Enterprise Networks Core and WAN v1.0 (500-452)

Page:    1 / 6   
Total 88 questions

On what is the Cisco security approach based?

  • A. attack lifecycle
  • B. first-hop security
  • C. the inability of cyber criminals to exploit zero-day vulnerabilities
  • D. deployment of traditional security architecture that eliminates cyber threats within a campus or branch


Answer : A

Along with IPsec, strict access lists, and CWS, what should you include when using a direct Internet connection as part of your Cisco IWAN security solution?

  • A. zone-based firewalls
  • B. nothing
  • C. white lists
  • D. third-party firewalls


Answer : A

Which cloud-based SAAS solution provides industry-leading security and control for the distributed enterprise?

  • A. Cisco CWS
  • B. LiveAction
  • C. Glue Networks
  • D. Microsoft Forefront


Answer : A

What is one way to implement security consistently across hub-and-spoke routers?

  • A. FVRF
  • B. VRF
  • C. ACL
  • D. RIPv4


Answer : A

What is integrated into Cisco ISR G2 router platforms?

  • A. Cisco CWS license
  • B. ScanCenter portal
  • C. Cisco CWS connector
  • D. Cisco CWS tower


Answer : C

Which URL is used to verify that Cisco CWS is working as configured?

  • A. http://whoami.scansafe.net/
  • B. http://whoami.cws.net/
  • C. http://verify.scansafe.net/
  • D. http://verify.cws.net/


Answer : A

What can be used to replace static ACLs on Internet-facing interfaces?

  • A. dynamic ACLs
  • B. service provider firewalls
  • C. VPNs
  • D. zone-based firewalls


Answer : D

Which route is needed in the global table for internal users to access the Internet?

  • A. route to the service provider
  • B. route to the internal DNS server
  • C. default route
  • D. static route to Internet web sites


Answer : C

What are the two simplest methods to give guest users access to the Internet? (Choose two.)

  • A. public DNS service
  • B. Cisco CWS tower
  • C. private DNS service
  • D. private CWS tower
  • E. FVRF for guest UIs


Answer : AE

Which unique feature of TrustSec is used for end-to-end security policy control?

  • A. zoning
  • B. mapping
  • C. masking
  • D. tagging


Answer : D

How is a TrustSec tag used with a site-to-site VPN?

  • A. by being passed separately along with packet
  • B. by being preserved in the GRE/IPsec VPN header
  • C. by being marked as a TrustSec packet
  • D. by being added to the data packet


Answer : B

What alternative exists for propagating SGTs when network devices do not have hardware support for TrustSec?

  • A. SXP
  • B. SGACL
  • C. Cisco Discovery Protocol
  • D. TrustSec Exchange Protocol


Answer : A

Cisco Threat Defense is based on which product?

  • A. Adaptive Security Appliance
  • B. Lancope StealthWatch
  • C. Plixer Scrutinizer
  • D. SoftPerfect Network Scanner


Answer : B

Which type of data and analyses does Cisco Threat Defense collect to establish behavior baselines?

  • A. raw
  • B. NetFlow
  • C. NBAR2
  • D. LAN Manager


Answer : B

What should you do to all three planes of the Cisco IOS router?

  • A. leave them at the default settings, to provide best functionality
  • B. protect them with an antivirus solution
  • C. harden them, using Cisco Guide to Harden Cisco IOS Devices
  • D. verify them, using the Cisco IOS verification tool


Answer : C

Page:    1 / 6   
Total 88 questions