Which option best describes RPL?
Which option best describes RPL? A. RPL stands for Routing over low priority links that use distance vector DOGAG to determine the best route between two border routes B. RPL
Which two options are unicast address types for IPv6 addressing? (Choose two.) A. link-local B. established C. global D. dynamic E. static Correct Answer: AC
Which two statements about NetFlow Secure Event Logging on a Cisco ASA are true? (Choose two) A. It tracks configured collectors over TCP. B. It is supported only in single-context
In which type of multicast does the Cisco ASA forward IGMP messages to the upstream router? A. clustering B. PIM multicast routing C. stub multicast routing D. multicast group concept
Which type of attack uses a large number of spoofed MAC addresses to emulate wireless clients? A. chopchop attack B. DoS against an access point C. authentication-failure attack D. Airsnarf
Which two options are normal functionalities for ICMP? (Choose two.) A. host detection B. packet filtering C. relaying traffic statistics to applications D. path MTU discovery E. port scanning F.
Which two statement about ping flood attacks are true? (Choose two.) A. They attack by sending ping requests to the return address of the network. B. They use ICMP packets.
Which command on Cisco ASA you can enter to send debug messages to a syslog server? A. logging debug-trace B. logging host C. logging traps D. logging syslog Correct Answer:
Which two design options are best to reduce security concerns when adopting loT into an organization? (Choose tow.) A. Ensure that application can gather and analyze data at the edge.
Which command is used to enable 802.1x authorization on an interface? A. authentication open B. aaa authentication auth-proxy default C. authentication control-direction both D. aaa authentication network default group tacacs+
Which three VSA attributes are present in a RADIUS WIAN Access-Accept packet? (Choose three) A. Tunnel-Private-Group-ID B. Tunnel-Type C. SSID D. EAP-Message E. LEAP Session-Key F. Authorization-Algorithm-Type Correct Answer: CEF
Which feature does Cisco VSG use to redirect traffic in a Cisco Nexus 1000V Series Switch? A. VEM B. vPath C. VDC D. VPC Correct Answer: B
Which three transports have been define for SNMPv3? (Choose three.) A. SSL B. TLS C. GET D. SSH E. IPsec secure tunnel F. DTLS Correct Answer: ABF
Which Cisco ISE profiler service probe can collect information about Cisco Discovery Protocol? A. DHCP SPAN B. RADIUS C. SNMP Query D. NetFlow E. HTTP F. DHCP Correct Answer: C
Which three ISAKMP SA Message States can be output from the device that initiated an IPSec tunnel? (Choose three.) A. MM_WAIT_MSG4 B. MM_WAIT_MSG2 C. MM_WAIT_MSG5 D. MM_WAIT_MSG6 E. MM_WAIT_MSG1 F.
Which command sequence do you enter to add the host 10.2.1.0 to the CISCO object group? A. object network CISCO Network-object object 10.2.1.0 B. Object-group network CISCO group-object 10.2.1.0 C.
A new computer is not getting its IPv6 address assigned by the router. While running WireShark to troubleshoot the problem, you find a lot of data that is not helpful
Which command is required for bonnet filter on Cisco aASA to function properly? A. dynamic-filter inspect tcp/80 B. dynamic-filter whitelist C. inspect botnet D. inspect dns dynamic-filter-snoop Correct Answer: D
Which best practice can limit inbound TTL expiry attacks? A. Setting the TTL value to more than the longest path in the network B. Setting the TTL value to zero
What are the major components of a Firepower health monitor alert? A. A health monitor, one or more alert responses, and a remediation policy B. One or more health modules,
Which two statements about a wireless access point configured with the guest-mode command are true? (Choose two) A. If one device on a network is configured in guest mode, clients
Which two statements about Cisco AMP for Web Security are true? (Choose two) A. It can detect and block malware and other anomalous traffic before it passes through the Web
Which four task items need to be performed for an effective risk assessment and to evaluate network posture? (Choose four) A. Scanning B. Mitigation C. Baselining D. Profiling E. Notification
Which two statements about MPP (Management Plane protection. Are true? (Choose two) A. It is supported on both distributed and hardware-switched platforms B. Only virtual interfaces associated with physical interfaces
Which connection mechanism does the eSTREAMER service use to communicate? A. SSH B. IPsec tunnels with 3DES encryption only C. TCP over SSL only D. EAP-TLS tunnels E. TCP with
Which two statements about 6to4 tunneling are true? A. It provides a /48 address block B. The prefix address of the tunnel is determined by the IPv6 configuration to the
Which statement about managing Cisco ISE Guest Services is true? A. Only a Super Admin or System Admin can delete the default Sponsor portal B. ISE administrators can view and
Which statement about deployment policies with the Firepower Management Center is true? A. The global domain can deploy changes to individuals subdomains B. The leaf domain can deploy changes to
Which direct of the crypto key encrypt write rsa command on a router is true ? A. The device saves the unlocked encrypted key to the NVRAM B. The device
When applying MD5 route authentication on routers running RIP or EIGRP, which two important key chain considerations should be accounted for ? (Choose two) A. Key 0 of all key
What are three technologies that can be used to trace the source of an attack in a network environment with multiple exit/entry points? (Choose three) A. Remotely-triggered destination-based black holing
Which are the three scanning engines that the Cisco IronPort dynamic vectoring and streaming engine can use to protect against malware? (Choose three) A. Symantec B. McAfee C. F-Secure D.
Which statement about MDM with the Cisco ISE is true? A. The MDM’s server certificate must be imported into the Cisco ISE Certificate Store before the MDM and ISE can
Which of these command sequences will send an email to email@example.com using SMTP? A. MAIL FROM: RCPT TO: < firstname.lastname@example.org> MESSAGE B. MAIL FROM: RCPT TO: < email@example.com> DATA C.
Which statement about the Cisco AMP Virtual Private Cloud Appliance is true for deployments in air-gape mode? A. The appliance can perform disposition lookup against either the Protect DB or
What are two important guidelines to follow when implementing VTP? (Choose two) A. Enabling VTP pruning on a server will enable the feature for the entire management domain B. When
Which type of header attack is detected by Cisco ASA threat detection? A. failed application inspection B. connection limit exceeded C. bad packet format D. denial by access list Correct
What SNMPv3 command disables descriptive error message? A. snmp-server usm cisco B. snmp-server inform C. snmp-server infindex persist D. snmp-server trap link switchover Correct Answer: A