Summer Sale Special Limited Time 65% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: v4s65

300-740 Exam Dumps - Designing and Implementing Secure Cloud Access for Users and Endpoints (SCAZT)

Go to page:
Question # 4

Refer to the exhibit. An engineer is analyzing a Cisco Secure Firewall Management Center report. Which activity does the output verify?

A.

An HTTP response from IP address 10.1.104.101 was blocked.

B.

An HTTP request to IP address 10.1.113.7 was blocked.

C.

A DNS request to IP address 172.17.1.2 was blocked.

D.

A DNS response from IP address 10.1.108.100 was blocked.

Full Access
Question # 5

Refer to the exhibit. An engineer must block internal users from accessing Facebook and Facebook Apps. All other access must be allowed. The indicated policy was created in Cisco Secure Firewall Management Center and deployed to the internet edge firewall; however, users still can access Facebook. Which two actions must be taken to meet the requirement? (Choose two.)

A.

Set Destination Zones to outside for rule 2.

B.

Set Source Zones to inside for rule 2.

C.

Set Applications to Facebook and Facebook Apps for rule 2.

D.

Set Destination Zones to outside for rule 1.

E.

Set Source Zones to inside for rule 1.

Full Access
Question # 6

Refer to the exhibit. An engineer must configure a remote access IPsec/IKEv1 VPN that will use AES256 and SHA256 on a Cisco ASA firewall. The indicated configuration was applied to the firewall; however, the tunnel fails to establish. Which two IKEv1 policy commands must be run to meet the requirement? (Choose two.)

A.

encryption aes-256

B.

ipsec-proposal sha-256-aes-256

C.

integrity aes-256

D.

ipsec-proposal AES256-SHA256

E.

hash sha-256

Full Access
Question # 7

According to the MITRE ATT&CK framework, which approach should be used to mitigate exploitation risks?

A.

Performing regular data backups and testing recovery procedures

B.

Keeping systems updated with the latest patches

C.

Consistently maintaining up-to-date antivirus software

D.

Ensuring that network traffic is closely monitored and controlled

Full Access
Question # 8

Refer to the exhibit. An engineer must provide RDP access to the AWS virtual machines and HTTPS access to the Google Cloud Platform virtual machines. All other connectivity must be blocked. The indicated rules were applied to the firewall; however, none of the virtual machines in AWS and Google Cloud Platform are accessible. What should be done to meet the requirement?

A.

Move rule 2 to the first position.

B.

Configure a NAT overload rule

C.

Configure a virtual private cloud firewall rule

D.

Move rule 1 to the last position

Full Access
Go to page: