- (Exam Topic 3)
An organization is implementing AAA for their users. They need to ensure that authorization is verified for every command that is being entered by the network administrator. Which protocol must be configured in order to provide this capability?

1. A. EAPOL
2. B. SSH
3. C. RADIUS
4. D. TACACS+

Correct Answer: D

- (Exam Topic 3)
Which Cisco DNA Center RESTful PNP API adds and claims a device into a workflow?

1. A. api/v1/fie/config
2. B. api/v1/onboarding/pnp-device/import
3. C. api/v1/onboarding/pnp-device
4. D. api/v1/onboarding/workflow

Correct Answer: B

- (Exam Topic 3)
A network security engineer must export packet captures from the Cisco FMC web browser while troubleshooting an issue. When navigating to the address https:///capure/CAPI/pcap/test.pcap, an error 403: Forbidden is given instead of the PCAP file. Which action must the engineer take to resolve this issue?

1. A. Disable the proxy setting on the browser
2. B. Disable the HTTPS server and use HTTP instead
3. C. Use the Cisco FTD IP address as the proxy server setting on the browser
4. D. Enable the HTTPS server for the device platform policy

Correct Answer: D

- (Exam Topic 1)
What is the primary benefit of deploying an ESA in hybrid mode?

1. A. You can fine-tune its settings to provide the optimum balance between security and performance for your environment
2. B. It provides the lowest total cost of ownership by reducing the need for physical appliances
3. C. It provides maximum protection and control of outbound messages
4. D. It provides email security while supporting the transition to the cloud

Correct Answer: D
Cisco Hybrid Email Security is a unique service offering that facilitates the deployment of your email securityinfrastructure both on premises and in the cloud. You can change the number of on-premises versus cloudusers at any time throughout the term of your contract, assuming the total number of users does not change.This allows for deployment flexibility as your organization’s needs change.

- (Exam Topic 3)
An engineer needs to configure an access control policy rule to always send traffic for inspection without using the default action. Which action should be configured for this rule?

1. A. monitor
2. B. allow
3. C. block
4. D. trust

Correct Answer: B
https://www.cisco.com/c/en/us/td/docs/security/firepower/623/configuration/guide/fpmc-config-guide-v623/acce the first three access control rules in the policy—Monitor, Trust, and Block—cannot inspect matching
traffic. Monitor rules track and log but do not inspect network traffic, so the system continues to match traffic
against additional rules to determine whether to permit or deny it
https://www.cisco.com/c/en/us/td/docs/security/firepower/623/configuration/guide/fpmc-config-guide-v623/acce