Cisco (300-735-SAUTO) Exam Questions And Answers page 11
What are two true statements about IDS devices?
Multiple Choice
Which of the following statements are true regarding IDS devices? (Select 2 choices.)
They do not sit inline with the flow of network traffic.
They can directly block a virus before it infiltrates the network.
They can detect malicious traffic only by signature matching.
They function identically to IPS devices.
Automating Security Policies and Network Device Configurations
Automating Security Monitoring and Incident Response
Which of the following statements are true regarding policies in Cisco Security Manager? (Select 2 choices.)
Rule-based policies can contain hundreds of rules containing values for the same set of parameters.
Settings-based policies can define only one set of parameters for each settings based policy defined on a device.
Local policies are well-suited to smaller networks and to devices requiring standard configurations.
Any changes that you make to a shared policy are not automatically applied to all the devices to which it is assigned.
The Default section of a shared policy contains rules that cannot be overridden by local rules.
Understanding Security Automation and Programmability
Automating Security Policies and Network Device Configurations
What are two true statements about RADIUS?
Multiple Choice
Which of the following statements are true regarding RADIUS? (Select 2 choices.)
It encrypts only the password in AccessRequest packets.
It combines authorization and authentication functions.
It provides more flexible security options than TACACS+.
It uses TCP port 49.
It is a Ciscoproprietary standard protocol.
Understanding Security Automation and Programmability
Python Programming for Security Automation
What are the true statements about TACACS+?
Multiple Choice
Which of the following statements are true regarding TACACS+? (Select 2 choices.)
It encrypts the entire body of a packet.
It combines authorization and authentication functions.
It provides router command authorization capabilities.
It uses UDP for packet delivery.
It was developed as an IETF standard protocol.
Understanding Security Automation and Programmability
Python Programming for Security Automation
Which of the following statements are true regarding the DfltGrpPolicy group policy? (Select 3 choices.)
It cannot be modified.
It is the default policy used with the DefaultRAGroup connection profile.
It is the default policy used with the DefaultWEBVPNGroup connection profile.
It can be applied to user profiles.
It should be deleted if custom group policies are created.
Automating Cisco Security Solutions with APIs
Automating Security Policies and Network Device Configurations
Which of the following statements are true regarding the FirePOWER inline normalization preprocessor engine? (Select 2 choices.)
Inline normalization can process IPv4 and ICMPv4 traffic but not IPv6 traffic.
Inline normalization can process IPv4 and IPv6 traffic but not ICMPv4 traffic.
Inline normalization cannot detect TCP SYN flood attacks.
Inline normalization cannot detect TCP session hijacking attacks.
Inline normalization takes place immediately before decoding by the packet decoder.
Understanding Security Automation and Programmability
Automating Security Policies and Network Device Configurations
Which of the following statements is correct regarding the traffic types that can be matched in a class map on a Cisco ASA? (Select the best answer.)
A class map can match traffic by TCP port number but not by UDP port number.
A class map can match traffic by UDP port number but not by IP precedence.
A class map can match traffic by TCP port number but not by IP precedence.
A class map can match traffic by UDP port number but not by TCP port number.
A class map can match traffic by TCP port number, by UDP port number, and by IP precedence.
Automating Cisco Security Solutions with APIs
Automating Security Policies and Network Device Configurations
Which statement is false about an IPS device?
Single Choice
Which of the following statements is not true regarding an IPS device? (Select the best answer.)
An IPS requires that at least one interface be in promiscuous mode.
Singlepacket attacks can be mitigated by an IPS.
Traffic leaves an IPS on a different interface than it entered.
An IPS cannot route to destinations on different subnets.
Understanding Security Automation and Programmability
Automating Cisco Security Solutions with APIs
Which statement is false about the IaaS service model?
Single Choice
Which of the following statements is not true regarding the IaaS service model? (Select the best answer.)
The consumer has control over the configuration of the OS running on the physical infrastructure in the cloud.
The consumer has control over the physical infrastructure in the cloud.
The consumer has control over the allocation of processing, memory, storage, and network resources within the cloud.
The consumer has control over development tools or APIs in the cloud running on the physical infrastructure in the cloud.
Understanding Security Automation and Programmability
Automating Cisco Security Solutions with APIs
Which of the following statements is true about network traffic event logging in Cisco FireSIGHT Management Center? (Select the best answer.)
Beginningofconnection events contain less information than endofconnection events.
Performance is optimized by logging both beginningofconnection events and end ofconnection events.
You can log only beginningofconnection events for encrypted connections handled by an SSL policy.
You can log only endofconnection events for blocked traffic.
Automating Cisco Security Solutions with APIs
Automating Security Monitoring and Incident Response
Comments