- (Exam Topic 1)
What two mechanisms are used to redirect users to a web portal to authenticate to ISE for guest services? (Choose two)

1. A. multiple factor auth
2. B. local web auth
3. C. single sign-on
4. D. central web auth
5. E. TACACS+

Correct Answer: BD

- (Exam Topic 1)
An organization has two machines hosting web applications. Machine 1 is vulnerable to SQL injection while machine 2 is vulnerable to buffer overflows. What action would allow the attacker to gain access to machine 1 but not machine 2?

1. A. sniffing the packets between the two hosts
2. B. sending continuous pings
3. C. overflowing the buffer’s memory
4. D. inserting malicious commands into the database

Correct Answer: D

- (Exam Topic 2)
Refer to the exhibit.

An administrator is adding a new Cisco FTD device to their network and wants to manage it with Cisco FMC. The Cisco FTD is not behind a NAT device. Which command is needed to enable this on the Cisco FTD?

1. A. configure manager add DONTRESOLVE kregistration key>
2. B. configure manager add <FMC IP address> <registration key> 16
3. C. configure manager add DONTRESOLVE <registration key> FTD123
4. D. configure manager add <FMC IP address> <registration key>

Correct Answer: D
Reference: https://cyruslab.net/2019/09/03/ciscocisco-firepower-lab-setup/

- (Exam Topic 3)
Which attribute has the ability to change during the RADIUS CoA?

1. A. NTP
2. B. Authorization
3. C. Accessibility
4. D. Membership

Correct Answer: B
Reference:
https://www.cisco.com/c/en/us/td/docs/ios-xml/ios/sec_usr_aaa/configuration/15-sy/sec-usr-aaa-15-sy-book/sec

- (Exam Topic 2)
How does Cisco Advanced Phishing Protection protect users?

1. A. It validates the sender by using DKIM.
2. B. It determines which identities are perceived by the sender
3. C. It utilizes sensors that send messages securely.
4. D. It uses machine learning and real-time behavior analytics.

Correct Answer: D
Reference: https://docs.ces.cisco.com/docs/advanced-phishing-protection