Which two request of REST API are valid on the Cisco ASA Platform? (Choose two)
Correct Answer: A,C
The ASA REST API gives you programmatic access to managing individual ASAs through a Representational State Transfer (REST) API. The API allows external clients to perform CRUD (Create, Read, Update, Delete) operations on ASA resources; it is based on the HTTPS protocol and REST methodology. All API requests are sent over HTTPS to the ASA, and a response is returned. Request Structure Available request methods are: GET - Retrieves data from the specified object. PUT - Adds the supplied information to the specified object; returns a 404 Resource Not Found error if the object does not exist. POST - Creates the object with the supplied information. DELETE - Deletes the specified object PATCH - Applies partial modifications to the specified object.
Question 117
Drag and drop the common security threats from the left onto the definitions on the right.
Correct Answer:
Question 118
Under which two circumstances is a CoA issued? (Choose two)
Correct Answer: B,D
Explanation The profiling service issues the change of authorization in the following cases: - Endpoint deleted-When an endpoint is deleted from the Endpoints page and the endpoint is disconnected or removed from the network. An exception action is configured-If you have an exception action configured per profile that leads to an unusual or an unacceptable event from that endpoint. The profiling service moves the endpoint to the corresponding static profile by issuing a CoA. - An endpoint is profiled for the first time-When an endpoint is not statically assigned and profiled for the first time; for example, the profile changes from an unknown to a known profile. + An endpoint identity group has changed-When an endpoint is added or removed from an endpoint identity group that is used by an authorization policy. The profiling service issues a CoA when there is any change in an endpoint identity group, and the endpoint identity group is used in the authorization policy for the following: ++ The endpoint identity group changes for endpoints when they are dynamically profiled ++ The endpoint identity group changes when the static assignment flag is set to true for a dynamic endpoint - An endpoint profiling policy has changed and the policy is used in an authorization policy-When an endpoint profiling policy changes, and the policy is included in a logical profile that is used in an authorization policy. The endpoint profiling policy may change due to the profiling policy match or when an endpoint is statically assigned to an endpoint profiling policy, which is associated to a logical profile. In both the cases, the profiling service issues a CoA, only when the endpoint profiling policy is used in an authorization policy. Reference: https://www.cisco.com/c/en/us/td/docs/security/ise/2-1/admin_guide/b_ise_admin_guide_21/ b_ise_admin_guide_20_chapter_010100.html ++ The endpoint identity group changes when the static assignment flag is set to true for a dynamic endpoint - An endpoint profiling policy has changed and the policy is used in an authorization policy-When an endpoint profiling policy changes, and the policy is included in a logical profile that is used in an authorization policy. The endpoint profiling policy may change due to the profiling policy match or when an endpoint is statically assigned to an endpoint profiling policy, which is associated to a logical profile. In both the cases, the profiling service issues a CoA, only when the endpoint profiling policy is used in an authorization policy. Reference: ++ The endpoint identity group changes for endpoints when they are dynamically profiled ++ The endpoint identity group changes when the static assignment flag is set to true for a dynamic endpoint - An endpoint profiling policy has changed and the policy is used in an authorization policy-When an endpoint profiling policy changes, and the policy is included in a logical profile that is used in an authorization policy. The endpoint profiling policy may change due to the profiling policy match or when an endpoint is statically assigned to an endpoint profiling policy, which is associated to a logical profile. In both the cases, the profiling service issues a CoA, only when the endpoint profiling policy is used in an authorization policy. Reference: https://www.cisco.com/c/en/us/td/docs/security/ise/2-1/admin_guide/b_ise_admin_guide_21/ b_ise_admin_guide_20_chapter_010100.html
Question 119
When a Cisco WSA checks a web request, what occurs if it is unable to match a user-defined policy?
Correct Answer: B
Question 120
Which two behavioral patterns characterize a ping of death attack? (Choose two)
Correct Answer: B,D
Ping of Death (PoD) is a type of Denial of Service (DoS) attack in which an attacker attempts to crash, destabilize, or freeze the targeted computer or service by sending malformed or oversized packets using a simple ping command. A correctly-formed ping packet is typically 56 bytes in size, or 64 bytes when the ICMP header is considered, and 84 including Internet Protocol version 4 header. However, any IPv4 packet (including pings) may be as large as 65,535 bytes. Some computer systems were never designed to properly handle a ping packet larger than the maximum packet size because it violates the Internet Protocol documented Like other large but well-formed packets, a ping of death is fragmented into groups of 8 octets before transmission. However, when the target computer reassembles the malformed packet, a buffer overflow can occur, causing a system crash and potentially allowing the injection of malicious code.
