An organization has noticed an increase in malicious content downloads and wants to use Cisco Umbrella to prevent this activity for suspicious domains while allowing normal web traffic. Which action will accomplish this task?
Correct Answer: B
Obviously, if you allow all traffic to these risky domains, users might access malicious content, resulting in an infection or data leak. But if you block traffic, you can expect false positives, an increase in support inquiries, and thus, more headaches. By only proxying risky domains, the intelligent proxy delivers more granular visibility and control. The intelligent proxy bridges the gap by allowing access to most known good sites without being proxied and only proxying those that pose a potential risk. The proxy then filters and blocks against specific URLs hosting malware while allowing access to everything else.
Question 462
Which two kinds of attacks are prevented by multifactor authentication? (Choose two.)
Correct Answer: D,E
Question 463
Drag and drop the descriptions from the left onto the encryption algorithms on the right.
Correct Answer:
Question 464
An engineer wants to automatically assign endpoints that have a specific OUI into a new endpoint group. Which probe must be enabled for this type of profiling to work?
Correct Answer: B
Cisco ISE can determine the type of device or endpoint connecting to the network by performing "profiling." Profiling is done by using DHCP, SNMP, Span, NetFlow, HTTP, RADIUS, DNS, or NMAP scans to collect as much metadata as possible to learn the device fingerprint. NMAP ("Network Mapper") is a popular network scanner which provides a lot of features. One of them is the OUI (Organizationally Unique Identifier) information. OUI is the first 24 bit or 6 hexadecimal value of the MAC address. Note: DHCP probe cannot collect OUIs of endpoints. NMAP scan probe can collect these endpoint attributes: + EndPointPolicy + LastNmapScanCount + NmapScanCount + OUI + Operating-system Reference: http://www.network-node.com/blog/2016/1/2/ise-20-profiling Profiling is done by using DHCP, SNMP, Span, NetFlow, HTTP, RADIUS, DNS, or NMAP scans to collect as much metadata as possible to learn the device fingerprint. NMAP ("Network Mapper") is a popular network scanner which provides a lot of features. One of them is the OUI (Organizationally Unique Identifier) information. OUI is the first 24 bit or 6 hexadecimal value of the MAC address. Note: DHCP probe cannot collect OUIs of endpoints. NMAP scan probe can collect these endpoint attributes: + EndPointPolicy + LastNmapScanCount + NmapScanCount + OUI + Operating-system Cisco ISE can determine the type of device or endpoint connecting to the network by performing "profiling." Profiling is done by using DHCP, SNMP, Span, NetFlow, HTTP, RADIUS, DNS, or NMAP scans to collect as much metadata as possible to learn the device fingerprint. NMAP ("Network Mapper") is a popular network scanner which provides a lot of features. One of them is the OUI (Organizationally Unique Identifier) information. OUI is the first 24 bit or 6 hexadecimal value of the MAC address. Note: DHCP probe cannot collect OUIs of endpoints. NMAP scan probe can collect these endpoint attributes: + EndPointPolicy + LastNmapScanCount + NmapScanCount + OUI + Operating-system Reference: http://www.network-node.com/blog/2016/1/2/ise-20-profiling
Question 465
Which service allows a user export application usage and performance statistics with Cisco Application Visibility and control?
