An engineer has enabled LDAP accept queries on a listener. Malicious actors must be prevented from quickly identifying all valid recipients.What must be done on the Cisco ESA to accomplish this goal?
Answer(s): C
A Directory Harvest Attack (DHA) is a technique used by spammers to find valid/existent email addresses at a domain either by using Brute force or by guessing valid e-mail addresses at a domain using different permutations of common username. Its easy for attackers to get hold of a valid email address if your organization uses standard format for official e-mail alias (for example: jsmith@example.com). We can configure DHA Prevention to prevent malicious actors from quickly identifying valid recipients. Note: Lightweight Directory Access Protocol (LDAP) is an Internet protocol that email programs use to look up contact information from a server, such as ClickMail Central Directory. For example, here's an LDAP search translated into plain English: "Search for all people located in Chicago who's name contains "Fred" that have an email address. Please return their full name, email, title, and description.
What is a feature of Cisco NetFlow Secure Event Logging for Cisco ASAs?
Answer(s): B
The ASA and ASASM implementations of NetFlow Secure Event Logging (NSEL) provide the following major functions:... Delays the export of flow-create events.
https://www.cisco.com/c/en/us/td/docs/security/asa/asa92/configuration/general/asa- general-cli/ monitor-nsel.pdf
An engineer is configuring 802.1X authentication on Cisco switches in the network and is using CoA as a mechanism.Which port on the firewall must be opened to allow the CoA traffic to traverse the network?
CoA Messages are sent on two different udp ports depending on the platform. Cisco standardizes on UDP port1700, while the actual RFC calls out using UDP port 3799.
Which public cloud provider supports the Cisco Next Generation Firewall Virtual?
Answer(s): D
Cisco Firepower NGFW Virtual (NGFWv) is the virtualized version of Cisco's Firepower next generation firewall.The Cisco NGFW virtual appliance is available in the AWS and Azure marketplaces. In AWS, it can be deployed in routed and passive modes. Passive mode design requires ERSPAN, the Encapsulated Remote Switched Port Analyzer, which is currently not available in Azure. In passive mode, NGFWv inspects packets like an Intrusion Detection System (IDS) appliance, but no action can be taken on the packet.In routed mode NGFWv acts as a next hop for workloads. It can inspect packets and also take action on the packet based on rule and policy definitions.
https://www.cisco.com/c/en/us/products/collateral/security/adaptive-security-virtual- appliance-asav/ white-paper-c11-740505.html
Post your Comments and Discuss Cisco® 350-701 exam with other Community members:
David A commented on January 16, 2024 Good Colombia Anonymous upvote
Kim commented on May 25, 2023 I just purchased and downloaded my files. Everything looks good so far. UNITED STATES upvote
Our website is free, but we have to fight against bots and content theft. We're sorry for the inconvenience caused by these security measures. You can access the rest of the 350-701 content, but please register or login to continue.