1.
Which of the following is not true of SIM systems? (Select the best answer.)
2.
In the Cisco ISE GUI, you click Administration > Certificates > Certificate Store and notice that a SCEP NDES server RA certificate is installed on the ISE node. Which of the following best describes the reason the certificate is there? (Select the best answer.)
3.
You issue the following commands on a Cisco router:
tacacsserver host ts1 timeout 30 tacacsserver timeout 20
Which of the following is true about how the Cisco router communicates with the TACACS+ server? (Select the best answer.)
4.
You are configuring VPN access for Cisco AnyConnect clients. You finish the configuration by establishing a fail open policy.
Which of the following is true of AnyConnect clients that fail to establish a VPN session? (Select the best answer.)
5.
Which of the following web application threats is not typically mitigated by installing a WAF? (Select the best answer.)
6.
Which of the following is a set of rules to which a Cisco IPS appliance can compare network traffic to determine whether an attack is occurring? (Select the best answer.)
7.
Which of the following describes the primary difference between PGP and S/MIME? (Select the best answer.)
8.
Which of the following failover link configurations can leave an ASA vulnerable to replay attacks? (Select the best answer.)
9.
Which of the following fields make up the header of an ESP packet? (Select 2 choices.)
10.
You want to use the authentication event noresponse action authorize vlan 101 command to ensure that network devices incapable of using 802.1X authentication are automatically placed into VLAN 101, which is the guest VLAN. Which of the following VLAN types can you specify as an 802.1X guest VLAN? (Select the best answer.)