Implementing Core Cisco ASA Security (SASAC) Quiz Questions and Answers

What two risks is a company vulnerable to if it does not have a well-established patching solution for endpoints?

Answer :
  • exploits
  • malware

Which two risks is a company vulnerable to if it does not have a well-established patching solution for endpoints? (Choose two)

Answer :
  • exploits
  • malware

Which threat involves software being used to gain unauthorized access to a computer system?

Answer :
  • virus

Which flaw does an attacker leverage when exploiting SQL injection vulnerabilities?

Answer :
  • user input validation in a web page or web application

What are two descriptions of AES encryption are true?

Answer :
  • AES is more secure than 3DES.
  • AES can use a 256-bit key for encryption.

An engineer must force an endpoint to re-authenticate an already authenticated session without disrupting the endpoint to apply a new or updated policy from ISE. Which CoA type achieves this goal?

Answer :
  • CoA Reauth

Which feature of Cisco ASA allows VPN users to be postured against Cisco ISE without requiring an inline posture node?

Answer :
  • RADIUS Change of Authorization

Which risks is a company vulnerable to if it does not have a well-established patching solution for endpoints?

Answer :
  • malware

A malicious user gained network access by spoofing printer connections that were authorized using MAB on four different switch ports at the same time. Which two catalyst switch security features will prevent further violations?

Answer :
  • DHCP Snooping
  • Dynamic ARP inspection

When wired 802.1X authentication is implemented, what are two components required?

Answer :
  • authentication server: Cisco Identity Service Engine
  • authenticator: Cisco Catalyst switch