Drag and drop the capabilities of Cisco Firepower versus Cisco AMP from the left into the appropriate category on the right.
A Cisco ESA administrator has been tasked with configuring the Cisco ESA to ensure there are no viruses before quarantined emails are delivered. In addition, delivery of mail from known bad mail servers must be prevented. Which two actions must be taken in order to meet these requirements? (Choose two)
An administrator is trying to determine which applications are being used in the network but does not want the
network devices to send metadata to Cisco Firepower. Which feature should be used to accomplish this?
What is the role of an endpoint in protecting a user from a phishing attack?
When configuring ISAKMP for IKEv1 Phase1 on a Cisco IOS router, an administrator needs to input the
command crypto isakmp key cisco address 0.0.0.0. The administrator is not sure what the IP addressing in this command issued for. What would be the effect of changing the IP address from 0.0.0.0 to 1.2.3.4?
After a recent breach, an organization determined that phishing was used to gain initial access to the network before regaining persistence. The information gained from the phishing attack was a result of users visiting known malicious websites. What must be done in order to prevent this from happening in the future?
An attacker needs to perform reconnaissance on a target system to help gain access to it. The system has weak passwords, no encryption on the VPN links, and software bugs on the system’s applications. Which
vulnerability allows the attacker to see the passwords being transmitted in clear text?
An organization has a Cisco Stealthwatch Cloud deployment in their environment. Cloud logging is working as expected, but logs are not being received from the on-premise network, what action will resolve this issue?
What is the Cisco API-based broker that helps reduce compromises, application risks, and data breaches in an environment that is not on-premise?
Which cloud model is a collaborative effort where infrastructure is shared and jointly accessed by several
organizations from a specific group?
An engineer needs a cloud solution that will monitor traffic, create incidents based on events, and integrate with
other cloud solutions via an API. Which solution should be used to accomplish this goal?
A network administrator is configuring a switch to use Cisco ISE for 802.1X. An endpoint is failing
authentication and is unable to access the network. Where should the administrator begin troubleshooting to verify the authentication details?
What is the difference between Cross-site Scripting and SQL Injection, attacks?
A network administrator is configuring a rule in an access control policy to block certain URLs and selects the “Chat and Instant Messaging” category. Which reputation score should be selected to accomplish this goal?
What is a required prerequisite to enable malware file scanning for the Secure Internet Gateway?
Which cryptographic process provides origin confidentiality, integrity, and origin authentication for packets?
Which action controls the amount of URI text that is stored in Cisco WSA logs files?
In which two ways does a system administrator send web traffic transparently to the Web Security Appliance?
(Choose two)
Refer to the exhibit.
An engineer configured wired 802.1x on the network and is unable to get a laptop to authenticate. Which port configuration is missing?
An engineer used a posture check on a Microsoft Windows endpoint and discovered that the MS17-010 patch
was not installed, which left the endpoint vulnerable to WannaCry ransomware. Which two solutions mitigate
the risk of this ransom ware infection? (Choose two)
Which two prevention techniques are used to mitigate SQL injection attacks? (Choose two)
Which technology is used to improve web traffic performance by proxy caching?
Which two preventive measures are used to control cross-site scripting? (Choose two)
Which protocol provides the strongest throughput performance when using Cisco AnyConnect VPN?
Which two tasks allow NetFlow on a Cisco ASA 5500 Series firewall? (Choose two)
Which two statements about a Cisco WSA configured in Transparent mode are true? (Choose two)
Which PKI enrollment method allows the user to separate authentication and enrollment actions and also
provides an option to specify HTTP/TFTP commands to perform file retrieval from the server?
Which two request of REST API are valid on the Cisco ASA Platform? (Choose two)
When using Cisco AMP for Networks which feature copies a file to the Cisco AMP cloud for analysis?
An engineer is trying to securely connect to a router and wants to prevent insecure algorithms from being used.
However, the connection is failing. Which action should be taken to accomplish this goal?
When wired 802.1X authentication is implemented, which two components are required? (Choose two)
Which two endpoint measures are used to minimize the chances of falling victim to phishing and social
engineering attacks? (Choose two)
Which Cisco security solution protects remote users against phishing attacks when they are not connected to
the VPN?
Which exfiltration method does an attacker use to hide and encode data inside DNS requests and queries?
Which SNMPv3 configuration must be used to support the strongest security possible?
An organization uses Cisco FMC to centrally manage multiple Cisco FTD devices. The default management
port conflicts with other communications on the network and must be changed. What must be done to ensure
that all devices can communicate together?
An engineer must force an endpoint to re-authenticate an already authenticated session without disrupting the
endpoint to apply a new or updated policy from ISE. Which CoA type achieves this goal?
An engineer enabled SSL decryption for Cisco Umbrella intelligent proxy and needs to ensure that traffic is inspected without alerting end-users. Which action accomplishes this goal?
Which CLI command is used to enable URL filtering support for shortened URLs on the Cisco ESA?
Which Cisco platform provides an agentless solution to provide visibility across the network including encrypted traffic analytics to detect malware in encrypted traffic without the need for decryption?
A small organization needs to reduce the VPN bandwidth load on their headend Cisco ASA in order to
ensure that bandwidth is available for VPN users needing access to corporate resources on the10.0.0.0/24 local HQ network. How is this accomplished without adding additional devices to the
network?
Which type of data does the Cisco Stealthwatch system collect and analyze from routers, switches, and firewalls?
What are two characteristics of the RESTful architecture used within Cisco DNA Center? (Choose two.)
A company discovered an attack propagating through their network via a file. A custom file policy was created in order to track this in the future and ensure no other endpoints execute the infected file. In addition, it was discovered during testing that the scans are not detecting the file as an indicator of compromise. What must be done in order to ensure that the created is functioning as it should?
What is the most common type of data exfiltration that organizations currently experience?
How does Cisco Umbrella protect clients when they operate outside of the corporate network?
Which technology provides a combination of endpoint protection endpoint detection, and response?
A large organization wants to deploy a security appliance in the public cloud to form a site-to-site VPN
and link the public cloud environment to the private cloud in the headquarters data center. Which Cisco
security appliance meets these requirements?
Which endpoint protection and detection feature performs correlation of telemetry, files, and intrusion
events that are flagged as possible active breaches?
Which open source tool does Cisco use to create graphical visualizations of network telemetry on Cisco IOS XE devices?
A network engineer must migrate a Cisco WSA virtual appliance from one physical host to another physical host by using VMware vMotion. What is a requirement for both physical hosts?
Which Cisco platform processes behavior baselines, monitors for deviations, and reviews for malicious processes in data center traffic and servers while performing software vulnerability detection?
A network security engineer must export packet captures from the Cisco FMC web browser while troubleshooting an issue. When navigating to the address https://
An administrator is configuring N I P on Cisco ASA via ASDM and needs to ensure that rogue NTP servers cannot insert themselves as the authoritative time source Which two steps must be taken to accomplish this task? (Choose two)
Which cloud service offering allows customers to access a web application that is being hosted, managed, and maintained by a cloud service provider?
Which DevSecOps implementation process gives a weekly or daily update instead of monthly or quarterly in the applications?
An engineer adds a custom detection policy to a Cisco AMP deployment and encounters issues with the
configuration. The simple detection mechanism is configured, but the dashboard indicates that the hash is not 64 characters and is non-zero. What is the issue?