Regarding the following figure, which two statements are true? (Choose two.) Tools such as OSSEC, Bro, and syslog-ng produce flat files with one log entry per line and are largely…
Who is required to protect the company's information assets? chief executive officer chief information officer chief financial officer chief technical officer everyone in the company Explanation & Hint: The correct…
The Cisco SecureX platform does not integrate with which part of an organization's network? endpoints network traffic optical transceivers data centers cloud-based applications Explanation & Hint: The Cisco SecureX platform is designed…
What is a simple and effective way to correlate events? different TCP destination ports different TCP source ports same alert timestamp same alert severity level same IP 5-tuple Explanation &…
In NSM data types, which two statements describe full packet capture and extracted content? (Choose two.) Extracted content records all the network traffic at some particular locations in the network.…
Which three options are tools that can perform packet captures? (Choose three.) Wireshark ELSA Sguil Squirt Tshark tcpdump Explanation & Hint: Three tools from the provided list that can perform…
Match the example NSM data to the associated NSM data type. extracted content ==> PDF file full packet capture ==> PCAP file metadata ==> DNS query and response transaction data ==> reputation statistical data…
According to the following figure, which three statements are true? (Choose three.) The destination port is associated with the HTTPS protocol. The source and destination IP addresses are private IP…
Which statement is correct about the Cisco Secure Firewall Threat Defense IPS functionality? Can be deployed as as IDS or IPS. Can drop malicious packets when deployed in IDS mode.…
You are currently configuring and tuning a new IPS on your development network. You have confirmed that traffic to and from the internet is being inspected by the IPS, but…
Which Cisco Umbrella feature provides content filtering by category or specific URLs to block destinations that violate policies or compliance regulations? DNS Layer Security (DLS) Cloud Access Security Broker (CASB)…
Which three of the followings are major categories of Snort rule options? (Choose three.) General Payload Protocol Operator Postdetection Explanation & Hint: The major categories of Snort rule options can…
Which two of the following are true statements about the Snort detection system? (Choose two.) Source code became proprietary after the Cisco acquisition. It is an anomaly-based intrusion system. The…
Which statement is true regarding Cisco Cloud-Delivered Firewall? Cisco Cloud-Delivered Firewall is supported by constructing a GRE tunnel between the on-premise network device and the Cisco Umbrella cloud. Cisco Cloud-Delivered…
What is checked when the Snort engine starts up? Snort log files for any Snort processes errors. Syntax of all the Snort rules in the Snort rules file. Version of…
What best describes a DoS attack? attempts to consume all of a critical computer or network resource in order to make it unavailable for valid use poses as legitimate software…
Which two attacks can be caused by a rogue DHCP server? (Choose two.) Trojan virus Compromised-Key DoS TCP SYN flood MITM Explanation & Hint: Two attacks that can be caused…
Which two are software vulnerability scanners? (Choose two.) VmStat Nessus fingerprint open VAS Explanation & Hint: Two examples of software vulnerability scanners are: Nessus Nessus is a widely known and…
What best describes an attack vector? the resolution of an attack a path, method, or route by which an attack was carried out the result of, or damage from, an…
What two are examples of UDP-based attacks? (Choose two.) SYN flood SQL slammer UDP flooding MAC address flooding Explanation & Hint: Two examples of UDP (User Datagram Protocol) based attacks…