- (Exam Topic 1)
Which compliance status is shown when a configured posture policy requirement is not met?

1. A. compliant
2. B. unknown
3. C. authorized
4. D. noncompliant

Correct Answer: D
Reference:
https://www.cisco.com/c/en/us/td/docs/security/ise/1-3/admin_guide/b_ise_admin_guide_13/b_ise_admin_guide

- (Exam Topic 1)
Which attack is commonly associated with C and C++ programming languages?

1. A. cross-site scripting
2. B. water holing
3. C. DDoS
4. D. buffer overflow

Correct Answer: D

A buffer overflow (or buffer overrun) occurs when the volume of data exceeds the storage capacity of the memory buffer. As a result, the program attempting to write the data to the buffer overwrites adjacent memory locations.
Buffer overflow is a vulnerability in low level codes of C and C++. An attacker can cause the program to crash, make data corrupt, steal some private information or run his/her own code. It basically means to access any buffer outside of it’s alloted memory space. This happens quite frequently in the case of arrays.

- (Exam Topic 2)
What is the purpose of the certificate signing request when adding a new certificate for a server?

1. A. It is the password for the certificate that is needed to install it with.
2. B. It provides the server information so a certificate can be created and signed
3. C. It provides the certificate client information so the server can authenticate against it when installing
4. D. It is the certificate that will be loaded onto the server

Correct Answer: B
A certificate signing request (CSR) is one of the first steps towards getting your own SSL Certificate. Generated on the same server you plan to install the certificate on, the CSR contains information (e.g. common name, organization, country) that the Certificate Authority (CA) will use to create your certificate. It also contains the public key that will be included in your certificate and is signed with the corresponding private key

- (Exam Topic 1)
Which Cisco solution does Cisco Umbrella integrate with to determine if a URL is malicious?

1. A. AMP
2. B. AnyConnect
3. C. DynDNS
4. D. Talos

Correct Answer: D
When Umbrella receives a DNS request, it uses intelligence to determine if the request is safe, malicious or risky — meaning the domain contains both malicious and legitimate content. Safe and malicious requests are routed as usual or blocked, respectively. Risky requests are routed to our
cloud-based proxy for deeper inspection. The Umbrella proxy uses Cisco Talos web reputation and other third-party feeds to determine if a URL is malicious.

- (Exam Topic 3)
Which Cisco platform provides an agentless solution to provide visibility across the network including encrypted traffic analytics to detect malware in encrypted traffic without the need for decryption?

1. A. Cisco Advanced Malware Protection
2. B. Cisco Stealthwatch
3. C. Cisco Identity Services Engine
4. D. Cisco AnyConnect

Correct Answer: B