Question 1

Which flaw does an attacker leverage when exploiting SQL injection vulnerabilities?

Accepted Answer

A)  user input validation in a web page or web application 
B)  Linux and Windows operating systems 
C)  database 
D)  web page images 
A)  user input validation in a web page or web application 
B)  Linux and Windows operating systems 
C)  database 
D)  web page images

Question 2

Which two risks is a company vulnerable to if it does not have a well-established patching solution for endpoints? (Choose two.)

Accepted Answer

A)  malware 
B)  denial-of-service attacks 
C)  ARP spoofing 
D)  exploits 
E)  eavesdropping 
A)  malware 
B)  denial-of-service attacks 
C)  ARP spoofing 
D)  exploits 
E)  eavesdropping

Question 3

Under which two circumstances is a CoA issued? (Choose two.)

Accepted Answer

A)  A new authentication rule was added to the policy on the Policy Service node. 
B)  An endpoint is deleted on the Identity Service Engine server. 
C)  A new Identity Source Sequence is created and referenced in the authentication policy. 
D)  An endpoint is profiled for the first time. 
E)  A new Identity Service Engine server is added to the deployment with the Administration persona. 
A)  A new authentication rule was added to the policy on the Policy Service node. 
B)  An endpoint is deleted on the Identity Service Engine server. 
C)  A new Identity Source Sequence is created and referenced in the authentication policy. 
D)  An endpoint is profiled for the first time. 
E)  A new Identity Service Engine server is added to the deployment with the Administration persona.

Question 4

An engineer needs a cloud solution that will monitor traffic, create incidents based on events, and integrate with other cloud solutions via an API. Which solution should be used to accomplish this goal?

Accepted Answer

A)  CASB 
B)  Cisco Cloudlock 
C)  Adaptive MFA 
D)  SIEM 
A)  CASB 
B)  Cisco Cloudlock 
C)  Adaptive MFA 
D)  SIEM

Question 5

What is the primary role of the Cisco Email Security Appliance?

Accepted Answer

A)  Mail Submission Agent 
B)  Mail Transfer Agent 
C)  Mail Delivery Agent 
D)  Mail User Agent 
A)  Mail Submission Agent 
B)  Mail Transfer Agent 
C)  Mail Delivery Agent 
D)  Mail User Agent

Question 6

What are the two types of managed Intercloud Fabric deployment models? (Choose two.)

Accepted Answer

A)  Service Provider managed 
B)  User managed 
C)  Public managed 
D)  Hybrid managed 
E)  Enterprise managed 
A)  Service Provider managed 
B)  User managed 
C)  Public managed 
D)  Hybrid managed 
E)  Enterprise managed

Question 7

What is a benefit of conducting device compliance checks?

Accepted Answer

A)  It validates if anti-virus software is installed. 
B)  It scans endpoints to determine if malicious activity is taking place. 
C)  It indicates what type of operating system is connecting to the network. 
D)  It detects email phishing attacks. 
A)  It validates if anti-virus software is installed. 
B)  It scans endpoints to determine if malicious activity is taking place. 
C)  It indicates what type of operating system is connecting to the network. 
D)  It detects email phishing attacks.

Question 8

What are two Detection and Analytics Engines of Cognitive Threat Analytics? (Choose two.)

Accepted Answer

A)  data exfiltration 
B)  command and control communication 
C)  intelligent proxy 
D)  snort 
E)  URL categorization 
A)  data exfiltration 
B)  command and control communication 
C)  intelligent proxy 
D)  snort 
E)  URL categorization

Question 9

Which two prevention techniques are used to mitigate SQL injection attacks? (Choose two.)

Accepted Answer

A)  Check integer, float, or Boolean string parameters to ensure accurate values. 
B)  Use prepared statements and parameterized queries. 
C)  Secure the connection between the web and the app tier. 
D)  Write SQL code instead of using object-relational mapping libraries. 
E)  Block SQL code execution in the web application database login. 
A)  Check integer, float, or Boolean string parameters to ensure accurate values. 
B)  Use prepared statements and parameterized queries. 
C)  Secure the connection between the web and the app tier. 
D)  Write SQL code instead of using object-relational mapping libraries. 
E)  Block SQL code execution in the web application database login.

Question 10

In which type of attack does the attacker insert their machine between two hosts that are communicating with each other?

Accepted Answer

A)  man-in-the-middle 
B)  LDAP injection 
C)  insecure API 
D)  cross-site scripting 
A)  man-in-the-middle 
B)  LDAP injection 
C)  insecure API 
D)  cross-site scripting

Question 11

What provides visibility and awareness into what is currently occurring on the network?

Accepted Answer

A)  CMX 
B)  WMI 
C)  Prime Infrastructure 
D)  Telemetry 
A)  CMX 
B)  WMI 
C)  Prime Infrastructure 
D)  Telemetry

Question 12

Which functions of an SDN architecture require southbound APIs to enable communication?

Accepted Answer

A)  SDN controller and the network elements 
B)  management console and the SDN controller 
C)  management console and the cloud 
D)  SDN controller and the cloud 
A)  SDN controller and the network elements 
B)  management console and the SDN controller 
C)  management console and the cloud 
D)  SDN controller and the cloud

Question 13

Which method is used to deploy certificates and configure the supplicant on mobile devices to gain access to network resources?

Accepted Answer

A)  BYOD onboarding 
B)  MAC authentication bypass 
C)  client provisioning 
D)  Simple Certificate Enrollment Protocol 
A)  BYOD onboarding 
B)  MAC authentication bypass 
C)  client provisioning 
D)  Simple Certificate Enrollment Protocol

Question 14

Which two mechanisms are used to control phishing attacks? (Choose two.)

Accepted Answer

A)  Enable browser alerts for fraudulent websites. 
B)  Define security group memberships. 
C)  Revoke expired CRL of the websites. 
D)  Use antispyware software. 
E)  Implement email filtering techniques. 
A)  Enable browser alerts for fraudulent websites. 
B)  Define security group memberships. 
C)  Revoke expired CRL of the websites. 
D)  Use antispyware software. 
E)  Implement email filtering techniques.

Question 15

Refer to the exhibit. What is a result of the configuration?

Accepted Answer

A)  Traffic from the DMZ network is redirected. 
B)  Traffic from the inside network is redirected. 
C)  All TCP traffic is redirected. 
D)  Traffic from the inside and DMZ networks is redirected. 
A)  Traffic from the DMZ network is redirected. 
B)  Traffic from the inside network is redirected. 
C)  All TCP traffic is redirected. 
D)  Traffic from the inside and DMZ networks is redirected.

Question 16

Which technology reduces data loss by identifying sensitive information stored in public computing environments?

Accepted Answer

A)  Cisco SDA 
B)  Cisco Firepower 
C)  Cisco HyperFlex 
D)  Cisco Cloudlock 
A)  Cisco SDA 
B)  Cisco Firepower 
C)  Cisco HyperFlex 
D)  Cisco Cloudlock

Question 17

Which Cisco solution does Cisco Umbrella integrate with to determine if a URL is malicious?

Accepted Answer

A)  Cisco AMP 
B)  Cisco AnyConnect 
C)  Cisco Dynamic DNS 
D)  Cisco Talos 
A)  Cisco AMP 
B)  Cisco AnyConnect 
C)  Cisco Dynamic DNS 
D)  Cisco Talos

Question 18

An engineer is configuring 802.1X authentication on Cisco switches in the network and is using CoA as a mechanism. Which port on the firewall must be opened to allow the CoA traffic to traverse the network?

Accepted Answer

A)  UDP 1700 
B)  TCP 6514 
C)  UDP 1812 
D)  TCP 49 
A)  UDP 1700 
B)  TCP 6514 
C)  UDP 1812 
D)  TCP 49

Question 19

Which ASA deployment mode can provide separation of management on a shared appliance?

Accepted Answer

A)  DMZ multiple zone mode 
B)  transparent firewall mode 
C)  multiple context mode 
D)  routed mode 
A)  DMZ multiple zone mode 
B)  transparent firewall mode 
C)  multiple context mode 
D)  routed mode

Question 20

An engineer notices traffic interruptions on the network. Upon further investigation, it is learned that broadcast packets have been flooding the network. What must be configured, based on a predefined threshold, to address this issue?

Accepted Answer

A)  Storm Control 
B)  embedded event monitoring 
C)  access control lists 
D)  Bridge Protocol Data Unit guard 
A)  Storm Control 
B)  embedded event monitoring 
C)  access control lists 
D)  Bridge Protocol Data Unit guard

Exam 41: Implementing Cisco Collaboration Core Technologies (CLCOR)

Which flaw does an attacker leverage when exploiting SQL injection vulnerabilities?

Which two risks is a company vulnerable to if it does not have a well-established patching solution for endpoints? (Choose two.)

Under which two circumstances is a CoA issued? (Choose two.)

An engineer needs a cloud solution that will monitor traffic, create incidents based on events, and integrate with other cloud solutions via an API. Which solution should be used to accomplish this goal?

What is the primary role of the Cisco Email Security Appliance?

What are the two types of managed Intercloud Fabric deployment models? (Choose two.)

What is a benefit of conducting device compliance checks?

What are two Detection and Analytics Engines of Cognitive Threat Analytics? (Choose two.)

Which two prevention techniques are used to mitigate SQL injection attacks? (Choose two.)

In which type of attack does the attacker insert their machine between two hosts that are communicating with each other?

What provides visibility and awareness into what is currently occurring on the network?

Which functions of an SDN architecture require southbound APIs to enable communication?

Which method is used to deploy certificates and configure the supplicant on mobile devices to gain access to network resources?

Which two mechanisms are used to control phishing attacks? (Choose two.)

Refer to the exhibit. What is a result of the configuration?

Which technology reduces data loss by identifying sensitive information stored in public computing environments?

Which Cisco solution does Cisco Umbrella integrate with to determine if a URL is malicious?

An engineer is configuring 802.1X authentication on Cisco switches in the network and is using CoA as a mechanism. Which port on the firewall must be opened to allow the CoA traffic to traverse the network?

Which ASA deployment mode can provide separation of management on a shared appliance?

An engineer notices traffic interruptions on the network. Upon further investigation, it is learned that broadcast packets have been flooding the network. What must be configured, based on a predefined threshold, to address this issue?

Supporting Cisco Data Center System Devices (DCTECH)

Cisco Certified Technician Routing & Switching (RSTECH)

Understanding Cisco Cybersecurity Operations Fundamentals (CBROPS)

Cisco Certified Network Associate (CCNA)

Managing Industrial Networks with Cisco Networking Technologies (IMINS)

DevNet Associate (DEVASC)

Conducting Forensic Analysis and Incident Response Using Cisco CyberOps Technologies (CBRFIR)

Implementing Cisco Enterprise Advanced Routing and Services (ENARSI)

Implementing Cisco SD-WAN Solutions (ENSDWI)

Designing Cisco Enterprise Networks (ENSLD)

Designing Cisco Enterprise Wireless Networks (300-425 ENWLSD)

Implementing Cisco Enterprise Wireless Networks (300-430 ENWLSI)

Automating Cisco Enterprise Solutions (ENAUTO)

Implementing Cisco Service Provider Advanced Routing Solutions (SPRI)

Implementing Cisco Service Provider VPN Services (SPVI)

Designing Cisco Data Center Infrastructure (DCID)

Troubleshooting Cisco Data Center Infrastructure (DCIT)

Implementing Cisco Application Centric Infrastructure (DCACI)

Configuring Cisco MDS 9000 Series Switches (DCSAN)

Implementing Cisco Application Centric Infrastructure - Advanced

Automating Cisco Data Center Solutions (DCAUTO)

Securing Networks with Cisco Firepower (300-710 SNCF)

Implementing and Configuring Cisco Identity Services Engine (300-715 SISE)

Securing Email with Cisco Email Security Appliance (300-720 SESA)

Securing the Web with Cisco Web Security Appliance (300-725 SWSA)

Implementing Secure Solutions with Virtual Private Networks (SVPN 300-730)

Automating Cisco Security Solutions (SAUTO)

Implementing Cisco Collaboration Applications (CLICA)

Implementing Cisco Advanced Call Control and Mobility Services (CLASSM)

Implementing Cisco Collaboration Cloud and Edge Solutions

Implementing Cisco Collaboration Conferencing

Automating Cisco Collaboration Solutions (CLAUTO)

Implementing DevOps Solutions and Practices using Cisco Platforms (DEVOPS)

Developing Solutions Using Cisco IoT and Edge Platforms (DEVIOT)

Developing Applications for Cisco Webex and Webex Devices (DEVWBX)

Performing CyberOps Using Core Security Technologies (CBRCOR)

Implementing Cisco Enterprise Network Core Technologies (ENCOR)

Implementing and Operating Cisco Service Provider Network Core Technologies (SPCOR)

Implementing and Operating Cisco Data Center Core Technologies (DCCOR)

Implementing and Operating Cisco Security Core Technologies

Developing Applications using Cisco Core Platforms and APIs (DEVCOR)

CCDE Design Written

Deploying Cisco Unified Contact Center Express

Cisco Meraki Solutions Specialist

Securing Cisco Networks with Sourcefire FireAMP Endpoints

Designing Cisco Unified Contact Center Enterprise (UCCED)

Implementing and Supporting Cisco Unified Contact Center Enterprise (UCCEIS)

Cisco Collaboration SaaS Authorization Exam

Cisco Security Architecture for System Engineers

Adopting The Cisco Business Architecture Approach (DTBAA)

Cisco Customer Success Manager (CSM)

Mastering The Cisco Business Architecture Discipline (DTBAD)

Filters