Question 141
An engineer is configuring their router to send NetfFow data to Stealthwatch which has an IP address of 1.1.1.1 using the flow record Stealthwatch406143794 command. Which additional command is required to complete the flow record?
A. cache timeout active 60
B. destination 1.1.1.1
C. match ipv4 ttl
D. transport udp 2055
Question 142
An engineer is adding a Cisco DUO solution to the current TACACS+ deployment using Cisco ISE. The engineer wants to authenticate users using their account when they log into network devices. Which action accomplishes this task?
A. Configure Cisco DUO with the external Active Directory connector and tie it to the policy set within Cisco ISE.
B. Install and configure the Cisco DUO Authentication Proxy and configure the identity source sequence within Cisco ISE.
C. Modify the current policy with the condition MFA: SourceSequence:DUO=true in the authorization conditions within Cisco ISE.
D. Create an identity policy within Cisco ISE to send all authentication requests to Cisco DUO.
Question 143
What is the function of the crypto isakmp key cisc406143794 address 0.0.0.0 0.0.0.0 command when establishing an IPsec VPN tunnel?
A. It prevents all IP addresses from connecting to the VPN server.
B. It configures the pre-shared authentication key.
C. It configures the local address for the VPN server.
D. It defines what data is going to be encrypted via the VPN.
Question 144
An administrator is adding a new switch onto the network and has configured AAA for network access control. When testing the configuration, the RADIUS authenticates to Cisco ISE but is being rejected. Why is the ip radius source-interface command needed for this configuration?
A. Only requests that originate from a configured NAS IP are accepted by a RADIUS server.
B. The RADIUS authentication key is transmitted only from the defined RADIUS source interface.
C. RADIUS requests are generated only by a router if a RADIUS source interface is defined.
D. Encrypted RADIUS authentication requires the RADIUS source interface be defined.
Question 145
Which statement about the configuration of Cisco ASA NetFlow v9 Secure Event Logging is true?
A. To view bandwidth usage for NetFlow records, the QoS feature must be enabled.
B. A sysopt command can be used to enable NSEL on a specific interface.
C. NSEL can be used without a collector configured.
D. A flow-export event type must be defined under a policy.
Question 146
Which feature requires a network discovery policy on the Cisco Firepower NGIPS?
A. security intelligence
B. impact flags
C. health monitoring
D. URL filtering
Question 147
Which policy is used to capture host information on the Cisco Firepower Next Generation Intrusion Prevention System?
A. correlation
B. intrusion
C. access control
D. network discovery
Question 148
What is a characteristic of traffic storm control behavior?
A. Traffic storm control drops all broadcast and multicast traffic if the combined traffic exceeds the level within the interval.
B. Traffic storm control cannot determine if the packet is unicast or broadcast.
C. Traffic storm control monitors incoming traffic levels over a 10-second traffic storm control interval.
D. Traffic storm control uses the Individual/Group bit in the packet source address to determine if the packet is unicast or broadcast.
Question 149
DRAG DROP -Drag and drop the Firepower Next Generation Intrusion Prevention System detectors from the left onto the correct definitions on the right.Select and Place:
Question 150
Refer to the exhibit. Which statement about the authentication protocol used in the configuration is true?
A. The authentication request contains only a password
B. The authentication request contains only a username
C. The authentication and authorization requests are grouped in a single packet.
D. There are separate authentication and authorization request packets.
