思科网络工程师题库2

CCNP/CCIESecuritySCOR思科网络工程师题库2Ql.WhatcanbeintegratedwithCiscoThreatIntelligenceDirectortoprovideinformationaboutsecuritythreats,whichallowstheSOCtoproactivelyautomateresponsestothosethreats?CiscoUmbrellaExternalThreatFeedsCiscoThreatGridCiscoStealthwatchAnswer:CExplanation:CiscoThreatIntelligenceDirector(CTID)canbeintegratedwithexistingThreatIntelligencePlatformsdeployedbyyourorganizationtoingestthreatintelligenceautomatically.Reference:/developer/automate-threat-intelligence-using-cisco-threat-intelligence-directorQ2.WhichsolutioncombinesCiscoIOSandIOSXEcomponentstoenableadministratorstorecognizeapplications,collectandsendnetworkmetricstoCiscoPrimeandotherthird-partymanagementtools,andprioritizeapplicationtraffic?CiscoSecurityIntelligenceCiscoApplicationVisibilityandControlCiscoModelDrivenTelemetryCiscoDNACenterAnswer:BExplanation:TheCiscoApplicationVisibilityandControl(AVC)solutionleveragesmultipletechnologiestorecognize,analyze,andcontrolover1000applications,includingvoiceandvideo,email,filesharing,gaming,peer-to-peer(P2P),andcloud-basedapplications.AVCcombinesseveralCiscoIOS/IOSXEcomponents,aswellascommunicatingwithexternaltools,tointegratethefollowingfunctionsintoapowerfulsolution...Reference:/c/en/us/td/docs/ios/solutions_docs/avc/guide/avc-user-guide/avc_tech_overview.htmlQ3.WhichtwoactivitiescanbedoneusingCiscoDNACenter?(Choosetwo)DHCPDesignAccountingDNSProvisionAnswer:BEExplanation:CiscoDNACenterhasfourgeneralsectionsalignedtoITworkflows:Design:Designyournetworkforconsistentconfigurationsbydeviceandbysite.Physicalmapsandlogicaltopologieshelpprovidequickvisualreference.Thedirectimportfeaturebringsinexistingmaps,images,andtopologiesdirectlyfromCiscoPrimeInfrastructureandtheCiscoApplicationPolicyInfrastructureControllerEnterpriseModule(APIC-EM),makingupgradeseasyandquick.Deviceconfigurationsbysitecanbeconsolidatedina"goldenimage"thatcanbeusedtoautomaticallyprovisionnewnetworkdevices.Thesenewdevicescaneitherbepre-stagedbyassociatingthedevicedetailsandmappingtoasite.Ortheycanbeclaimeduponconnectionandmappedtothesite.Policy:Translatebusinessintentintonetworkpoliciesandapplythosepolicies,suchasaccesscontrol,trafficrouting,andqualityofservice,consistentlyovertheentirewiredandwirelessinfrastructure.Policy-basedaccesscontrolandnetworksegmentationisacriticalfunctionoftheCiscoSoftware-DefinedAccess(SD-Access)solutionbuiltfromCiscoDNACenterandCiscoIdentityServicesEngine(ISE).CiscoAlNetworkAnalyticsandCiscoGroup-BasedPolicyAnalyticsrunningintheCiscoDNACenteridentifyendpoints,groupsimilarendpoints,anddeterminegroupcommunicationbehavior.CiscoDNACenterthenfacilitatescreatingpoliciesthatdeterminetheformofcommunicationallowedbetweenandwithinmembersofeachgroup.ISEthenactivatestheunderlyinginfrastructureandsegmentsthenetworkcreatingavirtualoverlaytofollowthesepoliciesconsistently.Suchsegmentingimplementszero-trustsecurityintheworkplace,reducesrisk,containsthreats,andhelpsverifyregulatorycompliancebygivingendpointsjusttherightlevelofaccesstheyneed.Provision:OnceyouhavecreatedpoliciesinCiscoDNACenter,provisioningisasimpledrag-and-droptask.Theprofiles(calledscalablegrouptagsor"SGTs")intheCiscoDNACenterinventorylistareassignedapolicy,andthispolicywillalwaysfollowtheidentity.Theprocessiscompletelyautomatedandzero-touch.NewdevicesaddedtothenetworkareassignedtoanSGTbasedonidentity--greatlyfacilitatingremoteofficesetups.Assurance:CiscoDNAAssurance,usingAI/ML,enableseverypointonthenetworktobecomeasensor,sendingcontinuousstreamingtelemetryonapplicationperformanceanduserconnectivityinrealtime.Thecleanandsimpledashboardshowsdetailednetworkhealthandflagsissues.Then,guidedremediationautomatesresolutiontokeepyournetworkperformingatitsoptimalwithlessmundanetroubleshootingwork.Theoutcomeisaconsistentexperienceandproactiveoptimizationofyournetwork,withlesstimespentontroubleshootingtasks.Reference:/c/en/us/products/collateral/cloud-systems-management/dna-center/nb-06-dna-center-so-cte-en.htmlQ4.Whatmustbeusedtosharedatabetweenmultiplesecurityproducts?CiscoRapidThreatContainmentCiscoPlatformExchangeGridCiscoAdvancedMalwareProtectionCiscoStealthwatchCloudAnswer:BQ5.WhichCiscoproductisopen,scalable,andbuiltonIETFstandardstoallowmultiplesecurityproductsfromCiscoandothervendorstosharedataandinteroperatewitheachother?AdvancedMalwareProtectionPlatformExchangeGridMultifactorPlatformIntegrationFirepowerThreatDefenseAnswer:BExplanation:WithCiscopxGrid(PlatformExchangeGrid),yourmultiplesecurityproductscannowsharedataandworktogether.Thisopen,scalable,andIETFstandards-drivenplatformhelpsyouautomatesecuritytogetanswersandcontainthreatsfaster.Q6.WhatisafeatureoftheopenplatformcapabilitiesofCiscoDNACenter?intent-basedAPIsautomationadaptersdomainintegrationapplicationadaptersAnswer:AQ7.WhatisthefunctionoftheContextDirectoryAgent?maintainsusers'groupmembershipsrelaysuserauthenticationrequestsfromWebSecurityAppliancetoActiveDirectoryreadstheActiveDirectorylogstomapIPaddressestousernamesacceptsuserauthenticationrequestsonbehalfofWebSecurityApplianceforuseridentificationAnswer:CExplanation:CiscoContextDirectoryAgent(CDA)isamechanismthatmapsIPAddressestousernamesinordertoallowsecuritygatewaystounderstandwhichuserisusingwhichIPAddressinthenetwork,sothosesecuritygatewayscannowmakedecisionsbasedonthoseusers(orthegroupstowhichtheusersbelongto).CDArunsonaCiscoLinuxmachine;monitorsinrealtimeacollectionofActiveDirectorydomaincontroller(DC)machinesforauthentication-relatedeventsthatgenerallyindicateuserlogins;learns,analyzes,andcachesmappingsofIPAddressesanduseridentitiesinitsdatabase;andmakesthelatestmappingsavailabletoitsconsumerdevices.Reference:https://www.cisco.eom/c/en/us/td/docs/security/ibf/cda_10/lnstall_Config_guide/cdal0/cda_oveviw.htmlQ8.WhatisacharacteristicofabridgegroupinASAFirewalltransparentmode?ItincludesmultipleinterfacesandaccessrulesbetweeninterfacesarecustomizableItisaLayer3segmentandincludesoneportandcustomizableaccessrulesItallowsARPtrafficwithasingleaccessruleIthasanIPaddressonitsBVIinterfaceandisusedformanagementtrafficAnswer:AExplanation:AbridgegroupisagroupofinterfacesthattheASAbridgesinsteadofroutes.BridgegroupsareonlysupportedinTransparentFirewallMode.Likeanyotherfirewallinterfaces,accesscontrolbetweeninterfacesiscontrolled,andalloftheusualfirewallchecksareinplace.EachbridgegroupincludesaBridgeVirtualInterface(BVI).TheASAusestheBVIIPaddressasthesourceaddressforpacketsoriginatingfromthebridgegroup.TheBVIIPaddressmustbeonthesamesubnetasthebridgegroupmemberinterfaces.TheBVIdoesnotsupporttrafficonsecondarynetworks;onlytrafficonthesamenetworkastheBVIIPaddressissupported.Youcanincludemultipleinterfacesperbridgegroup.Ifyouusemorethan2interfacesperbridgegroup,youcancontrolcommunicationbetweenmultiplesegmentsonthesamenetwork,andnotjustbetweeninsideandoutside.Forexample,ifyouhavethreeinsidesegmentsthatyoudonotwanttocommunicatewitheachother,youcanputeachsegmentonaseparateinterface,andonlyallowthemtocommunicatewiththeoutsideinterface.Oryoucancustomizetheaccessrulesbetweeninterfacestoallowonlyasmuchaccessasdesired.Reference:https://www.cisco.eom/c/en/us/td/docs/security/asa/asa95/configuration/general/asa-95-general-config/intro-fw.htmlNote:BVIinterfaceisnotusedformanagementpurpose.ButwecanaddaseparateManagementslot/portinterfacethatisnotpartofanybridgegroup,andthatallowsonlymanagementtraffictotheASA.Q9.WhenCiscoandotherindustryorganizationspublishandinformusersofknownsecurityfindingsandvulnerabilities,whichnameisused?CommonSecurityExploitsCommonVulnerabilitiesandExposuresCommonExploitsandVulnerabilitiesCommonVulnerabilities,ExploitsandThreatsAnswer:BExplanation:Vendors,securityresearchers,andvulnerabilitycoordinationcenterstypicallyassignvulnerabilitiesanidentifierthat'sdisclosedtothepublic.ThisidentifierisknownastheCommonVulnerabilitiesandExposures(CVE).CVEisanindustry-widestandard.CVEissponsoredbyUS-CERT,theofficeofCybersecurityandCommunicationsattheU.S.DepartmentofHomelandSecurity.ThegoalofCVEistomakeit'seasiertosharedataacrosstools,vulnerabilityrepositories,andsecurityservices.Reference:QlO.WhichtwofieldsaredefinedintheNetFlowflow?(Choosetwo)typeofservicebyteclassofservicebitsLayer4protocoltypedestinationportoutputlogicalinterfaceAnswer:ADExplanation:CiscostandardNetFlowversion5definesaflowasaunidirectionalsequenceofpacketsthatallsharesevenvalueswhichdefineauniquekeyfortheflow:+Ingressinterface(SNMPiflndex)+SourceIPaddress+DestinationIPaddress+IPprotocol+SourceportforUDPorTCP,0forotherprotocols+DestinationportforUDPorTCP,typeandcodeforICMP,or0forotherprotocols+IPTypeofServiceNote:Aflowisaunidirectionalseriesofpacketsbetweenagivensourceanddestination.Qll.WhatprovidestheabilitytoprogramandmonitornetworksfromsomewhereotherthantheDNACGUI?NetFlowdesktopclientASDMAPIAnswer:DQ12.Anorganizationhastwomachineshostingwebapplications.Machine1isvulnerabletoSQLinjectionwhilemachine2isvulnerabletobufferoverflows.Whatactionwouldallowtheattackertogainaccesstomachine1butnotmachine2?sniffingthepacketsbetweenthetwohostssendingcontinuouspingsoverflowingthebuffer'smemoryinsertingmaliciouscommandsintothedatabaseAnswer:DQ13.AnorganizationistryingtoimprovetheirDefenseinDepthbyblockingmaliciousdestinationspriortoaconnectionbeingestablished.Thesolutionmustbeabletoblockcertainapplicationsfrombeingusedwithinthenetwork.Whichproductshouldbeusedtoaccomplishthisgoal?CiscoFirepowerCiscoUmbrellaISEAMPAnswer:BExplanation:CiscoUmbrellaprotectsusersfromaccessingmaliciousdomainsbyproactivelyanalyzingandblockingunsafedestinations•beforeaconnectionisevermade.Thusitcanprotectfromphishingattacksbyblockingsuspiciousdomainswhenusersclickonthegivenlinksthatanattackersent.Q14Acompanyisexperiencingexfiltrationofcreditcardnumbersthatarenotbeingstoredon-premise.Thecompanyneedstobeabletoprotectsensitivedatathroughoutthefullenvironment.Whichtoolshouldbeusedtoaccomplishthisgoal?SecurityManagerCloudlockWebSecurityApplianceCiscoISEAnswer:BExplanation:CiscoCloudlockisacloud-nativecloudaccesssecuritybroker(CASB)thathelpsyoumovetothecloudsafely.Itprotectsyourcloudusers,data,andapps.CiscoCloudlockprovidesvisibilityandcompliancechecks,protectsdataagainstmisuseandexfiltration,andprovidesthreatprotectionsagainstmalwarelikeransomware.Q15.Anengineeristryingtosecurelyconnecttoarouterandwantstopreventinsecurealgorithmsfrombeingused.However,theconnectionisfailing.Whichactionshouldbetakentoaccomplishthisgoal?Disabletelnetusingthenoiptelnetcommand.EnabletheSSHserverusingtheipsshservercommand.Configuretheportusingtheipsshport22command.GeneratetheRSAkeyusingthecryptokeygeneratersacommand.Answer:DExplanation:Inthisquestion,theengineerwastryingtosecuretheconnectionsomaybehewastryingtoallowSSHtothedevice.Butmaybesomethingwentwrongsotheconnectionwasfailing(theconnectionusedtobegood).Somaybehewasmissingthe"cryptokeygeneratersa"command.Q16AnetworkadministratorisusingtheCiscoESAwithAMPtouploadfilestothecloudforanalysis.Thenetworkiscongestedandisaffectingcommunication.HowwilltheCiscoESAhandleanyfileswhichneedanalysis?AMPcalculatestheSHA-256fingerprint,cachesit,andperiodicallyattemptstheupload.Thefileisqueuedforuploadwhenconnectivityisrestored.Thefileuploadisabandoned.TheESAimmediatelymakesanotherattempttouploadthefile.Answer:CExplanation:Theappliancew川tryoncetouploadthefile;ifuploadisnotsuccessful,forexamplebecauseofconnectivityproblems,thefilemaynotbeuploaded.Ifthefailurewasbecausethefileanalysisserverwasoverloaded,theuploadwillbeattemptedoncemore.Reference:https://www.cisco.eom/c/en/us/support/docs/security/email-security-appliance/118796-technote-esa-00.htmlInthisquestion,itstated“thenetworkiscongested"(notthefileanalysisserverwasoverloaded)sotheappliancewillnottrytouploadthefileagain.Q17.Whichtypeofalgorithmprovidesthehighestlevelofprotectionagainstbrute-forceattacks?PFSHMACMD5SHAAnswer:DQ18.WhatmustbeconfiguredinCiscoISEtoenforcereauthenticationofanendpointsessionwhenanendpointisdeletedfromanidentitygroup?postureassessmentCoAexternalidentitysourceSNMPprobeAnswer:BExplanation:CiscoISEallowsaglobalconfigurationtoissueaChangeofAuthorization(CoA)intheProfilerConfigurationpagethatenablestheprofilingservicewithmorecontroloverendpointsthatarealreadyauthenticated.OneofthesettingstoconfiguretheCoAtypeis"Reauth".Thisoptionisusedtoenforcereauthenticationofanalreadyauthenticatedendpointwhenitisprofiled.Reference:https://www.cisco.eom/c/en/us/td/docs/security/ise/1-3/admin_guide/b_ise_admin_guide_13/b_ise_admin_guide_sample_chapter_010101.htm

Q19,AnetworkadministratorisconfiguringaruleinanaccesscontrolpolicytoblockcertainURLsandselectsthe"ChatandInstantMessaging"category.Whichreputationscoreshouldbeselectedtoaccomplishthisgoal?13510Answer:DExplanation:Wechoose"ChatandInstantMessaging"categoryin"URLCategory":ToblockcertainURLsweneedtochooseURLReputationfrom6to10.QuarantineEncryptonDeliveryStripAttachmentbyContentStripAttachmentbyRieInfo|URLCategoryURLReputationAddOisdalnnerTextQuarantineEncryptonDeliveryStripAttachmentbyContentStripAttachmentbyRieInfo|URLCategoryURLReputationAddOisdalnnerTextBypassOutbreakFilterSoanninQBypassDKIMScQningSendCopy(Bcc:)NotifyChangeRecipienttoSendtoAlternateDestinationHostDeliverfromIPInterfaceStripHeaderAxld/EditHeaderAddMessageTegAddLogEntryS/MIMESign/EncryptonDeliveryEncryptandDeliverNow(FinalAction)S/MIMESign/Encrypt(FinalAction)Bounce(FinalAction)SkipRemainingContentFitters(FinalAction)Drop(FinalAction)URLCategoryDoesanyURLinthemessagebodytbeselectedcategories?AvailableCBte^ories:Mvertisements >JAJcohoiAuctionsBusinessarvdIndustryCKataodInstantMessagirOieattngandPlgyc：一ComputerSecurityComputer&andInternetaURL :*orwActiononUR1,:—DefangURL.?RedirecttoCiscoSecurityProxyReplaceURLwithtextmessagePerformActionfor:eAllmessagesUnsignedmessayesEditConditionMessageBodyorAttachmentMessageBodyURLCategoryURLReputationMessageSizeAttachmentContentMessageBodyorAttachmentMessageBodyURLCategoryURLReputationMessageSizeAttachmentContentAttachmentFileInfoAttachmentProtectionSubjectHeaderOtherHeaderEnvelopeSenderEnvelopeRecipientReceivingListenerRemoteIP/HostnameReputationScoreWhatisthereputationofURL'sintt

evaluatesURL'susingtheirWebBaiURLReputationis:©Malicious(-10.0to-6.0)Suspect(-S.9to5.9)Clean(6.0to10.0)CustomRange(mintomax)I-1-NoScoreuseaURLwhitelist：None ：Q20.WhichgroupwithinCiscowritesandpublishesaweeklynewslettertohelpcybersecurityprofessionalsremainawareoftheongoingandmostprevalentthreats?PSIRTTalosCSIRTDEVNETAnswer:BExplanation:TalosThreatSourceisaregularintelligenceupdatefromCiscoTalos,highlightingthebiggestthreatseachweekandothersecuritynews.Reference:/newslettersQ21.WhatarethetwotypesofmanagedIntercloudFabricdeploymentmodels?(Choosetwo)ServiceProvidermanagedPublicmanagedHybridmanagedUsermanagedEnterprisemanagedAnswer:AEExplanation:Manyenterprisesprefertodeploydevelopmentworkloadsinthepubliccloud,primarilyforconvenienceandfasterdeployment.ThisapproachcancauseconcernforITadministrators,whomustcontroltheflowofITtrafficandspendingandhelpensurethesecurityofdataandintellectualproperty.Withoutthepropercontrols,dataandintellectualpropertycanescapethisoversight.TheCiscoIntercloudFabricsolutionhelpscontrolthisshadowIT,discoveringresourcesdeployedinthepubliccloudoutsideITcontrolandplacingtheseresourcesunderCiscoIntercloudFabriccontrol.CiscoIntercloudFabricaddressestheclouddeploymentrequirementsappropriatefortwohybridclouddeploymentmodels:EnterpriseManaged(anenterprisemanagesitsowncloudenvironments)andServiceProviderManaged(theserviceprovideradministersandcontrolsallcloudresources).Reference:https://www.cisco.eom/c/en/us/td/docs/solutions/Hybrid_Cloud/lntercloud/lntercloud_Fabric.pdfTheCiscoIntercloudFabricarchitectureprovidestwoproductconfigurationstoaddressthefollowingtwoconsumptionmodels:+CiscoIntercloudFabricforBusiness+CiscoIntercloudFabricforProvidersReference:https://www.cisco.eom/c/en/us/td/docs/solutions/Hybrid_Cloud/lntercloud/lntercloud_Fabric/lntercloud_Fabric_2.htmlQ22.WhataretwoDDoSattackcategories?(Choosetwo)sequentialprotocoldatabasevolume-basedE.screen-basedAnswer:BDExplanation:Therearethreebasiccategoriesofattack:+volume-basedattacks,whichusehightraffictoinundatethenetworkbandwidth+protocolattacks,whichfocusonexploitingserverresources+applicationattacks,whichfocusonwebapplicationsandareconsideredthemostsophisticatedandserioustypeofattacksReference:/networks/types-of-ddos-attacks/Q23,Refertotheexhibit.Whichtypeofauthenticationisinuse?LDAPauthenticationforMicrosoftOutlookPOP3authenticationSMTPrelayserverauthenticationexternaluserandrelaymailauthenticationAnswer:DExplanation:TheTLSconnectionsarerecordedinthemaillogs,alongwithothersignificantactionsthatarerelatedtomessages,suchasfilteractions,anti-virusandanti-spamverdicts,anddeliveryattempts.IfthereisasuccessfulTLSconnection,therewillbeaTLSsuccessentryinthemaillogs.Likewise,afailedTLSconnectionproducesaTLSfailedentry.IfamessagedoesnothaveanassociatedTLSentryinthelogfile,thatmessagewasnotdeliveredoveraTLSconnection.Reference:info:NewSMTPICID3CinterfaceManagezient(15address00reversednshostunkncInfo:ICID3QACCEPTSGSUSPECILISTma-chsbrs|Info:ICID30TLSsuccessprotocolTL5vlcipheiInfo:SMTPAuth:(ICID30)succeededforuser:AUTEmechanism:LOGINwithprofile:Ldap_sir.'tInfo:MID60matchedallrecipientsforper-recDEFAULTintheoutboundtable

Q24.AnorganizationreceivedalargeamountofSPAMmessagesoverashorttimeperiod.Inordertotakeactiononthemessages,itmustbedeterminedhowharmfulthemessagesareandthisneedstohappendynamically.Whatmustbeconfiguredtoaccomplishthis?ConfiguretheCiscoWSAtomodifypoliciesbasedonthetrafficseenConfiguretheCiscoESAtoreceivereal-timeupdatesfromTalosConfiguretheCiscoWSAtoreceivereal-timeupdatesfromTalosConfiguretheCiscoESAtomodifypoliciesbasedonthetrafficseenAnswer:DExplanation:TheMailPoliciesmenuiswherealmostallofthecontrolsrelatedtoemailfilteringhappens.Allthesecurityandcontentfilteringpoliciesaresethere,soit'slikelythat,asanESAadministrator,thepagesonthismenuarewhereyouarelikelytospendmostofyourtime.IRONPORTC160MondorSecurityServiceNetworkOverviewM«ilHawRoteoesBounceVenficatKXiTimeR«nge:|Day0!Feb201114:00to02SigningKeysTextHesourcesIStoppedbyReputationFikeCicoonAnesStoppedasInvalidReop»«rSp«mDetectedVirusCeeectedStoppedbyContentFilterIncomingHnilGraphIncomingMallSummaryM”叼。JeQoryDomainKeysOomatnProfilesDataLossPrevention<D€P]DLPPobcyMonaoerHoUAcce«*IAble(HAT)HATOverviewMondorSecurityServiceNetworkOverviewM«ilHawRoteoesBounceVenficatKXiTimeR«nge:|Day0!Feb201114:00to02SigningKeysTextHesourcesIStoppedbyReputationFikeCicoonAnesStoppedasInvalidReop»«rSp«mDetectedVirusCeeectedStoppedbyContentFilterIncomingHnilGraphIncomingMallSummaryM”叼。JeQoryDomainKeysOomatnProfilesDataLossPrevention<D€P]DLPPobcyMonaoerHoUAcce«*IAble(HAT)HATOverviewAccessTable(RAT)O«sbrat)anControlsAdditionalSpamDetectedkMultiEnuitlSecurityHanaycrinconMngMadbolidesIncoEFCowent向ReOupdzHailPohoeiOut901n9ContentFilterssmrfves-Top3X。吊臂U$M。ViHrtThr««LB %Full11.6%17S10.1%38510.0% 10.0% _mgOutbreakDcuDmQ25.WhataretwodifferencesbetweenaCiscoWSAthatisrunningintransparentmodeandonerunninginexplicitmode?(Choosetwo)WhentheCiscoWSAisrunningintransparentmode,itusestheWSA'sownIPaddressastheHTTPrequestdestination.TheCiscoWSArespondswithitsownIPaddressonlyifitisrunninginexplicitmode.TheCiscoWSAisconfiguredinawebbrowseronlyifitisrunningintransparentmode.TheCiscoWSAusesaLayer3devicetoredirecttrafficonlyifitisrunningintransparentmode.TheCiscoWSArespondswithitsownIPaddressonlyifitisrunningintransparentmode.Answer:DEExplanation:TheCiscoWebSecurityAppliance(WSA)includesawebproxy,athreatanalyticsengine,antimalwareengine,policymanagement,andreportinginasinglephysicalorvirtualappliance.ThemainuseoftheCiscoWSAistoprotectusersfromaccessingmaliciouswebsitesandbeinginfectedbymalware.YoucandeploytheCiscoWSAintwodifferentmodes:ExplicitforwardmodeTransparentmodeInexplicitforwardmode,theclientisconfiguredtoexplicitlyusetheproxy,subsequentlysendingallwebtraffictotheproxy.Becausetheclientknowsthereisaproxyandsendsalltraffictotheproxyinexplicitforwardmode,theclientdoesnotperformaDNSlookupofthedomainbeforerequestingtheURLTheCiscoWSAisresponsibleforDNSresolution,aswell.FirewallClient&webbrowserFirewallWhenyouconfiguretheCiscoWSAinexplicitmode,youdonotneedtoconfigureanyothernetworkinfrastructuredevicestoredirectclientrequeststotheCiscoWS

InternetiscoWSACommunityCiscoASA1.Userii2.ASAFrequaInternetiscoWSACommunityCiscoASAWSA(replie:reque：WSAiconnereque：WebtconteiWSAWSA.objectforwaioriginiissuesWSAinTransparentmodeReference:CCNPAndCCIESecurityCoreSCOR350-701OfficialCertGuide->ThereforeinTransparentmode,WSAusesitsownIPaddresstoinitiateanewconnectiontheWebServer(instep4above)->AnswerEiscorrect.AnswerCissurelynotcorrectasWSAcannotbeconfiguredinawebbrowserineithermode.AnswerAseemstobecorrectbutitisnot.Thisansweriscorrectifitstates"WhentheCiscoWSAisrunningintransparentmode,itusestheWSA'sownIPaddressastheHTTPrequestsource"(notdestination).Q26Afterarecentbreach,anorganizationdeterminedthatphishingwasusedtogaininitialaccesstothenetworkbeforeregainingpersistence.Theinformationgainedfromthephishingattackwasaresultofusersvisitingknownmaliciouswebsites.Whatmustbedoneinordertopreventthisfromhappeninginthefuture?ModifyanaccesspolicyModifyidentificationprofilesModifyoutboundmalwarescanningpoliciesModifywebproxysettingsAnswer:AExplanation:URLconditionsinaccesscontrolrulesallowyoutolimitthewebsitesthatusersonyournetworkcanaccess.ThisfeatureiscalledURLfiltering.TherearetwowaysyoucanuseaccesscontroltospecifyURLsyouwanttoblock(or,conversely,allow):Withanylicense,youcanmanuallyspecifyindividualURLs,groupsofURLs,andURLlistsandfeedstoachievegranular,customcontroloverwebtraffic.WithaURLFilteringlicense,youcanalsocontrolaccesstowebsitesbasedontheURL'sgeneralclassification,orcategory,andrisklevel,orreputation.Thesystemdisplaysthiscategoryandreputationdatainconnectionlogs,intrusionevents,andapplicationdetails.Usingcategoryandreputationdataalsosimplifiespolicycreationandadministration.Itgrantsyouassurancethatthesystemwillcontrolwebtrafficasexpected.Finally,becauseCisco'sthreatintelligenceiscontinuallyupdatedwithnewURLs,aswellasnewcategoriesandrisksforexistingURLs,youcanensurethatthesystemusesup-to-dateinformationtofilterrequestedURLs.Malicioussitesthatrepresentsecuritythreatssuchasmalware,spamtbotnets,andphishingmayappearanddisappearfasterthanyoucanupdateanddeploynewpolicies.Reference:https://www.cisco.eom/c/en/us/td/docs/security/firepower/60/configuration/guide/fpmc-config-guide-v60/Access_Control_RulesURL_Filtering.htmlQ27.WhatisthefunctionofSDNsouthboundAPIprotocols?A.toallowforthedynamicconfigurationofcontrolplaneapplicationsB.toenablethecontrollertomakechanges

toenablethecontrollertouseRESTtoallowforthestaticconfigurationofcon