300-740無料問題集「Cisco Designing and Implementing Secure Cloud Access for Users and Endpoints」

質問 1

URL filtering at the DNS layer is effective in:

（A）Blocking malicious domains before a connection is established

（B）Reducing the effectiveness of web caching

（C）Increasing the load on internal DNS servers

（D）Only resolving domain names faster

正解：A 解答を投票する

質問 2

_________ policies are crucial for restricting access to network resources based on the security health of a device.

（A）Password

（B）Endpoint posture

（C）Network segmentation

（D）Encryption

正解：B 解答を投票する

質問 3

Which attack mitigation must be in place to prevent an attacker from authenticating to a service using a brute force attack?

（A）Use of multifactor authentication for all accounts

（B）Forced password change every 6 months

（C）Use of a 100 ms delay between each authentication

（D）Use of a password manager

正解：A 解答を投票する

解説: (JPNTest メンバーにのみ表示されます)

質問 4

Cisco Secure Workload is used for:

（A）Increasing the workload on servers

（B）Reducing application functionality

（C）Enforcing security policies within application workloads

（D）Encrypting email communications

正解：C 解答を投票する

質問 5

Refer to the exhibit. An engineer must configure a remote access IPsec/IKEv1 VPN that will use AES256 and SHA256 on a Cisco ASA firewall. The indicated configuration was applied to the firewall; however, the tunnel fails to establish. Which two IKEv1 policy commands must be run to meet the requirement? (Choose two.)

（A）integrity aes-256

（B）ipsec-proposal sha-256-aes-256

（C）ipsec-proposal AES256-SHA256

（D）encryption aes-256

（E）hash sha-256

正解：D、E 解答を投票する

解説: (JPNTest メンバーにのみ表示されます)

質問 6

The MITRE ATT&CK framework is primarily used for:

（A）Simplifying application development processes

（B）Developing new attack vectors

（C）Enhancing network throughput

（D）Understanding and categorizing attack techniques and tactics

正解：D 解答を投票する

質問 7

Refer to the exhibit. An engineer must integrate Cisco Cloudlock with Salesforce in an organization. Despite the engineer's successful execution of the Salesforce integration with Cloudlock, the administrator still lacks the necessary visibility. What should be done to meet the requirement?

（A）From Cloudlock, configure the service parameters.

（B）From Salesforce, configure the service parameters.

（C）From Salesforce, enable the View All Data permission.

（D）From Cloudlock, enable the View All Data permission.

正解：D 解答を投票する

解説: (JPNTest メンバーにのみ表示されます)

質問 8

To analyze application dependencies effectively, it is important to use tools like:

（A）Both A and B

（B）Cisco Secure Workload for dynamic security policy enforcement

（C）Firewalls logs for monitoring application traffic

（D）Non-technical assessments without data analysis

正解：A 解答を投票する

質問 9

Direct-internet-access for trusted business applications is beneficial for:

（A）Reducing latency and improving access to cloud resources

（B）Increasing security risks by exposing applications to the internet

（C）Enhancing the user experience by providing quicker access

（D）Simplifying the network architecture

正解：A、C、D 解答を投票する

質問 10

The use of a reverse proxy in cloud security is important for:

（A）Only logging HTTP/HTTPS traffic

（B）Providing an additional layer of abstraction and control to ensure the security of backend servers

（C）Simplifying the network by removing the need for firewalls

（D）Directly exposing application servers to the internet

正解：B 解答を投票する

質問 11

Which tool is specifically designed for analyzing application dependencies and network traffic to ensure security and compliance?

（A）Cisco Secure Workload

（B）Cisco Umbrella

（C）All of the above

（D）Cisco Duo

正解：A 解答を投票する

質問 12

Security audit reports are crucial for:

（A）Identifying compliance gaps and areas lacking sufficient security controls

（B）Eliminating the need for security policies

（C）Promoting a false sense of security

（D）Reducing the overall security budget

正解：A 解答を投票する

質問 13

Refer to the exhibit. An engineer is investigating an issue by using Cisco Secure Cloud Analytics. The engineer confirms that the connections are unauthorized and informs the incident management team. Which two actions must be taken next? (Choose two.)

（A）Reinstall the host from scratch.

（B）Create a firewall rule that has a source of Any, a destination of linux-gcp-east-4c, and a protocol of SSH.

（C）Create a firewall rule that has a source of linux-gcp-east-4c, a destination of Any, and a protocol of SSH.

（D）Quarantine the host

（E）Reinstall the host from a recent backup.

正解：B、D 解答を投票する

解説: (JPNTest メンバーにのみ表示されます)

300-740 無料問題集「Cisco Designing and Implementing Secure Cloud Access for Users and Endpoints」

弊社を連絡する

関連リンク

トップ試験