Which solution protects hybrid cloud deployment workloads with application visibility and segmentation?
Correct Answer: D
Tetration is the solution that protects hybrid cloud deployment workloads with application visibility and segmentation. Tetration enables a zero-trust model using segmentation, which allows you to identify security incidents faster, contain lateral movement, and reduce your attack surface. Tetration supports both on-premises and public cloud workloads and provides real-time telemetry data, behavior analysis, software inventory, and policy enforcement. Tetration is part of the Cisco Zero Trust portfolio, which also includes solutions for securing the workforce and workplace. References: * Cisco Tetration Platform - Cisco, Topic: Cisco Tetration offers holistic workload protection for multicloud data centers by enabling a zero-trust model using segmentation. * [Implementing and Operating Cisco Security Core Technologies (SCOR) v1.0], Module 5: Securing the Cloud, Lesson 5.3: Cloud Workload Security, Topic 5.3.1: Tetration * Cisco Zero Trust Tetration, Topic: Tetration provides zero-trust security for workloads as part of the Cisco Zero Trust portfolio.
Question 232
What does endpoint isolation in Cisco AMP for Endpoints security protect from?
Which type of API is being used when a controller within a software-defined network architecture dynamically makes configuration changes on switches within the network?
Correct Answer: B
Southbound APIs enable SDN controllers to dynamically make changes based on real-time demands and scalability needs.
Question 234
Which feature enables a Cisco ISR to use the default bypass list automatically for web filtering?
Correct Answer: D
A connector is a feature that enables a Cisco ISR to use the default bypass list automatically for web filtering. A connector is a software component that runs on the ISR and communicates with the Cloud Web Security service. The connector intercepts the web traffic from the branch users and redirects it to the Cloud Web Security service for scanning and policy enforcement. The connector also maintains a default bypass list, which contains the domains and URLs that are not redirected to the Cloud Web Security service. The default bypass list is updated automatically by the Cloud Web Security service and can be customized by the administrator. The default bypass list helps to improve the performance and reliability of the web filtering solution by avoiding unnecessary redirections of trusted or sensitive web traffic12. References: 1: Security Configuration Guide: Cloud Web Security, Cisco IOS Release 15M&T - Cisco Integrated Services Routers Generation 2 with Cisco Cloud Web Security Solution [Support] - Cisco 2: Security Configuration Guide: Cloud Web Security, Cisco IOS Release 15M&T - Configuring Cloud Web Security on Integrated Services Routers Generation 2 [Support] - Cisco
Question 235
How is DNS tunneling used to exfiltrate data out of a corporate network?
Correct Answer: B
ExplanationDomain name system (DNS) is the protocol that translates human-friendly URLs, such as securitytut.com, into IP addresses, such as 183.33.24.13. Because DNS messages are only used as the beginning of each communication and they are not intended for data transfer, many organizations do not monitor their DNS traffic for malicious activity. As a result, DNS-based attacks can be effective if launched against their networks. DNS tunneling is one such attack.An example of DNS Tunneling is shown below: * The attacker incorporates one of many open-source DNS tunneling kits into an authoritative DNSnameserver (NS) and malicious payload.2. An IP address (e.g. 1.2.3.4) is allocated from the attacker's infrastructure and a domain name (e.g. attackerdomain.com) is registered or reused. The registrar informs the top-level domain (.com) nameservers to refer requests for attackerdomain.com to ns.attackerdomain.com, which has a DNS record mapped to 1.2.3.43. The attacker compromises a system with the malicious payload. Once the desired data is obtained, the payload encodes the data as a * series of 32 characters (0-9, A-Z) broken into short strings (3KJ242AIE9, P028X977W,...).4. The payload initiates thousands of unique DNS record requests to the attacker's domain with each string as Reference: https://learn-umbrella.cisco.com/i/775902-dns-tunneling/0
