1.
Which of the following is primarily true of SEM systems? (Select the best answer.)
2.
You want to configure Cisco ISE as a SCEP proxy to a Microsoft Windows 2008 R2 Server root CA. Which of the following also needs to be configured? (Select the best answer.)
3.
You issue the following commands on a Cisco router: tacacsserver host ts1 single-connection timeout 20 tacacsserver timeout 30 Which of the following are true about how the Cisco router communicates with the TACACS+ server? (Select 2 choices.)
4.
You want to implement a VPN with an alwayson fail close policy for Cisco AnyConnect clients. Which of the following does Cisco recommend that you do? (Select the best answer.)
5.
Your company is using a shopping cart web application that is known to be vulnerable to a code injection attack. Your company has no support agreement for the application, and the application is no longer updated by its author. Modifying the code would require the hiring of additional help and an extensive interview process. Which of the following should your company do in the meantime to most quickly mitigate the threat? (Select the best answer.)
6.
Which of the following is a Cisco IPS appliance feature that analyzes normal network activity to detect hosts that are infected with worms? (Select the best answer.)
7.
Which of the following can be used to encrypt email messages, files, and disk drives? (Select the best answer.)
8.
According to the branch location ACL design guidelines in the Cisco BYOD Design Guide, which protocols should not be permitted by the default ACL that is applied to the access ports of a Layer 2 switch? (Select 2 choices.)
9.
You have issued the following commands to modify the 802.1X configuration on a switch port:
switch(configif)#authentication order mab dot1x
switch(configif)#authentication priority dot1x mab
switch(configif)#authentication event fail action nextmethod
switch(configif)#authentication event noresponse action authorize
vlan 1313
A new host is attached to the switch port. The host's MAC address is in the authentication database, but the host's certificate for 802.1X authentication is expired. Which of the following statements is true regarding the host in this scenario? (Select the best answer.)
10.
Which of the following are symmetric encryption algorithms? (Select 3 choices.)