• Shuffle
    Toggle On
    Toggle Off
  • Alphabetize
    Toggle On
    Toggle Off
  • Front First
    Toggle On
    Toggle Off
  • Both Sides
    Toggle On
    Toggle Off
  • Read
    Toggle On
    Toggle Off
Reading...
Front

Card Range To Study

through

image

Play button

image

Play button

image

Progress

1/41

Click to flip

Use LEFT and RIGHT arrow keys to navigate between flashcards;

Use UP and DOWN arrow keys to flip the card;

H to show hint;

A reads text to speech;

41 Cards in this Set

  • Front
  • Back

What layer of the OSI model that is the primary target of most modern security attacks?

Application Layer

What type of attack executes arbirary code and installs copies of itself in the memory of the infected computer, which infects hosts.

Worm

These groups within Cisco merged to form CSI (collective security intelligence)?

  • Sourcefire VRT (vulnerability research team)
  • SIO (security intelligence operations)

What stage of APT involves intruders gathering information about the network including credentials.

Enumerate the netwok

This group is an open community that focuses on Web Security in the internet?

OWASP



Open Web Application Security Project

These are the major areas of the new security model at cisco?

  • Before
  • During
  • After

What product is best positioned in the "after phase"

AMP



Advance Malware Protection

What type of attach occurs when multiple systems flood the bandwidth or resources of a targeted system, usually one or more web servers. This is the result of multiple compromised systems (for example a botnet) flooding the targeted system(s) with traffic. When a server is overloaded with connections, new connections can no longer be accepted.

DDOS

What type of security device controls who/what can access the network and uses rules to determine access?

Firewall

What type of security device is used to prevent trojans, botnets, worms, and attacks against OS and application vulnerabilities.

IPS

What is the step in the ATP attack cycle where data is moved out of the victim's network

Exfiltration

What service module in the Catalyst 6500 should be targeted for replacement by the ASA-SM?

FWSM



Firewall Services Module

What protocol is used between the ASA and Ironport Web Security Appliance to redirect traffic for inspection?

WCCP



Web Cache Control Protocol



(Day 3, slide 33)

What Cisco security appliance doesn't have FIPS certifications and are not recommended for government clients.

Meraki MX

What Cisco application is used to manage multiple Cisco Firewalls and traditional Cisco IPSs?

CSM



Cisco Security Manager



(Day 2, Slide 15)

The ASA 5512-X requires this license to support high availability?

Security Plus License

This ASA model supports clustering for up to 8 units?

5585-X

What three major feature groups can be added to the sourcefire NGIPS?

  • URL Filtering
  • AMP
  • Application Control

What application is used to manage the IPS on a Cisco ASA?

FireSight

What is Cisco UTM (unified threat management) platform?

Meraki MX

What Cisco management platform was created to manage Cisco ASA CX?

PRSM



Prime Security Manager



(Day 2, Slide 15)

What AMP feature tracks file and malware location and movement across the organization before and after the infection?

File Trajectory

This advanced malware prevention engine handles fuzzy fingerprinting and this engine handles machine learning?

  • Ethos
  • Spero


(Day 3, slide 14)

What advanced malware prevention solution targets outbreak control with fast containment?

AMP for endpoints

What appliance is specifically focused on web security, content filtering, and DLP?

WSA (Web Security Appliance)

This ISE license is required for all endpoints?

Base License

What is the brains of the ACI?

APIC

What anyconnect module provides the ability to encrypt traffic at layer 2?

NAM Module



Network Access Module



(Day 5, slide 10)

What anyconnect module provides functionality similar to ISE, but is used with ASA anyconnect remote access VPN clients.

Posture Module



NOTE:


You do not have to have ISE to run posturing on the ASA. But if you have ISE, you will use the NAC (Clean Access) client in addition to anyconnect (posture module not required to integrate the posture checks with the ISE infrastructure.

What Cisco partner's solution collects netflow and ISE data to provide day zero detection of suspicious network activity as well as visibility of network communications.

  • Lancope
  • Stealthwatch


(DAY 5, Slide 28)

What IPS competitor has a 14.4% market share?

IBM

What 3 vendors are available in the Ironport Dynamic Vectoring and Streaming Engine of the WSA and used to mitigate the spread of Viruses, Trojans and worms?

  • Sophos
  • McAfee
  • WebRoot

TrustSec Security Group Tags (SGT's) should be applied at this point in the network.

Ingress point of the TrustSec network domain,

Ingress point of the TrustSec network domain,

What security appliances can collect information on security attacks and send that information to CSI (Collective Security Intelligence)?

  • WSA (web Security Appliance)
  • ESA (Email Security Appliance)
  • IPS (Intrusion Prevention System)
  • ASA (Adaptive Security Appliance)
  • ISR
  • Etc

What stand-alone security appliance is specifically

WSA

WSA

Spam defense via Senderbase reputation filtering is used in this appliance for customers concerned about stopping security threats coming into the organization via email.

ESA

ESA

What term is used to specify the who, what, when, where, and how when accessing a TrustSec secured network?

Contextual Awareness

Contextual Awareness

MacSec provides layer 2 hop-by-hop encryption and integrity, basd on the IEEE standard.

IEEE 802.1AE

IEEE 802.1AE

What security technology implements a 16 bit (65k) tage to enable a source "group" to destination "group" relationship and reduce the number of complex access-list entries.

Security Group Tagging (SGT)

Security Group Tagging (SGT)

What component of TrustSec enables the discovery and classification of devices such as printers or IP Phones?

Profiling Services

Profiling Services

What are the types of authorization actions performed on ingress traffic in a TrustSec environment?

dACL or named ACL
VLAN
SGA
  • dACL or named ACL
  • VLAN
  • SGA