Question 61
What is a difference between an XSS attack and an SQL injection attack?
A. SQL injection is a hacking method used to attack SQL databases, whereas XSS attack can exist in many different types of applications.
B. XSS attacks are used to steal information from databases, whereas SQL injection attacks are used to redirect users to websites where attackers can steal data from them.
C. XSS is a hacking method used to attack SQL databases, whereas SQL injection attacks can exist in many different types of applications.
D. SQL injection attacks are used to steal information from databases, whereas XSS attacks are used to redirect users to websites where attackers can steal data from them.
Question 62
What is a difference between a DoS attack and DDos attack?
A. A DoS attack is where a computer is used to flood a server with TCP packets, whereas DDoS attack is where a computer is used to flood a server with UDP packets.
B. A DoS attack is where a computer is used to flood a server with UDP packets, whereas DDoS attack is where a computer is used to flood a server with TCP packets.
C. A DoS attack is where a computer is used to flood a server with TCP and UDP packets, whereas DDoS attack is where a computer is used to flood multiple servers that are distributed over a LAN.
D. A DoS attack is where a computer is used to flood a server with TCP and UDP packets, whereas DDoS attack is where multiple systems target a single system with a DoS attack.
Question 63
What are two advantages of using Cisco AnyConnect over DMVPN? (Choose two.)
A. It provides spoke-to-spoke communications without traversing the hub.
B. It enables VPN access for individual users from their machines.
C. It allows multiple sites to connect to the data center.
D. It allows different routing protocols to work over the tunnel.
E. It allows customization of access policies based on user identity.
Question 64
What is the difference between a vulnerability and an exploit?
A. A vulnerability is a weakness that can be exploited by an attacker.
B. A vulnerability is a hypothetical event for an attacker to exploit.
C. An exploit is a hypothetical event that causes a vulnerability in the network.
D. An exploit is a weakness that can cause a vulnerability in the network.
Question 65
What is the term for having information about threats and threat actors that helps mitigate harmful events that would otherwise compromise networks or systems?
A. threat intelligence
B. Indicators of Compromise
C. trusted automated exchange
D. The Exploit Database
Question 66
Refer to the exhibit. An engineer is implementing a certificate based VPN. What is the result of the existing configuration?
A. Only an IKEv2 peer that has an OU certificate attribute set to MANGLER establishes an IKEv2 SA successfully.
B. The OU of the IKEv2 peer certificate is used as the identity when matching an IKEv2 authorization policy.
C. The OU of the IKEv2 peer certificate is set to MANGLER.
D. The OU of the IKEv2 peer certificate is encrypted when the OU is set to MANGLER.
Question 67
Which kind of API that is used with Cisco DNA Center provisions SSIDs, QoS policies, and update software versions on switches?
A. event
B. intent
C. integration
D. multivendor
Question 68
A network engineer needs to select a VPN type that provides the most stringent security, multiple security associations for the connections, and efficient VPN establishment with the least bandwidth consumption. Why should the engineer select either FlexVPN or DMVPN for this environment?
A. DMVPN because it uses multiple SAs and FlexVPN does not.
B. DMVPN because it supports IKEv2 and FlexVPN does not.
C. FlexVPN because it supports IKEv2 and DMVPN does not.
D. FlexVPN because it uses multiple SAs and DMVPN does not.
Question 69
Refer to the exhibit. Which command was used to generate this output and to show which ports are authenticating with dot1x or mab?
A. show authentication registrations
B. show authentication method
C. show dot1x all
D. show authentication sessions Most Voted
Question 70
Refer to the exhibit. What does the number 15 represent in this configuration?
A. privilege level for an authorized user to this router
B. access list that identifies the SNMP devices that can access the router
C. interval in seconds between SNMPv3 authentication attempts
D. number of possible failed attempts until the SNMPv3 user is locked out