- Email support@dumps4free.com
Topic 1: Exam Pool A
What is the primary benefit of deploying an ESA in hybrid mode?
A.
You can fine-tune its settings to provide the optimum balance between security and
performance for your environment
B.
It provides the lowest total cost of ownership by reducing the need for physical
appliances
C.
It provides maximum protection and control of outbound messages
D.
It provides email security while supporting the transition to the cloud
It provides email security while supporting the transition to the cloud
Cisco Hybrid Email Security is a unique service offering that
facilitates the deployment of your email securityinfrastructure both on premises and in the
cloud. You can change the number of on-premises versus cloudusers at any time
throughout the term of your contract, assuming the total number of users does not
change.This allows for deployment flexibility as your organization’s needs change.
Which policy represents a shared set of features or parameters that define the aspects of a
managed device that are likely to be similar to other managed devices in a deployment?
A.
Group Policy
B.
Access Control Policy
C.
Device Management Policy
D.
Platform Service Policy
Platform Service Policy
https://www.cisco.com/c/en/us/td/docs/security/firepower/620/configuration/guide/fpmcconfigguide-
v62/platform_settings_policies_for_managed_devices.htmlTherefore the
answer should be “Platform Settings Policy”, not “Platform Service Policy” but it is the
bestanswer here so we have to choose it.
An engineer needs behavioral analysis to detect malicious activity on the hosts, and is
configuring the
organization’s public cloud to send telemetry using the cloud provider’s mechanisms to a
security device. Which
mechanism should the engineer configure to accomplish this goal?
A.
mirror port
B.
Flow
C.
NetFlow
D.
VPC flow logs
NetFlow
What is the role of an endpoint in protecting a user from a phishing attack?
A.
Use Cisco Stealthwatch and Cisco ISE Integration
B.
Utilize 802.1X network security to ensure unauthorized access to resources
C.
Use machine learning models to help identify anomalies and determine expected
sending behavior
D.
Ensure that antivirus and anti malware software is up to date
Use machine learning models to help identify anomalies and determine expected
sending behavior
In which form of attack is alternate encoding, such as hexadecimal representation, most
often observed?
A.
Smurf
B.
distributed denial of service
C.
cross-site scripting
D.
rootkit exploit
cross-site scripting
ExplanationCross site scripting (also known as XSS) occurs when a web
application gathers malicious data from a user. The data is usually gathered in the form of
a hyperlink which contains malicious content within it. The user will most likely click on this
link from another website, instant message, or simply just reading a web board or email
message.Usually the attacker will encode the malicious portion of the link to the site in HEX
(or other encoding methods) so the request is less suspicious looking to the user when
clicked on.For example the code below is written in hex:
<ahref=javascript:alert('XSS')>Click Here</a>is equivalent to:<a
href=javascript:alert('XSS')>Click Here</a>Note: In the format “&#xhhhh“, hhhh is the code
point in hexadecimal form.
| Page 3 out of 126 Pages |
| Previous |