Which of the following statements is not true regarding DAI? A. It considers all ports as untrusted by default. B. It does not perform packet validation on trusted interfaces. C. It intercepts both ARP requests and responses. D. It performs both ingress and egress packet validation. E. It uses DHCP snooping to dynamically populate its […]

Which of the following statements are true regarding Cisco Hybrid Email Security? (Choose three.) A. Antivirus is handled at the gateway. B. Mail that is filtered by policy is centrally quarantined. C. Spam is centrally quarantined. D. DLP is handled in the cloud. E. Antispam is handled at the gateway. Explanation: Antispam and antivirus is […]

Which of the following statements is true regarding the dot1x system-auth-control command? A. It enables 802.1X authentication on a single interface. B. It is used to prepare a single port to accept traffic from multiple hosts. C. It restores the default 802.1X parameters on the device. D. It enables 802.1X authentication globally. Explanation: The dot1x […]

Which of the following is an advantage of FlexVPN over DMVPN? A. FlexVPN supports IKEv1. B. LIexVPN supports NHRP. C. FlexVPN can be tunneled over a public transport network. D. FlexVPN supports IKEv2. E. FlexVPN works with Cisco and non-Cisco devices. Explanation: FlexVPN works with Cisco and non-Cisco devices. By contrast, Dynamic Multipoint Virtual Private […]

How many management interfaces are required in order to launch FTDv in an AWS deployment? A. 2 B. 1 C. 4 D. 0 Explanation: In an Amazon Web Services (AWS) deployment, Cisco Firepower Threat Defense Virtual (FTDv) requires two management interfaces in order to launch. FTDv is a Cisco Next-Generation Firewall Virtual (NGFWv) appliance that […]

Which of the following applications is used by ISE to detect new endpoints on a subnet? A. Nessus B. Nmap C. Wireshark D. Snort Explanation: Cisco Identity Services Engine (ISE) uses Nmap to detect new endpoints on a subnet. ISE is a next-generation Authentication, Authorization, and Accounting (AAA) platform with integrated posture assessment, network access […]

Which of the following is an example of a spear phishing attack? A. An attacker sends an email that appears to be from a bank to a large group of people asking the recipients to log in to a website and provide their phone numbers. B. An attacker poses as an IT employee and sends […]

Which of the following is not an attribute on which an ISE MDM policy can be based? A. the revision of the OS B. the status of the PIN lock configuration C. the jailbreak status of the OS D. the encryption status of the disk E. the status of the Bluetooth interface Explanation: The status […]

Which of the following best describes a RAT? A. an email server B. a component that delivers email messages to a user’s inbox C. a list of rules that control which senders can connect to a listener D. a list of recipients for which email will be accepted E. an email client F. a component […]

Which of the following statements is true regarding NSEL on a Cisco ASA? A. You cannot configure NSEL if the ASA is operating in multiple context mode. B. IP address and host name assignments are not required to be unique throughout the NetFlow configuration. C. You cannot configure NSEL if the ASA is operating in […]