What is a difference between an XSS attack and an SQL injection attack?
Answer : D
What is a difference between a DoS attack and DDos attack?
Answer : D
What are two advantages of using Cisco AnyConnect over DMVPN? (Choose two.)
Answer : BE
Cisco Anyconnect is a Remote access VPN client based solution where users can install the client on their machines and can connect to the respective VPN devices (ASA/FTD/Router). In order to secure connectivity for Anyconnect Users, one can also create custom access policies to ensure proper conditions are met before access is granted to the VPN user.
What is the difference between a vulnerability and an exploit?
Answer : A
Reference:
https://debricked.com/blog/what-is-security-weakness/#:~:text=A%20vulnerability%20is%20a%20weakness,when%20it%20can%20be%
20exploited.&text=This%20is%20a%20%E2%80%9Ccommunity%2Ddeveloped,of%20common%20software%20security%20weaknesses%E2%80%9D
.
What is the term for having information about threats and threat actors that helps mitigate harmful events that would otherwise compromise networks or systems?
Answer : A
Reference:
https://en.wikipedia.org/wiki/Cyber_threat_intelligence
Refer to the exhibit. An engineer is implementing a certificate based VPN. What is the result of the existing configuration?
Answer : B
Which kind of API that is used with Cisco DNA Center provisions SSIDs, QoS policies, and update software versions on switches?
Answer : B
Cisco is moving towards intent based networking and DNA center is a new addition to the solution offerings from Cisco.
A network engineer needs to select a VPN type that provides the most stringent security, multiple security associations for the connections, and efficient VPN establishment with the least bandwidth consumption. Why should the engineer select either FlexVPN or DMVPN for this environment?
Answer : D
Reference:
https://www.cisco.com/c/en/us/td/docs/ios-xml/ios/sec_conn_ike2vpn/configuration/xe-16-12/sec-flex-vpn-xe-16-12-book/sec-cfg-flex-serv.html
Refer to the exhibit. Which command was used to generate this output and to show which ports are authenticating with dot1x or mab?
Answer : D
Refer to the exhibit. What does the number 15 represent in this configuration?
Answer : B
What is the result of running the crypto isakmp key ciscXXXXXXXX address 172.16.0.0 command?
Answer : B
Reference:
https://www.cisco.com/c/en/us/td/docs/ios-xml/ios/security/a1/sec-a1-cr-book/sec-cr-c4.html#wp6039879000
Which command enables 802.1X globally on a Cisco switch?
Answer : A
Reference:
https://www.cisco.com/c/en/us/td/docs/routers/nfvis/switch_command/b-nfvis-switch-command-reference/802_1x_commands.html
What is a characteristic of Dynamic ARP Inspection?
Answer : A
Which statement about IOS zone-based firewalls is true?
Answer : D
Reference:
https://www.cisco.com/c/en/us/support/docs/security/ios-firewall/98628-zone-design-guide.html
When wired 802.1X authentication is implemented, which two components are required? (Choose two.)
Answer : AC
Reference:
https://www.lookingpoint.com/blog/ise-series-802.1x