Which feature of WEP was intended to prevent an attacker from altering and resending data packets over a WEP connection?
A. The RC4 cipher
B. Transport Layer Security
C. Message integrity checks
D. MDS hashing
E. The cyclic redundancy check
Which two statements about the SeND protocol are true? (Choose two)
A. It counters neighbor discovery threats
B. It logs IPv6-related threats to an external log server
C. It supports numerous custom neighbor discovery messages
D. It supports an autoconfiguration mechanism
E. It uses IPsec as a baseline mechanism
F. It must be enabled before you can configure IPv6 addresses
Which two effects of this configuration are true? (Choose two)
A. If the TACACS+ server is unreachable, the switch places hosts on critical ports in VLAN 50
B. The device allows multiple authenticated sessions for a single MAC address in the voice domain
C. If multiple hosts have authenticated to the same port, each can be in their own assigned VLAN
D. If the authentication priority is changed the order in which authentication is preformed also
E. The switch periodically sends an EAP-Identity-Request to the endpoint supplicant
F. The port attempts 802.1x authentication first, and then falls back to MAC authentication bypass
Which statement about Health monitoring on the firepower system is true?
A. Descendant domains in a multi-domain deployment can view, edit, and apply policies from ancestor domains.
B. The administrator of a descendant domain is unable to edit or deleted blacklists applied by the
administrator of an ancestor domains.
C. If you apply a policy without active modules to a device, the previous health policy remains in effect unless you delete it.
D. Health events are generated even when the health monitoring status is disabled
E. The default health policy is automatically applies to all managed devices.
F. When you delete a health policy that is applied to a device, the device reverts to the default health policy.
Which three statements about Dynamic ARP inspection on Cisco switches are true? (Choose three)
A. The trusted database can be manually configured using the CLI
B. Dynamic ARP inspection is supported only on access ports
C. Dynamic ARP inspection does not perform ingress security checking
D. DHCP snooping is used to dynamically build the trusted database
E. Dynamic ARP inspection checks ARP packets against the trusted database
F. Dynamic ARP inspection checks ARP packets on trusted and untrusted ports
Which Cisco Firepower interface mode allows you to send inline traffic directly through the device and only inspect a copy of the traffic?
A. TAP mode
B. Automatic application bypass mode
C. Delay thresh-hold mode
D. Fast-path mode
Which two options are open-source SDN controllers? (Choose two)
C. Big Cloud Fabric
D. Virtual Application Networks SDN Controller
E. Application Policy Infrastructure Controller
Which three statements are true after a successful IPsec negotiation has taken place? (Choose three)
A. After the IPsec tunnel is established data is encrypted using one set of DH-generated keying material
B. After the IPsec tunnel is established, data is encrypted using two sets of DH-generated keying material
C. Two tunnels were established, the first one is for ISAXMP and IPsec negotiation and the second one is for data encryption as a result of IPsec negation
D. The ISAKMP tunnel was established to authenticate the peer and discretely negotiate the IPsec parameters
E. One secure channel and one tunnel were established, the secure channel was established by ISAKMP negotiations followed by an IPsec tunnel for encrypting user data
F. The ISSKMP secure channel was established to authenticate the peer and discretely negotiate the IPsec parameters