Question 21
How does DNS Tunneling exfiltrate data?
A. An attacker registers a domain that a client connects to based on DNS records and sends malware through that connection.
B. An attacker opens a reverse DNS shell to get into the client's system and install malware on it.
C. An attacker sends an email to the target with hidden DNS resolvers in it to redirect them to a malicious domain.
D. An attacker uses a non-standard DNS port to gain access to the organization's DNS servers in order to poison the resolutions.
Question 22
An attacker needs to perform reconnaissance on a target system to help gain access to it. The system has weak passwords, no encryption on the VPN links, and software bugs on the system's applications. Which vulnerability allows the attacker to see the passwords being transmitted in clear text?
A. unencrypted links for traffic
B. weak passwords for authentication
C. improper file security
D. software bugs on applications
Question 23
A user has a device in the network that is receiving too many connection requests from multiple machines. Which type of attack is the device undergoing?
A. SYN flood
B. slowloris
C. phishing
D. pharming
Question 24
Which two preventive measures are used to control cross-site scripting? (Choose two.)
A. Enable client-side scripts on a per-domain basis.
B. Incorporate contextual output encoding/escaping. Most Voted
C. Disable cookie inspection in the HTML inspection engine.
D. Run untrusted HTML input through an HTML sanitization engine. Most Voted
E. SameSite cookie attribute should not be used.
Question 25
Which threat involves software being used to gain unauthorized access to a computer system?
A. ping of death
B. HTTP flood
C. NTP amplification
D. virus
Question 26
Which two capabilities does TAXII support? (Choose two.)
A. exchange Most Voted
B. pull messaging Most Voted
C. binding
D. correlation
E. mitigating
Question 27
Which two conditions are prerequisites for stateful failover for IPsec? (Choose two.)
A. Only the IKE configuration that is set up on the active device must be duplicated on the standby device; the IPsec configuration is copied automatically.
B. The active and standby devices can run different versions of the Cisco IOS software but must be the same type of device.
C. The IPsec configuration that is set up on the active device must be duplicated on the standby device. Most Voted
D. Only the IPsec configuration that is set up on the active device must be duplicated on the standby device; the IKE configuration is copied automatically.
E. The active and standby devices must run the same version of the Cisco IOS software and must be the same type of device. Most Voted
Question 28
Which algorithm provides encryption and authentication for data plane communication?
A. AES-GCM
B. SHA-96
C. AES-256
D. SHA-384
Question 29
DRAG DROP -Drag and drop the capabilities from the left onto the correct technologies on the right.Select and Place:
Question 30
Which two key and block sizes are valid for AES? (Choose two.)
A. 64-bit block size, 112-bit key length
B. 64-bit block size, 168-bit key length
C. 128-bit block size, 192-bit key length
D. 128-bit block size, 256-bit key length
E. 192-bit block size, 256-bit key length