Question 181
Which DevSecOps implementation process gives a weekly or daily update instead of monthly or quarterly in the applications?
A. CI/CD pipeline
B. container
C. orchestration
D. security
Question 182
Which system facilitates deploying microsegmentation and multi-tenancy services with a policy-based container?
A. SDLC
B. Lambda
C. Contiv
D. Docker
Question 183
An organization is selecting a cloud architecture and does not want to be responsible for patch management of the operating systems. Why should the organization select either Platform as a Service or Infrastructure as a Service for this environment?
A. Infrastructure as a Service because the customer manages the operating system.
B. Platform as a Service because the service provider manages the operating system.
C. Infrastructure as a Service because the service provider manages the operating system.
D. Platform as a Service because the customer manages the operating system.
Question 184
How does a cloud access security broker function?
A. It is an authentication broker to enable single sign-on and multi-factor authentication for a cloud solution.
B. It scans other cloud solutions being used within the network and identifies vulnerabilities.
C. It integrates with other cloud solutions via APIs and monitors and creates incidents based on events from the cloud solution.
D. It acts as a security information and event management solution and receives syslog from other cloud solutions.
Question 185
An organization has a requirement to collect full metadata information about the traffic going through their AWS cloud services. They want to use this information for behavior analytics and statistics. Which two actions must be taken to implement this requirement? (Choose two.)
A. Send syslog from AWS to Cisco Stealthwatch Cloud.
B. Configure Cisco Stealthwatch Cloud to ingest AWS information. Most Voted
C. Send VPC Flow Logs to Cisco Stealthwatch Cloud. Most Voted
D. Configure Cisco Thousand Eyes to ingest AWS information.
E. Configure Cisco ACI to ingest AWS information.
Question 186
An organization wants to implement a cloud-delivered and SaaS-based solution to provide visibility and threat detection across the AWS network. The solution must be deployed without software agents and rely on AWS VPC flow logs instead. Which solution meets these requirements?
A. NetFlow collectors
B. Cisco Cloudlock
C. Cisco Stealthwatch Cloud
D. Cisco Umbrella
Question 187
Where are individual sites specified to be blacklisted in Cisco Umbrella?
A. application settings
B. content categories
C. security settings
D. destination lists
Question 188
An engineer configured a new network identity in Cisco Umbrella but must verify that traffic is being routed through the Cisco Umbrella network.Which action tests the routing?
A. Ensure that the client computers are pointing to the on-premises DNS servers.
B. Enable the Intelligent Proxy to validate that traffic is being routed correctly.
C. Add the public IP address that the client computers are behind to a Core Identity.
D. Browse to http://welcome.umbrella.com/ to validate that the new identity is working. Most Voted
Question 189
How does Cisco Umbrella archive logs to an enterprise-owned storage?
A. by using the Application Programming Interface to fetch the logs
B. by sending logs via syslog to an on-premises or cloud-based syslog server
C. by the system administrator downloading the logs from the Cisco Umbrella web portal
D. by being configured to send logs to a self-managed AWS S3 bucket
Question 190
Which API is used for Content Security?
A. NX-OS API
B. IOS XR API
C. OpenVuln API
D. AsyncOS API
