Friday, 31 October 2025

Cisco Security questions

 

The role with the highest privilege in the system and is designed for users who need complete control over system configurations, indexes, and data.

Admin

Designed for advanced users who need more capabilities than regular users but do not require full administrative access.

Power

Allows for both administrative work and data management.

Select Match

The default role for most end users and provides access to basic search and reporting functionalities.

User

Which three common mandatory configuration fields apply to all Cisco security products when using the Application Setup page within the Cisco Security Cloud app? (Choose three.)

Top of Form

  • Host
  • Index
  • Input Name
  • Interval
  • Logging level
  • Name

Bottom of Form

What is the benefit of using Cisco Security Cloud app dashboards?

Top of Form

  • Dashboards can help the administrators monitor its performance and cloud connections.
  • Dashboards can help the administrators monitor resource performance, health, errors, product activities, and data integrity.
  • Dashboards can help the SOC teams monitor unauthorized administrative access.
  • Dashboards can help the SOC teams monitor users’ internal and external activities.

To install the Cisco Security Cloud app from a file, which of the following is a valid source location from which to get the file?

  • from Cisco Download Center
  • from Splunk Add-ons documentation page
  • from Splunk Download Center
  • from Splunkbase documentation page

Bottom of Form

 

 

Which of the following apps can be used to integrate different Cisco Security Solutions?

Top of Form

  • Cisco Cloud Security app
  • Cisco Security Cloud app
  • Cisco Splunk app
  • Cisco Splunk Security apps

Bottom of Form

 

Which of the following is a Cisco Security Cloud app dashboard?

Top of Form

  • Cisco AppDynamics
  • App Insights
  • Cisco Security Cloud App
  • Resource Utilization

Bottom of Form

 

Which of the following is an indicator for scaling Splunk?

Top of Form

  • CPU and Memory Utilization: Consistently high CPU (above 50 percent) and memory usage (above 50 percent) during peak times.
  • CPU and Memory Utilization: Consistently high CPU (above 55 percent) and memory usage (above 85 percent) during peak times.
  • CPU and Memory Utilization: Consistently high CPU (above 65 percent) and memory usage (above 60 percent) during peak times.
  • CPU and Memory Utilization: Consistently high CPU (above 75 percent) and memory usage (above 80 percent) during peak times.

When configuring the Cisco Secure Firewall eStreamer integration using the Cisco Security Cloud app, what is required with a corresponding password?

  • Cisco Secure Firewall Management Center eStreamer certificate
  • Cisco Secure Firewall Management Center self-signed certificate for accessing the Cisco Secure Firewall Management Center GUI
  • Cisco Secure Firewall Management Center eStreamer API Client ID
  • Cisco Secure Firewall Management Center eStreamer username

 

 

What is shown at the bottom of the Cisco Security Cloud App > Secure Firewall Dashboard page?

Top of Form

  • Event Details table
  • Connection Events table
  • Intrusion Events widgets
  • Timeline charts

Bottom of Form

 

Which UDP port number is used by Syslog by default?

Top of Form

  • 514
  • 22
  • 443
  • 8080

Bottom of Form

 

Which three types of data can be streamed using eStreamer in Cisco Secure Firewall Management Center? (Choose three.)

Top of Form

  • discovery events
  • correlation and allow list events
  • intrusion events, malware events, file events, connection events
  • CPU and Memory, high availability, Platform Logs firewall configuration settings
  • VPN session logs

 

In Splunk, what information can be viewed on the Data Integrity dashboard for the Cisco Security Cloud Application?

Top of Form

  • Analysis reports of historical malware.
  • Detailed logs of user activity.
  • Metrics of system performance.
  • Status of events for each integrated solution.

Bottom of Form

 

Over which method and TCP port do eStreamer server and client communicate?

Top of Form

  • HTTPS Secure TLS channel over TCP port 8302
  • HTTPS Secure TLS channel over TCP port 443
  • HTTP over TCP port 80
  • Syslog over UDP port 514
  • Syslog over TCP port 514

Bottom of Form

 

Which dashboard of Cisco Security Cloud Application in Splunk provides performance information such as CPU utilization, memory utilization, and input connection health monitoring?

Top of Form

  • Data Integrity
  • Diagnostics
  • Resource Utilization
  • Secure Firewall Dashboard

Bottom of Form

 

 

Which of the following dashboards provides a unified view of the Cisco Security Cloud performance, error handling, and health monitoring?

Top of Form

  • Data Integrity Dashboard
  • Health Monitoring Dashboard
  • Resource Utilization Dashboard
  • XDR Dashboard

Bottom of Form

 

Which two of the following options are valid authentication methods for integrating Cisco XDR with Splunk Enterprise by using the Cisco Security Cloud app? (Choose two.)

Top of Form

  • Client ID
  • Direct Database Connection
  • Message Broker
  • OAuth
  • SOAP APIs

 

Which of the following tiles can be found within the Cisco XDR dashboard on the Cisco Security Cloud app?

Top of Form

  • Mean Time To Engage, Mean Time To Resolution
  • XDR Cases
  • Unresolved Incidents
  • TTP Time Line Charts

Bottom of Form

 

Which of the following methods helps verify that the integration between Cisco XDR and Cisco Security Cloud App is successful?

Top of Form

  • Checking the app status on the Cisco Security Cloud app.
  • Checking the Splunk Health Connection tool.
  • Using the command line for validation.
  • Using the dedicated validation dashboard on the Cisco XDR app.

Bottom of Form

 

Which of the following options can generate user-specific credentials to access APIs programmatically?

Top of Form

  • API client credentials
  • OAuth code client credentials
  • Username client credentials
  • Token client credentials

Bottom of Form

 

Which of the following configuration fields is optional when configuring the Cisco XDR on the Cisco Security Cloud app?

Top of Form

  • Authentication Method
  • Region
  • Promote XDR Incidents to Enterprise Security Notables
  • Import Time Range

Bottom of Form

 

Which of the following authentication methods is used when integrating Cisco XDR with Splunk Cloud?

Top of Form

  • client certificate authentication
  • OAuth authentication
  • passwordless authentication
  • token-based authentication

Bottom of Form

 

Which dashboard helps an administrator ensure compliance with security policies such as MFA and locked-out users?

Top of Form

  • Cisco Multicloud Defense dashboard on Cisco Security Cloud app.
  • Duo Dashboard on Cisco Security Cloud app.
  • Secure Malware Analytics dashboard on Cisco Security Cloud app.
  • Secure Network Analytics dashboard on Cisco Security Cloud app.

Bottom of Form

 

How would you integrate the Cisco Secure Network Analytics with the Cisco Security Cloud app?

Top of Form

  • Create a Cisco Security Cloud app user with the needed permissions, and configure the Cisco Secure Network Analytics in the Cisco Security Cloud app.
  • Create a Cisco Secure Network Analytics SMC user with the needed permissions, determine the Cisco Secure Network Analytics Domain ID, and configure the Cisco Secure Network Analytics in the Cisco Security Cloud app.
  • Create the Cisco Secure Network Analytics Certificate and HTTPS connection settings and configure the Cisco Secure Network Analytics in the Cisco Security Cloud app.
  • Use the Cisco Secure Network Analytics API Key and configure Cisco Secure Network Analytics in the Cisco Security Cloud app.

Bottom of Form

 

What format does Multicloud Defense use when sending Security Events and Traffic Log information to Splunk?

Top of Form

  • structured data logs
  • semi-structured JSON data logs
  • syslogs
  • unstructured data logs

Bottom of Form

 

 

Which four attributes are mandatory, when configuring the Cisco Secure Email Threat Defense Connection configuration settings? (Choose four.)

Top of Form

  • API Key
  • Client ID
  • Email Threat Defense client certificate
  • Email Threat Defense IP address or hostname
  • Region name
  • Security Key

 

Which two of the following attributes are mandatory, when configuring the SNA Connection configuration settings? (Choose two.)

Top of Form

  • API Key
  • API Secret
  • Cisco Security Cloud app IP Address
  • Domain ID
  • SMC username

Which method is valid for verifying Cisco Duo's integration with Cisco Security Cloud app?

Top of Form

  • Checking the Duo Dashboard on the Cisco Security Cloud app.
  • Generating integration validation report from the Cisco Security Cloud app.
  • Using the Cisco Duo integration validation tool.
  • Using the Cisco Security Cloud app integration validation tool.

Bottom of Form

 

Which method does the Multicloud Defense use to communicate with Splunk?

Top of Form

  • APIs
  • DB connect
  • Universal forwarder
  • HEC

Bottom of Form

 

Bottom of Form

 

Which of the following is a Cisco Security Cloud app dashboard?

Top of Form

  • Cisco AppDynamics
  • App Insights
  • Cisco Security Cloud App
  • Resource Utilization

Bottom of Form

Bottom of Form

 

 

Posted by at

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)