- (Exam Topic 3)
Which type of encryption uses a public key and private key?

1. A. Asymmetric
2. B. Symmetric
3. C. Linear
4. D. Nonlinear

Correct Answer: A

- (Exam Topic 1)
Which policy represents a shared set of features or parameters that define the aspects of a managed device that are likely to be similar to other managed devices in a deployment?

1. A. Group Policy
2. B. Access Control Policy
3. C. Device Management Policy
4. D. Platform Service Policy

Correct Answer: D
Reference:
https://www.cisco.com/c/en/us/td/docs/security/firepower/620/configuration/guide/fpmc-configguide-v62/platfo the answer should be “Platform Settings Policy”, not “Platform Service Policy” but it is the bestanswer here so we have to choose it.

- (Exam Topic 3)
An administrator needs to configure the Cisco ASA via ASDM such that the network management system can actively monitor the host using SNMPv3. Which two tasks must be performed for this configuration? (Choose two.)

1. A. Specify the SNMP manager and UDP port.
2. B. Specify an SNMP user group
3. C. Specify a community string.
4. D. Add an SNMP USM entry
5. E. Add an SNMP host access entry

Correct Answer: BE

- (Exam Topic 3)
What are two benefits of using Cisco Duo as an MFA solution? (Choose two.)

1. A. grants administrators a way to remotely wipe a lost or stolen device
2. B. provides simple and streamlined login experience for multiple applications and users
3. C. native integration that helps secure applications across multiple cloud platforms or on-premises environments
4. D. encrypts data that is stored on endpoints
5. E. allows for centralized management of endpoint device applications and configurations

Correct Answer: BC

- (Exam Topic 1)
How is DNS tunneling used to exfiltrate data out of a corporate network?

1. A. It corrupts DNS servers by replacing the actual IP address with a rogue address to collect information or start other attacks.
2. B. It encodes the payload with random characters that are broken into short strings and the DNS server rebuilds the exfiltrated data.
3. C. It redirects DNS requests to a malicious server used to steal user credentials, which allows further damageand theft on the network.
4. D. It leverages the DNS server by permitting recursive lookups to spread the attack to other DNS servers.

Correct Answer: B
Domain name system (DNS) is the protocol that translates human-friendly URLs, such as securitytut.com, into IP addresses, such as 183.33.24.13. Because DNS messages are only used as the beginning of each communication and they are not intended for data transfer, many organizations do not monitor their DNS traffic for malicious activity. As a result, DNS-based attacks can be effective if launched against their networks. DNS tunneling is one such attack.An example of DNS Tunneling is shown below:

The attacker incorporates one of many open-source DNS tunneling kits into an authoritative DNSnameserver (NS) and malicious payload.2. An IP address (e.g. 1.2.3.4) is allocated from the attacker’s infrastructure and a domain name (e.g. attackerdomain.com) is registered or reused. The registrar informs the top-level domain (.com) nameservers to refer requests for attackerdomain.com to ns.attackerdomain.com, which has a DNS record mapped to 1.2.3.43. The attacker compromises a system with the malicious payload. Once the desired data is obtained, the payload encodes the data as a series of 32 characters (0-9, A-Z) broken into short strings (3KJ242AIE9, P028X977W,…).4. The payload initiates thousands of unique DNS record requests to the attacker’s domain with each string as
Reference: https://learn-umbrella.cisco.com/i/775902-dns-tunneling/0