is aimed at the C-level executives of an organization.
DDeceptive phishing hijacks and manipulates the DNS server of the victim and redirects the user to a false webpage.
An administrator wants to ensure that all endpoints are compliant before users are allowed access on the corporate network. The endpoints must have the corporate antivirus application installed and be running the latest build of Windows 10.
What must the administrator implement to ensure that all devices are compliant before they are allowed on the network?
ACisco Identity Services Engine and AnyConnect Posture module
BCisco Stealthwatch and Cisco Identity Services Engine integration
CCisco ASA firewall with Dynamic Access Policies configured
DCisco Identity Services Engine with PxGrid services enabled
An engineer used a posture check on a Microsoft Windows endpoint and discovered that the MS17-010 patch was not installed, which left the endpoint vulnerable to WannaCry ransomware.
Which two solutions mitigate the risk of this ransomware infection? (Choose two.)
AConfigure a posture policy in Cisco Identity Services Engine to install the MS17-010 patch before allowing access on the network.
BSet up a profiling policy in Cisco Identity Services Engine to check an endpoint patch level before allowing access on the network.
CConfigure a posture policy in Cisco Identity Services Engine to check that an endpoint patch level is met before allowing access on the network.
DConfigure endpoint firewall policies to stop the exploit traffic from being allowed to run and replicate throughout the network.
ESet up a well-defined endpoint patching strategy to ensure that endpoints have critical vulnerabilities patched in a timely fashion.
What are two Detection and Analytics Engines of Cognitive Threat Analytics? (Choose two.)
Adata exfiltration
Bcommand and control communication
Cintelligent proxy
Dsnort
EURL categorization
Refer to the exhibit. Which statement about the authentication protocol used in the configuration is true?
AThe authentication request contains only a password
BThe authentication request contains only a username
CThe authentication and authorization requests are grouped in a single packet.
DThere are separate authentication and authorization request packets.
What is the primary role of the Cisco Email Security Appliance?
AMail Submission Agent
BMail Transfer Agent
CMail Delivery Agent
DMail User Agent
Which two preventive measures are used to control cross-site scripting? (Choose two.)
AEnable client-side scripts on a per-domain basis.
BIncorporate contextual output encoding/escaping.
CDisable cookie inspection in the HTML inspection engine.
DRun untrusted HTML input through an HTML sanitization engine.
ESameSite cookie attribute should not be used.
Which technology must be used to implement secure VPN connectivity among company branches over a private IP cloud with any-to-any scalable connectivity?
Preview
