- (Exam Topic 3)
An administrator needs to configure the Cisco ASA via ASDM such that the network management system can actively monitor the host using SNMPv3. Which two tasks must be performed for this configuration? (Choose two.)

1. A. Specify the SNMP manager and UDP port.
2. B. Specify an SNMP user group
3. C. Specify a community string.
4. D. Add an SNMP USM entry
5. E. Add an SNMP host access entry

Correct Answer: BE

- (Exam Topic 1)
Which two behavioral patterns characterize a ping of death attack? (Choose two)

1. A. The attack is fragmented into groups of 16 octets before transmission.
2. B. The attack is fragmented into groups of 8 octets before transmission.
3. C. Short synchronized bursts of traffic are used to disrupt TCP connections.
4. D. Malformed packets are used to crash systems.
5. E. Publicly accessible DNS servers are typically used to execute the attack.

Correct Answer: BD
Ping of Death (PoD) is a type of Denial of Service (DoS) attack in which an attacker attempts to crash,destabilize, or freeze the targeted computer or service by sending malformed or oversized packets using a simple ping command.A correctly-formed ping packet is typically 56 bytes in size, or 64 bytes when the ICMP header is considered,and 84 including Internet Protocol version 4 header. However, any IPv4 packet (including pings) may be as large as 65,535 bytes. Some computer systems were never designed to properly handle a ping packet larger than the maximum packet size because it violates the Internet Protocol documentedLike other large but well-formed packets, a ping of death is fragmented into groups of 8 octets beforetransmission. However, when the target computer reassembles the malformed packet, a buffer overflow can occur, causing a system crash and potentially allowing the injection of malicious code.

- (Exam Topic 1)
Which feature within Cisco Umbrella allows for the ability to inspect secure HTTP traffic?

1. A. File Analysis
2. B. SafeSearch
3. C. SSL Decryption
4. D. Destination Lists

Correct Answer: C
Reference:
https://support.umbrella.com/hc/en-us/articles/115004564126-SSL-Decryption-in-the-IntelligentProxy

- (Exam Topic 3)
What is a benefit of using a multifactor authentication strategy?

1. A. It provides visibility into devices to establish device trust.
2. B. It provides secure remote access for applications.
3. C. It provides an easy, single sign-on experience against multiple applications
4. D. lt protects data by enabling the use of a second validation of identity.

Correct Answer: D

- (Exam Topic 3)
What is a benefit of flexible NetFlow records?

1. A. They are used for security
2. B. They are used for accounting
3. C. They monitor a packet from Layer 2 to Layer 5
4. D. They have customized traffic identification

Correct Answer: D
https://confluence.netvizura.com/display/NVUG/Traditional+vs.+Flexible+NetFlow