- Email support@dumps4free.com
Topic 2: Exam Pool B
A network administrator is configuring SNMPv3 on a new router. The users have already
been created;
however, an additional configuration is needed to facilitate access to the SNMP views.
What must the
administrator do to accomplish this?
A.
map SNMPv3 users to SNMP views
B.
set the password to be used for SNMPv3 authentication
C.
define the encryption algorithm to be used by SNMPv3
D.
specify the UDP port used by SNMP
set the password to be used for SNMPv3 authentication
How does Cisco Umbrella archive logs to an enterprise owned storage?
A.
by using the Application Programming Interface to fetch the logs
B.
by sending logs via syslog to an on-premises or cloud-based syslog server
C.
by the system administrator downloading the logs from the Cisco Umbrella web portal
D.
by being configured to send logs to a self-managed AWS S3 bucket
by being configured to send logs to a self-managed AWS S3 bucket
https://docs.umbrella.com/deployment-umbrella/docs/manage-logs
Refer to the exhibit.
Traffic is not passing through IPsec site-to-site VPN on the Firepower Threat Defense
appliance. What is causing this issue?
A.
No split-tunnel policy is defined on the Firepower Threat Defense appliance
B.
The access control policy is not allowing VPN traffic in.
C.
Site-to-site VPN peers are using different encryption algorithms.
D.
Site-to-site VPN preshared keys are mismatched
No split-tunnel policy is defined on the Firepower Threat Defense appliance
A network administrator configures Dynamic ARP Inspection on a switch. After Dynamic ARP Inspection is applied, all users on that switch are unable to communicate with any destination. The network administrator checks the interface status of all interfaces, and there is no err-disabled interface. What is causing this problem?
A.
DHCP snooping has not been enabled on all VLANs
B.
The ip arp inspection limit command is applied on all interfaces and is blocking the traffic of all users.
C.
Dynamic ARP Inspection has not been enabled on all VLANs
D.
The no ip arp inspection trust command is applied on all user host interfaces
The no ip arp inspection trust command is applied on all user host interfaces
Dynamic ARP inspection (DAI) is a security feature that
validates ARP packets in a network. It intercepts, logs, and discards ARP packets with invalid IP-to-MAC address bindings. This capability protects the network from certain manin- the-middle attacks. After enabling DAI, all ports become untrusted ports.
What is an attribute of the DevSecOps process?
A.
mandated security controls and check lists
B.
security scanning and theoretical vulnerabilities
C.
development security
D.
isolated security team
development security
DevSecOps (development, security, and
operations) is a concept used in recent years to describe how to movesecurity activities to
the start of the development life cycle and have built-in security practices in the continuousintegration/continuous deployment (CI/CD) pipeline. Thus minimizing
vulnerabilities and bringing security closerto IT and business objectives.Three key things
make a real DevSecOps environment:+ Security testing is done by the development
team.+ Issues found during that testing is managed by the development team.+ Fixing
those issues stays within the development team.
| Page 25 out of 126 Pages |
| Previous |