Cisco 300-745 - Designing Cisco Security Infrastructure Exam
Page: 1 / 13
Total 61 questions
Question #1 (Topic: Topic 1, Secure Infrastructure
)
A restaurant distribution center recently suffered a password spray attack targeting the Cisco Secure Firepower Threat Defense VPN headend. The attack attempts to gain unauthorized access by trying common passwords across many accounts. The attack poses a significant security threat to the organization’s remote access infrastructure. To enhance the security of VPN setup and minimize the risk of similar attacks in the future, the IT security team must implement effective mitigation measures. Which technique effectively reduces the risk of this type of attack?
A. Implement an access list to block addresses from the previous password spray attack.
B. Disable group aliases in the connection profiles.
C. Change the AAA authentication method from RADIUS to TACACS+.
D. Enable AAA authentication for the DefaultWEBVPN and DefaultRAGroup Connection Profiles.
Answer: D
Question #2 (Topic: Topic 1, Secure Infrastructure
)
A software development company uses multiple cloud providers to host the applications. The company is designing a scalable firewall solution that must meet the requirements:
Consistent security policies across multiple cloud environments.
Centralized visibility and management.
Scalability to accommodate different cloud platforms.
Which type of firewall meets the requirements?
Consistent security policies across multiple cloud environments.
Centralized visibility and management.
Scalability to accommodate different cloud platforms.
Which type of firewall meets the requirements?
A. traditional firewall
B. zone-based firewall
C. distributed firewall
D. host-based firewall
Answer: C
Question #3 (Topic: Topic 1, Secure Infrastructure
)
A video game company identified a potential threat of a SYN flood attack, which could disrupt the online gaming services and impact user experience. The attack can overwhelm network resources by exploiting the TCP handshake process, leading to server unavailability and degraded performance. To safeguard the company's infrastructure and ensure uninterrupted service, it is essential to enhance the security measures in place. The company must implement a solution that manages and mitigates the risk of such network-based attacks. Which security product must be implemented to mitigate similar risks?
A. Cisco Web Security Appliance
B. Cisco Umbrella
C. Cisco Secure Endpoint
D. Cisco Secure Firewall
Answer: D
Question #4 (Topic: Topic 1, Secure Infrastructure
)
A legal services company wants to prevent remote employees from accessing personal email and social media accounts while using corporate laptops. Which security solution enforces the policy?
A. Cisco TrustSec
B. RADIUS server
C. Cisco Umbrella
D. network monitoring tool
Answer: C
Question #5 (Topic: Topic 1, Secure Infrastructure
)
A developer company recently made a contract with new customer in the financial space. The customer has multiple remote sites and requires a VPN solution with the highest encryption. Which protocol must be used in IPsec Phase 2?
A. ESP
B. ISAKMP
C. SD-WAN
D. IKE
Answer: A
