Use LEFT and RIGHT arrow keys to navigate between flashcards;
Use UP and DOWN arrow keys to flip the card;
H to show hint;
A reads text to speech;
41 Cards in this Set
- Front
- Back
What layer of the OSI model that is the primary target of most modern security attacks? |
Application Layer |
|
What type of attack executes arbirary code and installs copies of itself in the memory of the infected computer, which infects hosts. |
Worm |
|
These groups within Cisco merged to form CSI (collective security intelligence)? |
|
|
What stage of APT involves intruders gathering information about the network including credentials. |
Enumerate the netwok |
|
This group is an open community that focuses on Web Security in the internet? |
OWASP
Open Web Application Security Project |
|
These are the major areas of the new security model at cisco? |
|
|
What product is best positioned in the "after phase" |
AMP
Advance Malware Protection |
|
What type of attach occurs when multiple systems flood the bandwidth or resources of a targeted system, usually one or more web servers. This is the result of multiple compromised systems (for example a botnet) flooding the targeted system(s) with traffic. When a server is overloaded with connections, new connections can no longer be accepted. |
DDOS |
|
What type of security device controls who/what can access the network and uses rules to determine access? |
Firewall |
|
What type of security device is used to prevent trojans, botnets, worms, and attacks against OS and application vulnerabilities. |
IPS |
|
What is the step in the ATP attack cycle where data is moved out of the victim's network |
Exfiltration |
|
What service module in the Catalyst 6500 should be targeted for replacement by the ASA-SM? |
FWSM
Firewall Services Module |
|
What protocol is used between the ASA and Ironport Web Security Appliance to redirect traffic for inspection? |
WCCP
Web Cache Control Protocol
(Day 3, slide 33) |
|
What Cisco security appliance doesn't have FIPS certifications and are not recommended for government clients. |
Meraki MX |
|
What Cisco application is used to manage multiple Cisco Firewalls and traditional Cisco IPSs? |
CSM
Cisco Security Manager
(Day 2, Slide 15) |
|
The ASA 5512-X requires this license to support high availability? |
Security Plus License |
|
This ASA model supports clustering for up to 8 units? |
5585-X |
|
What three major feature groups can be added to the sourcefire NGIPS? |
|
|
What application is used to manage the IPS on a Cisco ASA? |
FireSight |
|
What is Cisco UTM (unified threat management) platform? |
Meraki MX |
|
What Cisco management platform was created to manage Cisco ASA CX? |
PRSM
Prime Security Manager
(Day 2, Slide 15) |
|
What AMP feature tracks file and malware location and movement across the organization before and after the infection? |
File Trajectory |
|
This advanced malware prevention engine handles fuzzy fingerprinting and this engine handles machine learning? |
(Day 3, slide 14) |
|
What advanced malware prevention solution targets outbreak control with fast containment? |
AMP for endpoints |
|
What appliance is specifically focused on web security, content filtering, and DLP? |
WSA (Web Security Appliance) |
|
This ISE license is required for all endpoints? |
Base License |
|
What is the brains of the ACI? |
APIC |
|
What anyconnect module provides the ability to encrypt traffic at layer 2? |
NAM Module
Network Access Module
(Day 5, slide 10) |
|
What anyconnect module provides functionality similar to ISE, but is used with ASA anyconnect remote access VPN clients. |
Posture Module
NOTE: You do not have to have ISE to run posturing on the ASA. But if you have ISE, you will use the NAC (Clean Access) client in addition to anyconnect (posture module not required to integrate the posture checks with the ISE infrastructure. |
|
What Cisco partner's solution collects netflow and ISE data to provide day zero detection of suspicious network activity as well as visibility of network communications. |
(DAY 5, Slide 28) |
|
What IPS competitor has a 14.4% market share? |
IBM |
|
What 3 vendors are available in the Ironport Dynamic Vectoring and Streaming Engine of the WSA and used to mitigate the spread of Viruses, Trojans and worms? |
|
|
TrustSec Security Group Tags (SGT's) should be applied at this point in the network. |
Ingress point of the TrustSec network domain, |
|
What security appliances can collect information on security attacks and send that information to CSI (Collective Security Intelligence)? |
|
|
What stand-alone security appliance is specifically |
WSA |
|
Spam defense via Senderbase reputation filtering is used in this appliance for customers concerned about stopping security threats coming into the organization via email. |
ESA |
|
What term is used to specify the who, what, when, where, and how when accessing a TrustSec secured network? |
Contextual Awareness |
|
MacSec provides layer 2 hop-by-hop encryption and integrity, basd on the IEEE standard. |
IEEE 802.1AE |
|
What security technology implements a 16 bit (65k) tage to enable a source "group" to destination "group" relationship and reduce the number of complex access-list entries. |
Security Group Tagging (SGT) |
|
What component of TrustSec enables the discovery and classification of devices such as printers or IP Phones? |
Profiling Services |
|
What are the types of authorization actions performed on ingress traffic in a TrustSec environment? |
|