Cisco (300-735-SAUTO) Exam Questions And Answers page 13
Which of the following statements is true regarding the outbreak control feature of AMP for Endpoints? (Select the best answer.)
It must wait for a content update before blocking specific files.
It cannot whitelist specific applications.
It can use application blocking lists to contain compromised applications.
Understanding Security Automation and Programmability
Automating Cisco Security Solutions with APIs
Which of the following statements is true regarding the primary bootset when the Cisco IOS Resilient Configuration feature is enabled? (Select the best answer.)
The configuration file can be secured on a TFTP server, but the system image must be secured on local storage.
The system image can be secured on a TFTP server, but the configuration file must be secured on local storage.
The configuration file and the system image must both be secured on local storage.
The configuration file and the system image must both be secured on remote storage.
Automating Cisco Security Solutions with APIs
Automating Security Policies and Network Device Configurations
Which of the following statements is true regarding the sendlifetime command? (Select the best answer.)
The default duration for sending keys is infinite.
You cannot specify a duration based on a specific start and end time.
The duration must be specified in oneminute increments.
The earliest start time value is January 1, 1970.
Automating Security Policies and Network Device Configurations
Automating Security Monitoring and Incident Response
What are the characteristics of ZFW traffic action?
Single Choice
Which of the following statements is true regarding ZFW traffic action characteristics? (Select the best answer.)
The pass action is bidirectional and automatically permits return traffic.
The inspect action is unidirectional and can be used to maintain state information.
The drop action silently discards packets and does not generate ICMP host unreachable messages.
The pass action can provide an audit trail including session start, stop, and duration values.
Understanding Security Automation and Programmability
Automating Security Policies and Network Device Configurations
Which of the following traffic types are blocked by default in a zone-based policy firewall configuration? (Select 2 choices.)
traffic to or from the self zone
traffic between interfaces in the same zone
traffic between interfaces in a zone and interfaces not assigned to any zone
traffic between interfaces in different zones
traffic directly to or received from the router
Understanding Security Automation and Programmability
Automating Security Policies and Network Device Configurations
Which of the following traffic types can be detected by the FirePOWER ratebased prevention preprocessor engine? (Select the best answer.)
Back Orifice traffic
distributed port scan traffic
port sweep traffic
SYN flood traffic
Automating Security Policies and Network Device Configurations
Which of the following vulnerabilities did the Blaster worm exploit on target hosts? (Select the best answer.)
a buffer overflow vulnerability in the DCOM RPC service
a buffer overflow vulnerability in IIS software
a buffer overflow vulnerability in Microsoft SQL Server
a remote code execution vulnerability in the printer spooler service
a remote code execution vulnerability in the processing of .lnk files
Python Programming for Security Automation
Automating Security Monitoring and Incident Response
Which of the following web application threats is not typically mitigated by installing a WAF? (Select the best answer.)
exploits related to uncloaked error messages
exploits against known vulnerabilities
exploits related to directory traversal vulnerabilities
exploits against unknown vulnerabilities
exploits related to viruses in file uploads
Understanding Security Automation and Programmability
Python Programming for Security Automation
Which of the following worms was used in an act of cyber warfare against Iranian ICSs? (Select the best answer.)
Blaster
Nachi
Stuxnet
Welchia
Understanding Security Automation and Programmability
Automating Security Monitoring and Incident Response
You are configuring a connection profile for Cisco AnyConnect SSL VPN users. You have accessed the Add SSL VPN Connection Profile dialog box in ASDM. You want to configure a group URL for the connection profile.
On which of the following screens of this dialog box will you be able to accomplish your goal? (Select the best answer.)
On which of the following screens of this dialog box will you be able to accomplish your goal? (Select the best answer.)
the Basic screen
the General screen
the Authorization screen
the SSL VPN screen
Automating Security Policies and Network Device Configurations
Comments