لا تريد أن تفوت شيئا؟

نصائح اجتياز امتحان الشهادة

آخر أخبار الامتحانات ومعلومات الخصم

برعاية وحديثة من قبل خبرائنا

نعم، أرسل لي النشرة الإخبارية

خذ اختبارات أخرى عبر الإنترنت
السؤال #1
An engineer is trying to securely connect to a router and wants to prevent insecure algorithms from being used. However, the connection is failing. Which action should be taken to accomplish this goal?
A. Generate the RSA key using the crypto key generate rsa command
B. Configure the port using the ip ssh port 22 command
C. Enable the SSH server using the ip ssh server command
D. Disable telnet using the no ip telnet command
عرض الإجابة
اجابة صحيحة: AC
السؤال #2
A user has a device in the network that is receiving too many connection requests from multiple machines. Which type of attack is the device undergoing?
A. SYN flood
B. slowloris
C. phishing
D. pharming
عرض الإجابة
اجابة صحيحة: BD
السؤال #3
Which type of authentication is in use?
A. POP3 authentication
B. SMTP relay server authentication
C. external user and relay mail authentication
D. LDAP authentication for Microsoft Outlook
عرض الإجابة
اجابة صحيحة: C
السؤال #4
An organization is receiving SPAM emails from a known malicious domain. What must be configured in order to prevent the session during the initial TCP communication?
A. Configure the Cisco ESA to reset the TCP connection
B. Configure policies to stop and reject communication
C. Configure the Cisco ESA to drop the malicious emails
D. Configure policies to quarantine malicious emails
عرض الإجابة
اجابة صحيحة: A
السؤال #5
An engineer needs behavioral analysis to detect malicious activity on the hosts, and is configuring the organization’s public cloud to send telemetry using the cloud provider’s mechanisms to a security device. Which mechanism should the engineer configure to accomplish this goal?
A. sFlow
B. NetFlow
C. mirror port
D. VPC flow logs
عرض الإجابة
اجابة صحيحة: B
السؤال #6
Which risk is created when using an Internet browser to access cloud-based service?
A. misconfiguration of Infra, which allows unauthorized access
B. intermittent connection to the cloud connectors
C. vulnerabilities within protocol
D. insecure implementation of API
عرض الإجابة
اجابة صحيحة: D
السؤال #7
An organization is using DHCP Snooping within their network. A user on VLAN 41 on a new switch is complaining that an IP address is not being obtained. Which command should be configured on the switch interface in order to provide the user with network connectivity?
A. ip dhcp snooping limit 41
B. ip dhcp snooping verify mac-address
C. ip dhcp snooping trust
D. ip dhcp snooping vlan 41
عرض الإجابة
اجابة صحيحة: B
السؤال #8
A network administrator configured a site-to-site VPN tunnel between two Cisco IOS routers, and hosts are unable to communicate between two sites of VPN. The network administrator runs the debug crypto isakmp sa command to track VPN status. What is the problem according to this command output?
A. interesting traffic was not applied
B. encryption algorithm mismatch
C. authentication key mismatch
D. hashing algorithm mismatch
عرض الإجابة
اجابة صحيحة: BD
السؤال #9
In which type of attach does the attacker insert their machine between two hosts that are communicating with each other?
A. man-in-the-middle
B. LDAP injection
C. insecure API
D. cross-site scripting
عرض الإجابة
اجابة صحيحة: B
السؤال #10
What is the Cisco API-based broker that helps reduce compromises, application risks, and data breaches in an environment that is not on-premise?
A. Cisco App Dynamics
B. Cisco Cloudlock
C. Cisco Umbrella
D. Cisco AMP
عرض الإجابة
اجابة صحيحة: BE
السؤال #11
Which type of API is being used when a security application notifies a controller within a software-defined network architecture about a specific security threat?
A. southbound API
B. westbound API
C. eastbound API
D. northbound API
عرض الإجابة
اجابة صحيحة: D
السؤال #12
Why is it important to have logical security controls on endpoints even though the users are trained to spot security threats and the network devices already help prevent them?
A. because defense-in-depth stops at the network
B. because human error or insider threats will still exist
C. to prevent theft of the endpoints
D. to expose the endpoint to more threats
عرض الإجابة
اجابة صحيحة: D
السؤال #13
Which product allows Cisco FMC to push security intelligence observable to its sensors from other products?
A. Threat Intelligence Director
B. Encrypted Traffic Analytics
C. Cognitive Threat Analytics
D. Cisco Talos Intelligence
عرض الإجابة
اجابة صحيحة: A
السؤال #14
What must be configured in Cisco ISE to enforce reauthentication of an endpoint session when an endpoint is deleted from an identity group?
A. SNMP probe
B. CoA
C. external identity source
D. posture assessment
عرض الإجابة
اجابة صحيحة: C
السؤال #15
An organization received a large amount of SPAM messages over a short time period. In order to take action on the messages, it must be determined how harmful the messages are and this needs to happen dynamically. What must be configured to accomplish this?
A. Configure the Cisco WSA to modify policies based on the traffic seen
B. Configure the Cisco ESA to modify policies based on the traffic seen
C. Configure the Cisco WSA to receive real-time updates from Talos
D. Configure the Cisco ESA to receive real-time updates from Talos
عرض الإجابة
اجابة صحيحة: S
السؤال #16
An organization is trying to improve their Defense in Depth by blocking malicious destinations prior to a connection being established. The solution must be able to block certain applications from being used within the network. Which product should be used to accomplish this goal?
A. Cisco Firepower
B. Cisco Umbrella
C. ISE
D. AMP
عرض الإجابة
اجابة صحيحة: A
السؤال #17
Traffic is not passing through IPsec site-to-site VPN on the Firepower Threat Defense appliance. What is causing this issue?
A. Site-to-site VPN preshared keys are mismatched
B. Site-to-site VPN peers are using different encryption algorithms
C. No split-tunnel policy is defined on the Firepower Threat Defense appliance
D. The access control policy is not allowing VPN traffic in
عرض الإجابة
اجابة صحيحة: D
السؤال #18
An organization is implementing URL blocking using Cisco Umbrella. The users are able to go to some sites but other sites are not accessible due to an error. Why is the error occurring?
A. Client computers do not have an SSL certificate deployed from an internal CA server
B. Client computers do not have the Cisco Umbrella Root CA certificate installed
C. IP-Layer Enforcement is not configured
D. Intelligent proxy and SSL decryption is disabled in the policy
عرض الإجابة
اجابة صحيحة: C
السؤال #19
An organization has two machines hosting web applications. Machine 1 is vulnerable to SQL injection while machine 2 is vulnerable to buffer overflows. What action would allow the attacker to gain access to machine 1 but not machine 2?
A. sniffing the packets between the two hosts
B. sending continuous pings
C. overflowing the buffer’s memory
D. inserting malicious commands into the database
عرض الإجابة
اجابة صحيحة: AB
السؤال #20
An attacker needs to perform reconnaissance on a target system to help gain access to it. The system has weak passwords, no encryption on the VPN links, and software bugs on the system’s applications. Which vulnerability allows the attacker to see the passwords being transmitted in clear text?
A. unencrypted links for traffic
B. weak passwords for authentication
C. improper file security
D. software bugs on applications
عرض الإجابة
اجابة صحيحة: D

عرض الإجابات بعد التقديم

يرجى إرسال البريد الإلكتروني الخاص بك والواتس اب للحصول على إجابات الأسئلة.

ملحوظة: يرجى التأكد من صلاحية معرف البريد الإلكتروني وWhatsApp حتى تتمكن من الحصول على نتائج الاختبار الصحيحة.

بريد إلكتروني:
رقم الواتس اب/الهاتف:


Copyright © 2024. Designer by SPOTO Official Website. All Rights Reserved.