SASE Flashcards by Kevin Taverner

What are two reasons why perimeter-based network security is no longer sufficient? (Choose two.)
A. More users
B. More devices
C. More networks
D. More IT professionals
E. More vulnerabilities

BE
B More devices
E More vulnerabilities

How well did you know this?

Not at all

Perfectly

Which two Cisco products help manage data access policy consistently? (Choose two.)
A. Stealthwatch
B. pxGrid
C. Duo
D. AMP for Endpoints
E. Cloudlock

BE
B - Cloudlock - data usage control
E - PXGrid - integration

How well did you know this?

Not at all

Perfectly

How does SD-WAN protect network traffic from end-to-end?
A. Management
B. Automation
C. Segmentation
D. Analyzation

C Segmentation

How well did you know this?

Not at all

Perfectly

Which two IoT environment layers are protected by Stealthwatch? (Choose two.)
A. Access Points
B. Endpoints
C. Internet/Cloud
D. Control Layer
E. Things

DE
D Control Layer
E Things

How well did you know this?

Not at all

Perfectly

What are two key Cisco IoT use cases? (Choose two.)
A. Industrial Security
B. Parks and Recreation
C. Connected Health
D. Financial Institutions
E. Mobile Utilities

AC
A Industrial Security
C Connected Health

How well did you know this?

Not at all

Perfectly

What are the main features of Umbrella for Cloud-Delivered Security?
A. Protect users against DDOS attacks
B. Handles 130B+ DNS requests daily with 99% uptime
C. Runs suspicious cloud applications in a sandbox environment
D. Blocks malware, C2 callbacks, & phishing over any port/protocol

D Blocks malware, C2 callbacks, & phishing over any port/protocol

How well did you know this?

Not at all

Perfectly

What are two core functionalities of DNS-layer security? (Choose two.)
A. Live threat intelligence
B. Proxy and file inspection
C. URL filtering
D. Real-time sandboxing
E. Data analytics and monitoring

AB
A - Live Threat Intelligence
B - Proxy and file inspection

How well did you know this?

Not at all

Perfectly

Which two attack vectors are protected by Cyber Threat Defense & Network Analytics? (Choose two.)
A. Web
B. Cloud
C. Data Center
D. Email
E. Endpoints

BC
B Cloud
C data center

Dump is wrong - Data Centre is part of Corporate WAN.

How well did you know this?

Not at all

Perfectly

What are two ways that Cisco helps customers secure IoT deployments? (Choose two.)
A. limited access points
B. segmentation & visibility
C. cross-architecture automation
D. secure remote access
E. network analysis

BD
B segmentation and visibility
D secure remote access

How well did you know this?

Not at all

Perfectly

Which two security risks are created by legacy approaches to networking? (Choose two.)
A. network downtime
B. user vulnerability
C. slow containment
D. access points
E. large attack surface

CE
C Slow containment
E large attack surface

How well did you know this?

Not at all

Perfectly

What are three security blind spots that must be addressed? (Choose three.)
A. Workloads
B. Data
C. Networks
D. IT
E. Applications
F. Email

ABE
A Workloads
B Data
E Applications

Dump is wrong

How well did you know this?

Not at all

Perfectly

Which two IoT environment layers are protected by ISE? (Choose two.)
A. Endpoints
B. Access Points
C. Control Layer
D. Things
E. Internet/Cloud

CD
C Control Layer
D Things

Dump is wrong - Internet/Cloud is incorrect

How well did you know this?

Not at all

Perfectly

Which Cisco NGIPS capability provides control over users, applications, devices, threats, and provides insights to network vulnerabilities?
A. global threat intelligence
B. security automation
C. advanced threat protection and rapid remediation
D. contextual awareness

D contextual awareness

How well did you know this?

Not at all

Perfectly

What does ThreatGrid integrate?
A. File reputation and behavioral indications of compromise
B. Malware analysis and threat intelligence
C. Threat intelligence and access control
D. File trajectory and time signatures

B Malware analysis and TI

How well did you know this?

Not at all

Perfectly

What are two steps customers can take to evolve to a trust-centric security philosophy? (Choose two.)
A. Block BYOD devices
B. Always verify and never trust everything inside and outside the perimeter.
C. Limit internal access to networks.
D. Only grant access to authorized users and devices.
E. Require and install agents on mobile devices.

BD
B Always verify
D Only grant access to authorized users and devices

How well did you know this?

Not at all

Perfectly

Which feature of ISE provides role-based access control and command level authorization with logging for auditing?
A. Platform exchange grid
B. TACACS+ Device Administration
C. Context-aware access
D. Centralized policy management

B TACACS

How well did you know this?

Not at all

Perfectly

What are two result of utilizing a fragmented security model? (Choose two.)
A. Reduced malicious file risk through additional segmentation.
B. Decreased network accessibility through multiple applications.
C. Decreased visibility and limited understand of security coverage.
D. Increased identity controls
E. Individual components pieced together to meet requirements.

BC
B Decreased network accessibility
C Decreased visibility

How well did you know this?

Not at all

Perfectly

Which feature of AnyConnect provides better access security across wired and wireless connections with 802.1X?
A. Flexible AAA Options
B. Trusted Network Detection
C. Secure Layer 2 Network Access
D. AnyConnect with AMP

C Secure Layer 2 Network Access

How well did you know this?

Not at all

Perfectly

Which two products are involved in granting safe access to apps? (Choose two.)
A. ISE
B. ACI
C. TrustSec
D. Duo
E. SD-Access

AD
A ISE
D Duo

How well did you know this?

Not at all

Perfectly

What are two solutions Cisco offers for email security? (Choose two.)
A. Tetration
B. Meraki
C. Cloudlock
D. Umbrella
E. AMP for Email Security

DE
D Umbrella
E AMP

How well did you know this?

Not at all

Perfectly

Which two Cisco products remediate network, cloud, and endpoint threats? (Choose two.)
A. AMP for Endpoints
B. Duo
C. Cisco Security Connector
D. pxGrid
E. Stealthwatch

AE
A AMP
E Stealthwatch

How well did you know this?

Not at all

Perfectly

Which two products empower customers to create secure next-gen networks? (Choose two.)
A. AMP
B. SD-Access
C. MFA
D. ISE
E. ACI

BE
B - SD-Access - establish identity and access policy
E - ACI for Data Centers

How well did you know this?

Not at all

Perfectly

What are two critical networking challenges? (Choose two.)
A. Threat protection
B. Orchestration
C. Automation
D. Access
E. Visibility

AE
A Orchestration
E Visibility

How well did you know this?

Not at all

Perfectly

What percent of threats did ASA with FilePOWER block that earned AMP the highest security effectiveness scores in third-party testing?
A. 98.5%
B. 95.6%
C. 99.2%
D. 100%

C 99.2%

How well did you know this?

Not at all

Perfectly

Which two areas require secure access? (Choose two.) A. Worktable B. Workspace C. Workloads D. Workforce E. Workflow

CD C Workloads D Workforce (Areas are Workforce, Workplace and Workloads) | Workflow is not an area.

Which two attack vectors are protected by Web Security? (Choose two.) A. Web B. Cloud C. Voicemail D. Data Center E. Email

AB A web B Cloud

What are two key capabilities of Meraki? (Choose two.) A. identity-based and device-aware security B. application visibility and control C. device profiling D. contextual awareness E. security automation

AB A - Identity-based and device-aware security B - AVC

What is a key feature of Duo? A. Provides SSL VPN B. Supports pxGrid C. Authenticates user identity for remote access D. Automates policy creation for IT staff

C Authenticates user identity

Which feature of AnyConnect provides customers the ability to monitor endpoint application usage to uncover potential behavior anomalies? A. Differentiated Mobile Access B. Secure Layer 2 Network Access C. Trusted Network Detection D. Network Visibility Module

D Network Visibility Module

Which feature of StealthWatch aggregates and normalizes NetFlow data? A. Netflow analytics B. Forensic investigation C. Advanced malware protection D. FlowCollector

D Forensic investigation

What does remote access use to verify identity? A. Agents B. MFA C. Remote Access VPN D. AMP for Endpoints

B MFA | MFA uses DUO

What are two common seller obstacles? (Choose two.) A. Seller competition B. Overcrowded portfolios C. Fragmented solutions D. Unresponsive potential customers E. Complexity of solution components

BE B - Overcrowded Portfolios E - Complexity of Solution Components

What is one of the key features of Cognitive Intelligence? A. Allows visibility into anonymous and encrypted communications B. It enables greater threat intelligence with entity modeling C. It enables safe email usage with event analytics D. It enhances anonymity with URL filtering

B is a feature. (A is listed as a benefit)

Which two attack vectors are protected by Malware Protection? (Choose two.) A. Voicemail B. Web C. Mobile D. Email E. Data Center

BD B. Web D. Email

What are three key benefits of Cisco NGFW? (Choose three.) A. Reduces throughput B. Increases traffic latency C. Detects and remediates threats faster D. Identifies anomalous traffic E. Prepares defenses F. Reduces complexity

CEF C - Detects and remediates threats faster E - Prepares Defenses F - Reduces complexity

What are two features of Advanced Malware Protection (AMP)? (Choose two.) A. File Retrospection and Trajectory B. Dynamic Malware Analysis C. Local Threat Intelligence D. Automated Policy Management E. Automatic Behavioral Authorization

AB A File Retrospection and Trajectory B Dynamic Malware Analysis

What is a continuous protection feature of Advanced Malware Protection? A. File Reputation B. Behavioral Indicators of Compromise C. Global Threat Intelligence D. Sandboxing File Analysis

B Behavioural Indicators of Compromise - Continuous Protection

Which feature of ISE has the capability to encounter a device new on the market, and correctly profile it to onboard it quickly and easily? A. Device profiling B. Centralized policy management C. Context-aware access D. Platform exchange grid

A Device profiling

What are two features provided by ISE? (Choose two.) A. Device Firewalling B. Guest Management C. DDOS attack prevention D. Centralized policy management E. Network visibility

BD B Guest Management E Centralized policy management

What are two solutions Cisco offers for web security? (Choose two.) A. Cloudlock B. AMP for Web Security C. Cognitive Intelligence D. CRES E. NGFW

BC B. AMP for Web Security C. Cognitive Intelligence

What do customers receive when implementing TrustSec? A. Context-aware access enhancing the forensic capabilities available to their IT team B. SSL decryption enabling secure communications on and off company networks C. Dynamic role-based access control that enables them to enforce business role policies across all network services D. Dynamic profiling and onboarding, enabling businesses to control company role policies across all network services

C Dynamic role-based access control

Which two IoT environment layers are protected by AMP for Endpoints? (Choose two.) A. Control Layer B. Internet/Cloud C. Data Center D. Things E. Access Points

BD B - Internet/Cloud D - Things

What does Cisco provide via Firepower's simplified, consistent management? A. Higher value B. Reduced complexity C. Improved speed to security D. Reduced down time

B Reduced complexity

What are three major features of StealthWatch? (Choose three.) A. Real-time sandboxing B. Forensic investigation C. Threat-based anomaly detection D. Data Loss Prevention E. Netflow monitoring F. Malware clustering

BCE B - Forensic investigation C - Threat-based anomaly detection E - Netflow Monitoring

What are two key advantages of Cisco's Security Solutions Portfolio? (Choose two.) A. An effective security solution portfolio can help customers overcome ever-growing security challenges B. Cisco Security provides direct, simple, and balanced detection by driving customer outcomes C. Cisco Security provides flexible, simple, and integrated advanced threat detection, through a multilayered approach. D. The Cisco Security Portfolio offers realtime access control and event monitoring to drive business outcomes. E. The Cisco Security Portfolio provides security across the entire business environment.

AE A - an effective security portfolio provides customers with the necessary tools and resources to overcome their ever growing security challenges E - a holistic set of solutions to help them discover and remediate threats quickly across their entire business environment

Which statement best embodies trust-centric security? A. Verify before granting access via identity-based policies for users, devices, apps, and locations B. Prevent attacks via an intelligence-based policy, then detect, investigate, and remediate. C. Verify before granting access via MDM software. D. Protect users from attacks by enabling strict security policies.

A Verify before granting access

What are two tenants of establishing an SD-perimeter? (Choose two.) A. Securing device access B. Securing network access C. Securing user-device trust D. Securing app access E. Securing endpoints

BD B Securing Network Access D Securing App access

Which three customer business objectives does Cisco's Advanced Threat solutions address? (Choose three.) A. Visibility and control with a managed environment B. Secure communications with advanced access C. Lower TCO through intelligent API management D. Comprehensive support with flexible solutions E. Complete protection with holistic defense F. Accelerated firewall implementation

ADE A Visibility and Control with a Managed Environment D Comprehensive support with Flexible solutions E Complete protection with Holistic defense

What do Cisco NGFW fully integrated platforms offer that allow other security components to participate to achieve pervasive and consistent enforcement? A. Telemetry, shared intelligence, and profiling sources B. Context, telemetry and intelligence sources C. Intelligence sources, telemetry, and shared intelligence D. Context, telemetry, and profiling sources

B - Context, telemetry and intelligence sources

Which two attack vendors are protected by Visibility and Enforcement? (Choose two.) A. Web B. Cloud C. Endpoints D. Email E. Mobile

CE C - Endpoints E - Mobile

What are two steps organizations must take to secure IoT? (Choose two.) A. block contractors B. prevent blackouts C. acquire subscription solutions D. remediate malfunctions E. update equipment

DE D remediate malfunctions E update equipment

Which feature of Cognitive intelligence can separate statistically normal traffic from anomalous traffic? A. Anomaly modeling B. Anomaly detection C. Event classification D. Trust modeling

B Anomaly Detection

In the Campus NGFW use case, which capability is provided by NGFW & NGIPS? A. Flexible AAA Options B. Differentiated Mobile Access C. High throughput maintained while still protecting domains against threats D. Identity Service Engine

C High throughput maintained while still protecting domains against threats

What are three main areas of the Cisco Security Portfolio? (Choose three.) A. IoT Security B. Roaming Security C. Advanced Threat D. Cloud Security E. Voice & Collaboration F. Firewalls

ACD A - IoT Security C - Advanced Threat D - Cloud Security

What are two common customer obstacles? (Choose two.) A. Compliance regulations B. Security system blackouts C. High turnover of IT professionals D. Limited resources E. Lack of solution integration

AE A - Compliance regulations E - Lack of solution integration

In which two ways has digitization transformed today's security threat landscape? (Choose two.) A. Decreasing endpoint ecosystem B. Increasing access points C. Expanding complexity D. Decreasing 3 party applications E. Growing ecosystem

CE C - Expanding Complexity E - Growing ecosystem

In which two ways should companies modernize their security philosophies? (Choose two.) A. Rebuild their security portfolios with new solutions B. Complement threat-centric tactics with trust-centric methods C. Expand their IT departments D. Decrease internal access and reporting E. Reinforce their threat-centric security tactics

BE B - Complement threat-centric tactics E - Reinforce threat-centric tactics

Which two elements does Advanced Malware Protection provide? (Choose two.) A. dynamic data analysis B. intrusion analysis C. dynamic URL filtering D. reputation analytics E. advanced analytics

AE A - Dynamic Analysis E - Advanced Analytics

How do AMP's device trajectory capabilities help address customers' breach remediation issues? A. It analyzes the data from suspicious files to provide a new level of threat intelligence B. It searches for potential threats based on identified activities and behaviors. C. It determines the scope and cause of an outbreak and tracks suspicious files D. It tracks file behavior across the network to see which devices it enters and exits

C It determines the scope and cause of an outbreak and tracks suspicious files

Which two attack vectors are protected by MFA? (Choose two.) A. Mobile B. Cloud C. Data center D. Web E. Endpoints

AE A Mobile E Web

Where do you start to achieve true network visibility? A. OT B. Branches C. IT D. Fabric Level

D Fabric Level

What are two capabilities of Cisco's NGFW Identity Based Policy Control feature? (Choose two.) A. access to multiple data layers B. threats stopped from getting in and spreading C. see and share malware details D. access to Trojan downloader

AB A Access to multiple data layers is probably the best second capability as C and D feel wrong. B threats stopped from getting in and spreading - Identity based policy control

What are three benefits that Cisco Umbrella brings to DNS-Layer Security? (Choose three.) A. Reputation filtering B. Malware scanning C. Predictive intelligence D. Breach mitigation E. Off-network security F. Recursive DNS

CEF C Predictive intelligence E Off-network security F Recursive DNS

What is an attribute of Cisco Talos? A. Blocks threats in real time B. Real-time threat information C. 3rd party applications integrated through comprehensive APIs rd D. Detection of threats communicated within 48 hours of occurrence

B Real-time threat intelligence

What does TrustSec assign to the user or device traffic at ingress that enforces the access policy based on the tag in the infrastructure? A. VXLAN B. Ingress VLAN C. Security Group Tag D. Access Control List

C Security Group Tag

How does AnyConnect provide highly secure access for select enterprise mobile apps? A. Per application VPN B. Secure Layer 2 Network Access C. Application Visibility & control D. Identity Service Engine

A Per application VPN

What are the competing IT and Operation Technology (OT) priorities that make securing IoT difficult? A. Innovation vs. manufacturing B. Hackers vs. safety C. Malfunctions vs. output D. Security vs. availability

D Security vs availability

Which two features are part of Cisco Web security? (Choose two.) A. user authentication B. device profiling and onboarding C. URL filtering & dynamic content analysis D. intrusion prevention E. user identity tracking

CD C. URL filtering & dynamic content analysis D. intrusion prevention

Which two products are involved in discovering, classifying, and verifying profiles? (Choose two.) A. Duo B. Cisco Security Connector C. Industrial Network Director D. Identity Services Engine E. Advanced Malware Protection

CD C Industrial Network Director D - ISE

What are two solutions for Cisco Cloud Security? (Choose two.) A. cloud data security B. intrusion prevention C. advanced network security D. cloud-delivered security E. cloud security

DE D Cloud-delivered security E Cloud Security

How does AMP's file reputation feature help customers? A. It enables secure web browsing with cognitive threat analytics B. It enables point in time detection through a one-to-one engine C. It increases the accuracy of threat detection with Big Data analytics D. It increases the protection to systems with exact fingerprinting

C It increases the accuracy of threat detection with Big Data analytics

Which two attack vectors are protected by NGFW? (Choose two.) A. Mobile B. Data Center C. Cloud D. Web E. Email

BC B Data Center C Cloud

What are three main solutions areas for Advanced Threat? (Choose three.) A. NGFW B. Network Analytics C. Intrusion Analytics D. Threat Analytics E. Malware Protection F. Threat Defense

BCE B Network Analytics C Intrusion Analytics E Malware Protection

What is a key feature of Application Visibility and Control? A. Retrospective security B. Control of protocol-hopping apps that evade traditional firewalls C. Scalable policy inheritance D. Automated remediation APIs

B Control of protocol-hopping apps

Which two security areas are part of Cisco's campus & branch solutions? (Choose two.) A. Network Analytics B. Behavioral Indication of Compromise C. Remote Access VPN D. File Retrospection and Trajectory E. Mobile Access

AC A Network Analytics C Remote Access VPN

On average, how many days elapse before businesses discover that they have been hacked? A. 50 B. 30 C. 10 D. 70

A 50 days

What is one of the reasons that customers need a Visibility & Enforcement solution? A. Storage is moving from on-premises to cloud-based B. Network traffic is growing at an exponential rate C. Organizations need the ability to block high-risk websites D. Businesses can't see or protect devices on their network

D Businesses can't see or protect devices on their network

Which two attack vectors are protected by Cloud Security? (Choose two.) A. Web B. Cloud C. Endpoints D. Data Center E. Email

BC B cloud C Endpoints

What is used to reduce attack surfaces? A. Device trust B. Remediation C. Segmentation D. Access

C Segmentation

What are two areas present a security challenge for customers? (Choose two.) A. Email B. Corporate priorities C. IoT devices D. IT departments E. OT environments

AC A - Email C - IOT Devices

SASE Flashcards

(80 cards)