https://www.newpassleader.com/Cisco/200-310-exam-preparation-materials.html

(288 Q&As Dumps, 30%OFF Special Discount: 30free)

NEW QUESTION NO: 70
Which three protocols support VLSM? (Choose three.)
A. RIPv1
B. OSPF
C. IGRP
D. EIGRP
E. RIPv2
Answer: B,D,E

NEW QUESTION NO: 71

Select and Place:

Answer: 

Explanation/Reference:
Space: amount of racks, equipment, cabling, people
Weight load: rack servers vs blade servers
Power: variability of computing load, computing power and memory requirements Cooling: arranging equipment racks face-to-face or back-to-back Cabling: abundant, variable, well organized and easy to maintain
Security: disasters, fire suppression and alarm systems
please refer to the link below.
Link:
http://www.cisco.com/application/pdf/en/us/guest/netsol/ns107/c649/ccmigration_09186a008073377d.pdf

NEW QUESTION NO: 72
An enterprise campus module is typically made up of four submodules, as described by the Cisco Enterprise Architecture Model. Which two submodulesare part of this module?
A. DMZ
B. enterprise branch
C. building distribution
D. server farm/data center
E. MAN
Answer: C,D
Explanation/Reference:
Explanation:

NEW QUESTION NO: 73

Select and Place:

Answer: 

Explanation/Reference:
NetFlow facilitates solutions to many common problems encountered by IT professionals.
* Analyze new applications and their network impact
Identify new application network loads such as VoIP or remote site additions.
* Reduction in peak WAN traffic
Use NetFlow statistics to measure WAN traffic improvement from application-policy changes; understand who is utilizing the network and the network top talkers.
* Troubleshooting and understanding network pain points
Diagnose slow network performance, bandwidth hogs and bandwidth utilization quickly with command line interface or reporting tools.
* Detection of unauthorized WAN traffic
Avoid costly upgrades by identifying the applications causing congestion.
* Security and anomaly detection
NetFlow can be used for anomaly detection and worm diagnosis along with applications such as Cisco CS- Mars.
* Validation of QoS parameters
Confirm that appropriate bandwidth has been allocated to each Class of Service (CoS) and that no CoS is over- or under-subscribed.

NEW QUESTION NO: 74
A campus network needs end-to-end QoS tools to manage traffic and ensure voice quality. Which three types of QoS tools are needed? (Choose three.)
A. interface queuing and scheduling
B. congestion management
C. compression and fragmentation
D. bandwidth provisioning
E. traffic classification
F. buffer management
Answer: A,D,E
Explanation/Reference:
Explanation:
Campus LAN QoS Considerations
For the access layer of the campus LAN, you can classify and mark frames or packets to apply quality of service (QoS) policies in the distribution or at the enterprise edge. Classification is a fundamental building block of QoS and involves recognizing and distinguishing between different traffic streams. For example, you distinguish between HTTP/HTTPS, FTP, and VoIP traffic. Without classification, all traffic is treated the same.

NEW QUESTION NO: 75
Which two can be used as a branch office WAN solution? (Choose two.)
A. frame relay
B. MPLS
C. Metro Ethernet
D. GPRS
E. dial-up modem
F. 3G USB modems
Answer: B,C
Explanation/Reference:
Explanation: Explanation
Frame relay is old 'shared' technology today's sites use some flavor or Metro E or MPLS/VPN

NEW QUESTION NO: 76
Which three items pertain to EIGRP? (Choose three.)
A. Can use multiple unequal paths.
B. Routes are redistributed as type 2 by default.
C. ASN and K values must match to form neighbors.
D. Uses multicast address 224.0.0.9 for updates.
E. Exchanges full routing table every 30 seconds.
F. Summary routes have AD of 90.
G. External routes have AD of 170.
Answer: A,C,G
Explanation/Reference:
Explanation:

NEW QUESTION NO: 77
What is the recommended spanning tree protocol to use for all Layer 2 deployments in a branch office environment?
A. CST
B. RSPT
C. PVST
D. MISTP
E. Rapid PVST +
Answer: E
Explanation/Reference:
Explanation:

NEW QUESTION NO: 78
In the enterprise data center, which are the three main components? (Choose three.)
A. Network Infrastructure
B. Interactive services
C. Data Center Management
D. Internet services
E. WAN services
F. VPN and remote access
Answer: A,B,C
Explanation/Reference:
Explanation:

Network infrastructure: Gigabit and 10 Gigabit Ethernet, InfiniBand, optical transport and storage switching Interactive services: Computer infrastructure services, storage services, security, application optimization DC management: Cisco Fabric Manager and Cisco VFrame for server and service management

NEW QUESTION NO: 79
Which three are associated with the distribution layer within the campus design? (Choose three.)
A. access layer aggregation
B. route summarization
C. network trust boundary
D. next-hop redundancy
E. layer 2 switching
F. port security
G. broadcast suppression
Answer: A,B,D
Explanation/Reference:
Explanation:
Distribution Layer Best Practices
As shown in Figure 3-6, the distribution layer aggregates all closet switches and connects to the core layer.
Design considerations for the distribution layer include providing wirespeed performance on all ports, link redundancy, and infrastructure services. The distribution layer should not be limited on performance. Links to the core must be able to support the bandwidth used by the aggregate access layer switches.
Redundant links from the access switches to the distribution layer and from the distribution layer to the core layer allow for high availability in the event of a link failure. Infrastructure services include quality of service (QoS) configuration, security, and policy enforcement. Access lists are configured in the distribution layer.

The following are recommended best practices at the distribution layer:
Use first-hop redundancy protocols. Hot Standby Router Protocol (HSRP) or Gateway Load Balancing Protocol (GLBP) should be used if you implement Layer 2 links between the Layer 2 access switches and the distribution layer.
Use Layer 3 routing protocols between the distribution and core switches to allow for fast convergence and load balancing.
Only peer on links that you intend to use as transit.

NEW QUESTION NO: 80
Your supervisor wants you to recommend a management protocol that will allow you to track overall bandwidth utilization, utilization by traffic type, and utilization by source and destination.
Which is ideally suited for this function?
A. MRTG
B. NetFlow
C. RRD
D. SNMP
Answer: B
Explanation/Reference:
Explanation:
NetFlow
Cisco NetFlow allows the tracking of IP flows as they are passed through routers and multilayer switches.
IP flows are a set of IP packets within a specific timeslot that share a number of properties, such as the same source address, destination address, type of service, and protocol number. NetFlow information is forwarded to a network data analyzer, network planning tools, RMON applications, or accounting and billing applications. Net-Flow allows for network planning, traffic engineering, billing, accounting, and application monitoring. The most recent version of NetFlow is NetFlow Version 9, which is defined in RFC
3954. NetFlow consists of three major components:

NEW QUESTION NO: 10
A cybersecurity analyst has several SIEM event logs to review for possible APT activity. The analyst was given several items that include lists of indicators for both IP addresses and domains. Which of the following actions is the BEST approach for the analyst to perform?
A. Use the IP addresses to search through the event logs.
B. Analyze the trends of the events while manually reviewing to see if any of the indicators match.
C. Create an advanced query that includes all of the indicators, and review any of the matches.
D. Scan for vulnerabilities with exploits known to have been used by an APT.
Answer: B
Section: (none)
Explanation/Reference:
Explanation:

NEW QUESTION NO: 11
A company discovers an unauthorized device accessing network resources through one of many network drops in a common area used by visitors.
The company decides that it wants to quickly prevent unauthorized devices from accessing the network but policy prevents the company from making changes on every connecting client.
Which of the following should the company implement?
A. Port security
B. WPA2
C. Mandatory Access Control
D. Network Intrusion Prevention
Answer: A
Section: (none)

NEW QUESTION NO: 12
An analyst finds that unpatched servers have undetected vulnerabilities because the vulnerability scanner does not have the latest set of signatures. Management directed the security team to have personnel update the scanners with the latest signatures at least 24 hours before conducting any scans, but the outcome is unchanged. Which of the following is the BEST logical control to address the failure?
A. Configure a script to automatically update the scanning tool.
B. Manually validate that the existing update is being performed.
C. Test vulnerability remediation in a sandbox before deploying.
D. Configure vulnerability scans to run in credentialed mode.
Answer: A
Section: (none)
Explanation/Reference:
Explanation:

NEW QUESTION NO: 13
A threat intelligence analyst who works for a financial services firm received this report:
"There has been an effective waterhole campaign residing at www.bankfinancecompsoftware.com. This domain is delivering ransomware. This ransomware variant has been called "LockMaster" by researchers due to its ability to overwrite the MBR, but this term is not a malware signature. Please execute a defensive operation regarding this attack vector."
The analyst ran a query and has assessed that this traffic has been seen on the network. Which of the following actions should the analyst do NEXT? (Select TWO).
A. Advise the firewall engineer to implement a block on the domain
B. Visit the domain and begin a threat assessment
C. Produce a threat intelligence message to be disseminated to the company
D. Advise the security architects to enable full-disk encryption to protect the MBR
E. Advise the security analysts to add an alert in the SIEM on the string "LockMaster"
F. Format the MBR as a precaution
Answer: B,D
Section: (none)
Explanation/Reference:

NEW QUESTION NO: 14
A business-critical application is unable to support the requirements in the current password policy because it does not allow the use of special characters. Management does not want to accept the risk of a possible security incident due to weak password standards. Which of the following is an appropriate means to limit the risks related to the application?
A. A compensating control
B. Altering the password policy
C. Creating new account management procedures
D. Encrypting authentication traffic
Answer: D
Section: (none)

NEW QUESTION NO: 15
A network technician is concerned that an attacker is attempting to penetrate the network, and wants to set a rule on the firewall to prevent the attacker from learning which IP addresses are valid on the network.
Which of the following protocols needs to be denied?
A. TCP
B. SMTP
C. ICMP
D. ARP
Answer: C
Section: (none)

NEW QUESTION NO: 16
A cybersecurity analyst is conducting a security test to ensure that information regarding the web server is protected from disclosure. The cybersecurity analyst requested an HTML file from the web server, and the response came back as follows:

Which of the following actions should be taken to remediate this security issue?
A. Set "Allowlatescanning" to 1 in the URLScan.ini configuration file.
B. Set "Removeserverheader" to 1 in the URLScan.ini configuration file.
C. Set "Enablelogging" to 0 in the URLScan.ini configuration file.
D. Set "Perprocesslogging" to 1 in the URLScan.ini configuration file.
Answer: B
Section: (none)
Explanation/Reference:
Explanation:
ref: http://www.acunetix.com/blog/articles/configure-web-server-disclose-identity/

NEW QUESTION NO: 17
Which of the following is a control that allows a mobile application to access and manipulate information which should only be available by another application on the same mobile device (e.g. a music application posting the name of the current song playing on the device on a social media site)?
A. Co-hosted application
B. Transitive trust
C. Mutually exclusive access
D. Dual authentication
Answer: B
Section: (none)

NEW QUESTION NO: 18
A cybersecurity consultant is reviewing the following output from a vulnerability scan against a newly installed MS SQL Server 2012 that is slated to go into production in one week:

Based on the above information, which of the following should the system administrator do? (Select TWO).
A. Verify the vulnerability using penetration testing tools or proof-of-concept exploits.
B. Review the references to determine if the vulnerability can be remotely exploited.
C. Mark the result as a false positive so it will show in subsequent scans.
D. Configure a network-based ACL at the perimeter firewall to protect the MS SQL port.
E. Implement the proposed solution by installing Microsoft patch Q316333.
Answer: D,E
Section: (none)

NEW QUESTION NO: 19
A recent audit has uncovered several coding errors and a lack of input validation being used on a public portal. Due to the nature of the portal and the severity of the errors, the portal is unable to be patched.
Which of the following tools could be used to reduce the risk of being compromised?
A. Web application firewall
B. Network firewall
C. Web proxy
D. Intrusion prevention system
Answer: B
Section: (none)

NEW QUESTION NO: 20
A security analyst has been asked to remediate a server vulnerability. Once the analyst has located a patch for the vulnerability, which of the following should happen NEXT?
A. Start the change control process.
B. Rescan to ensure the vulnerability still exists.
C. Implement continuous monitoring.
D. Begin the incident response process.
Answer: A
Section: (none)
Explanation/Reference:
Explanation:

(160 Q&As Dumps, 30%OFF Special Discount: 30free)

NEW QUESTION NO: 5
SIMULATION
You have a database that contains the following tables.

You need to create a query that lists all complaints from the Complaints table, and the name of the person handling the complaints if a person is assigned. The ComplaintID must be displayed first, followed by the person name.
Construct the query using the following guidelines:
Use two-part column names.

Use one-part table names.

Do not use aliases for column names or table names.

Do not use Transact-SQL functions.

Do not use implicit joins.

Do not surround object names with square brackets.

Part of the correct Transact-SQL has been provided in the answer area below. Enter the code in the answer area that resolves the problem and meets the stated goals or requirements. You can add code within the code that has been provided as well as below it.


Use the Check Syntax button to verify your work. Any syntax or spelling errors will be reported by line and character position.
Answer: 
See the solution below
Explanation/Reference:
SELECT Complaints.ComlaintID, Persons.Name
FROM Persons
JOIN Contacts
ON Persons.PersonID=Contacts.PersonID
JOIN Complaints
ON Contacts.ComplaintID=Complaints.ComplaintID
References: https://technet.microsoft.com/en-us/library/ms190014(v=sql.105).aspx

NEW QUESTION NO: 6
SIMULATION
You work for an organization that monitors seismic activity around volcanos. You have a table named GroundSensors. The table stored data collected from seismic sensors. It includes the columns describes in the following table:

The database also contains a scalar value function named NearestMountain that returns the name of the mountain that is nearest to the sensor.
You need to create a query that shows the average of the normalized readings from the sensors for each mountain. The query must meet the following requirements:
Include the average normalized readings and nearest mountain name.

Exclude sensors for which no normalized reading exists.

Exclude those sensors with value of zero for tremor.

Construct the query using the following guidelines:
Use one part names to reference tables, columns and functions.

Do not use parentheses unless required.

Do not use aliases for column names and table names.

Do not surround object names with square brackets.


Part of the correct Transact-SQL has been provided in the answer area below. Enter the code in the answer area that resolves the problem and meets the stated goals or requirements. You can add code within the code that has been provided as well as below it.

Use the Check Syntax button to verify your work. Any syntax or spelling errors will be reported by line and character position.
Answer: 
See the solution below
Explanation/Reference:
SELECT Average(NormalizedReading), NearestMountain(SensorID)
FROM GroundSensors
GROUP BY NearestMountain(SensorID)
WHERE TREMOR IS NOT 0 AND NormalizedReading IS NOT NULL
Explanation:
GROUP BY is a SELECT statement clause that divides the query result into groups of rows, usually for the purpose of performing one or more aggregations on each group. The SELECT statement returns one row per group.
Reference: https://msdn.microsoft.com/en-us/library/ms177673.aspx

NEW QUESTION NO: 7
HOTSPOT
You have a database that contains the following tables: tblRoles, tblUsers, and tblUsersInRoles.
The table tblRoles is defined as follows.

You have a function named ufnGetRoleActiveUsers that was created by running the following Transact- SQL statement:

You need to list all roles and their corresponding active users. The query must return the RoleId, RoleName, and UserName columns. If a role has no active users, a NULL value should be returned as the UserName for that role.
How should you complete the Transact-SQL statement? To answer, select the appropriate Transact-SQL segments in the answer area.
Hot Area:

Answer: 


NEW QUESTION NO: 8
Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution.
After you answer a question in this section. You will NOT be able to return to it. As a result, these questions will not appear in the review screen.
You have a database that tracks orders and deliveries for customers in North America. The database contains the following tables:
Sales.Customers

Application.Cities

Sales.CustomerCategories

The company's development team is designing a customer directory application. The application must list customers by the area code of their phone number. The area code is defined as the first three characters of the phone number.
The main page of the application will be based on an indexed view that contains the area and phone number for all customers.
You need to return the area code from the PhoneNumber field.
Solution: You run the following Transact-SQL statement:

Does the solution meet the goal?
A. Yes
B. No
Answer: B
Explanation/Reference:
Explanation:
We need SELECT TOP 1 @areacode =.. to ensure that only one value is returned.

NEW QUESTION NO: 9
Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution.
After you answer a question in this section. You will NOT be able to return to it. As a result, these questions will not appear in the review screen.
You have a database that includes the tables shown in the exhibit (Click the Exhibit button.)

You need to create a Transact-SQL query that returns the following information:
the customer number

the customer contact name

the date the order was placed, with a name of DateofOrder

a column named Salesperson, formatted with the employee first name, a space, and the employee last

name
orders for customers where the employee identifier equals 4

The output must be sorted by order date, with the newest orders first.
The solution must return only the most recent order for each customer.
Solution: You run the following Transact-SQL statement:

Does the solution meet the goal?
A. Yes
B. No
Answer: B
Explanation/Reference:
Explanation:
We need a GROUP BY statement as we want to return an order for each customer.

NEW QUESTION NO: 10
Note: This question is part of a series of questions that use the same or similar answer choices. An answer choice may be correct for more than one question in the series. Each question is independent of the other questions in this series. Information and details provided in a question apply only to that question.
You have a database that contains tables named Customer_CRMSystem and Customer_HRSystem. Both tables use the following structure:

The tables include the following records:
Customer_CRMSystem

Customer_HRSystem

Records that contain null values for CustomerCode can be uniquely identified by CustomerName.
You need to display a Cartesian product, combining both tables.
Which Transact-SQL statement should you run?
A:

B:

C:

D:

E:

F:

G:

H:

A. Option A
B. Option B
C. Option C
D. Option D
E. Option E
F. Option F
G. Option G
H. Option H
Answer: G
Explanation/Reference:
Explanation:
A cross join that does not have a WHERE clause produces the Cartesian product of the tables involved in the join. The size of a Cartesian product result set is the number of rows in the first table multiplied by the number of rows in the second table.
References: https://technet.microsoft.com/en-us/library/ms190690(v=sql.105).aspx

NEW QUESTION NO: 11
Note: This question is part of a series of questions that use the same or similar answer choices. An answer choice may be correct for more than one question in the series. Each question is independent of the other questions in this series. Information and details provided in a question apply only to that question.
Multiple processes use the data from a table named Sales and place it in other databases across the organization. Some of the processes are not completely aware of the data types in the Sales table. This leads to data type conversion errors.
You need to implement a method that returns a NULL value id data conversion fails instead of throwing an error.
What should you implement?
A. the COALESCE function
B. a view
C. a table-valued function
D. the TRY_PARSE function
E. a stored procedure
F. the ISNULL function
G. a scalar function
H. the TRY_CONVERT function
Answer: H
Explanation/Reference:
Explanation:
TRY_CONVERT returns a value cast to the specified data type if the cast succeeds; otherwise, returns null.
References: https://docs.microsoft.com/en-us/sql/t-sql/functions/try-convert-transact-sql

NEW QUESTION NO: 12
DRAG DROP
Note: This question is part of a series of questions that use the same scenario. For your convenience, the scenario is repeated in each question. Each question presents a different goal and answer choices, but the text of the scenario is exactly the same in each question on this series.
You have a database that tracks orders and deliveries for customers in North America. System versioning is enabled for all tables. The database contains the Sales.Customers, Application.Cities, and Sales.CustomerCategories tables.
Details for the Sales.Customers table are shown in the following table:

Details for the Application.Cities table are shown in the following table:

Details for the Sales.CustomerCategories table are shown in the following table:

You are creating a report to show when the first customer account was opened in each city. The report contains a line chart with the following characteristics:
The chart contains a data point for each city, with lines connecting the points.

The X axis contains the position that the city occupies relative to other cities.

The Y axis contains the date that the first account in any city was opened.

An example chart is shown below for five cities:

During a sales promotion, customers from various cities open new accounts on the same date.
You need to write a query that returns the data for the chart.
How should you complete the Transact-SQL statement? To answer, drag the appropriate Transact-SQL segments to the correct locations. Each Transact-SQL segment may be used once, more than once, or not at all. You may need to drag the split bar between panes or scroll to view content.
NOTE: Each correct selection is worth one point.
Select and Place:

Answer: 

Explanation/Reference:
Explanation:
Box 1: RANK() OVER
RANK returns the rank of each row within the partition of a result set. The rank of a row is one plus thenumber of ranks that come before the row in question.
ROW_NUMBER and RANK are similar. ROW_NUMBER numbers all rows sequentially (for example 1, 2,
3, 4, 5).
Incorrect Answers:
DENSE_RANK returns the rank of rows within the partition of a result set, without any gaps in the ranking.
The rank of a row is one plus the number of distinct ranks that come before the row in question.
Box 2: (PARTITION BY CityID ORDER BY MIN(AccountOpenedDate) DESC)
Syntax for RANK: RANK ( ) OVER ( [ partition_by_clause ] order_by_clause ) Box 3: GROUP BY CityID References: https://msdn.microsoft.com/en-us/library/ms176102.aspx

NEW QUESTION NO: 13
DRAG DROP
Note: This question is part of a series of questions that use the same scenario. For your convenience, the scenario is repeated in each question. Each question presents a different goal and answer choices, but the text of the scenario is exactly the same in each question in this series.
You are developing a database to track customer orders. The database contains the following tables:
Sales.Customers, Sales.Orders, and Sales.OrderLines. The following table describes the columns in Sales.Customers.

The following table describes the columns in Sales.Orders.

The following table describes the columns in Sales.OrderLines.

You need to create a function that accepts a CustomerID as a parameter and returns the following information:
all customer information for the customer

the total number of orders for the customer

the total price of all orders for the customer

the average quantity of items per order

How should you complete the function definition? To answer, drag the appropriate Transact-SQL segment to the correct locations. Transact-SQL segment may be used once, more than once, or not at all. You may need to drag the split bar between panes or scroll to view content.
Select and Place:

Answer: 

Explanation/Reference:
Explanation:
Box1: RETURNS TABLE
The function should return the following information:
all customer information for the customer

the total number of orders for the customer

the total price of all orders for the customer

the average quantity of items per order

Box 2: COUNT
The function should return the total number of orders for the customer.
Box 3: SUM
The function should return the total price of all orders for the customer.
Box 3. AVG
The function should return the average quantity of items per order.
Box 4: GROUP BY
Need to use GROUP BY for the aggregate functions.
References: https://msdn.microsoft.com/en-us/library/ms186755.aspx

NEW QUESTION NO: 14
Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution.
After you answer a question in this section. You will NOT be able to return to it. As a result, these questions will not appear in the review screen.
You create a table named Products by running the following Transact-SQL statement:

You have the following stored procedure:

You need to modify the stored procedure to meet the following new requirements:
Insert product records as a single unit of work.

Return error number 51000 when a product fails to insert into the database.

If a product record insert operation fails, the product information must not be permanently written to the

database.
Solution: You run the following Transact-SQL statement:

Does the solution meet the goal?
A. Yes
B. No
Answer: B
Explanation/Reference:
Explanation:
With X_ABORT ON the INSERT INTO statement and the transaction will be rolled back when an error is raised, it would then not be possible to ROLLBACK it again in the IF XACT_STATE() <> O ROLLACK TRANSACTION statement.
Note: A transaction is correctly defined for the INSERT INTO ..VALUES statement, and if there is an error in the transaction it will be caughtant he transaction will be rolled back, finally an error 51000 will be raised.
Note: When SET XACT_ABORT is ON, if a Transact-SQL statement raises a run-time error, the entire transaction is terminated and rolled back.
XACT_STATE is a scalar function thatreports the user transaction state of a current running request.
XACT_STATE indicates whether the request has an active user transaction, and whether the transaction is capable of being committed.
The states of XACT_STATE are:
0 There is no active user transaction for the current request.

1 The current request has an active user transaction. The request can perform any actions, including

writing data and committing the transaction.
2 The current request has an active user transaction, but an error hasoccurred that has caused the

transaction to be classified as an uncommittable transaction.
References:
https://msdn.microsoft.com/en-us/library/ms188792.aspx
https://msdn.microsoft.com/en-us/library/ms189797.aspx

NEW QUESTION NO: 15
You have a database that includes the tables shown in the exhibit. (Click the exhibit button.)

You need to create a list of all customers, the order ID for the last order that the customer placed, and the date that the order was placed. For customers who have not placed orders, you must substitute a zero for the order ID and 01/01/1990 for the date.
Which Transact-SQL statement should you run?
A:

B:

C:

D:

A. Option A
B. Option B
C. Option C
D. Option D
Answer: A
Explanation/Reference:
Explanation:
ISNULL Syntax: ISNULL ( check_expression , replacement_value ) author:"Luxemburg, Rosa" The ISNULL function replaces NULL with the specified replacement value. The value of check_expression is returned if it is not NULL; otherwise, replacement_value is returned after it is implicitly converted to the type of check_expression.
References: https://msdn.microsoft.com/en-us/library/ms184325.aspx

https://www.newpassleader.com/Amazon/AWS-SysOps-exam-preparation-materials.html

(325 Q&As Dumps, 30%OFF Special Discount: 30free)

NEW QUESTION NO: 40
Which of the following requires a custom CloudWatch metric to monitor?
A. Data transfer of an EC2 instance
B. Disk usage activity of an EC2 instance
C. Memory Utilization of an EC2 instance
D. CPU Utilization of an EC2 instance
Answer: C
Explanation/Reference:
Explanation:
http://aws.amazon.com/cloudwatch/

NEW QUESTION NO: 41
A user is measuring the CPU utilization of a private data center machine every minute. The machine provides the aggregate of data every hour, such as Sum of data", "Min value", "Max value, and "Number of Data points".
The user wants to send these values to CloudWatch. How can the user achieve this?
A. Send the data using the put-metric-data command with the aggregate-values parameter
B. Send the data using the put-metric-data command with the average-values parameter
C. Send the data using the put-metric-data command with the statistic-values parameter
D. Send the data using the put-metric-data command with the aggregate -data parameter
Answer: C
Explanation/Reference:
Explanation:
AWS CloudWatch supports the custom metrics. The user can always capture the custom data and upload the data to CloudWatch using CLI or APIs. The user can publish the data to CloudWatch as single data points or as an aggregated set of data points called a statistic set using the command put-metric-data.
When sending the aggregate data, the user needs to send it with the parameter statistic-values:


NEW QUESTION NO: 42
A user has created an Auto Scaling group with default configurations from CLI. The user wants to setup the CloudWatch alarm on the EC2 instances, which are launched by the Auto Scaling group. The user has setup an alarm to monitor the CPU utilization every minute. Which of the below mentioned statements is true?
A. It will fetch the data at every minute but the four data points [corresponding to 4 minutes] will not have value since the EC2 basic monitoring metrics are collected every five minutes
B. It will fetch the data at every minute as detailed monitoring on EC2 will be enabled by the default launch configuration of Auto Scaling
C. The alarm creation will fail since the user has not enabled detailed monitoring on the EC2 instances
D. The user has to first enable detailed monitoring on the EC2 instances to support alarm monitoring at every minute
Answer: B
Explanation/Reference:
Explanation:
CloudWatch is used to monitor AWS as well as the custom services. To enable detailed instance monitoring for a new Auto Scaling group, the user does not need to take any extra steps. When the user creates an Auto Scaling launch config using CLI, each launch configuration contains a flag named InstanceMonitoring.Enabled. The default value of this flag is true. Thus, by default detailed monitoring will be enabled for Auto Scaling as well as for all the instances launched by that Auto Scaling group.

NEW QUESTION NO: 43
An organization has configured Auto Scaling with ELB. One of the instance health check returns the status as Impaired to Auto Scaling. What will Auto Scaling do in this scenario?
A. Perform a health check until cool down before declaring that the instance has failed
B. Terminate the instance and launch a new instance
C. Notify the user using SNS for the failed state
D. Notify ELB to stop sending traffic to the impaired instance
Answer: B
Explanation/Reference:
Explanation:
The Auto Scaling group determines the health state of each instance periodically by checking the results of the Amazon EC2 instance status checks. If the instance status description shows any other state other than "running" or the system status description shows impaired, Auto Scaling considers the instance to be unhealthy. Thus, it terminates the instance and launches a replacement.

NEW QUESTION NO: 44
A user is configuring the Multi AZ feature of an RDS DB. The user came to know that this RDS DB does not use the AWS technology, but uses server mirroring to achieve HA. Which DB is the user using right now?
A. My SQL
B. Oracle
C. MS SQL
D. PostgreSQL
Answer: C
Explanation/Reference:
Explanation:
Amazon RDS provides high availability and failover support for DB instances using Multi AZ deployments.
In a Multi AZ deployment, Amazon RDS automatically provisions and maintains a synchronous standby replica in a different Availability Zone. Multi AZ deployments for Oracle, PostgreSQL, and MySQL DB instances use Amazon technology, while SQL Server (MS SQL. DB instances use SQL Server Mirroring.

NEW QUESTION NO: 45
A user is trying to understand the detailed CloudWatch monitoring concept. Which of the below mentioned services provides detailed monitoring with CloudWatch without charging the user extra?
A. AWS Auto Scaling
B. AWS Route 53
C. AWS EMR
D. AWS SNS
Answer: B
Explanation/Reference:
Explanation:
CloudWatch is used to monitor AWS as well as the custom services. It provides either basic or detailed monitoring for the supported AWS products. In basic monitoring, a service sends data points to CloudWatch every five minutes, while in detailed monitoring a service sends data points to CloudWatch every minute. Services, such as RDS, ELB, OpsWorks, and Route 53 can provide the monitoring data every minute without charging the user.

NEW QUESTION NO: 46
You are running a database on an EC2 instance, with the data stored on Elastic Block Store (EBS) for persistence. At times throughout the day, you are seeing large variance in the response times of the database queries Looking into the instance with the isolate command you see a lot of wait time on the disk volume that the database's data is stored on.
What two ways can you improve the performance of the database's storage while maintaining the current persistence of the data? (Choose two.)
A. Move the database to an EBS-Optimized Instance
B. T Use Provisioned IOPs EBS
C. Use the ephemeral storage on an m2 4xiarge Instance Instead
D. Move to an SSD backed instance
Answer: A,D

NEW QUESTION NO: 47
An organization (account ID 123412341234) has configured the IAM policy to allow the user to modify his credentials. What will the below mentioned statement allow the user to perform?

A. The IAM policy will throw an error due to an invalid resource name
B. The IAM policy will allow the user to subscribe to any IAM group
C. Allow the IAM user to update the membership of the group called TestingGroup
D. Allow the IAM user to delete the TestingGroup
Answer: C
Explanation/Reference:
Explanation:
AWS Identity and Access Management is a web service which allows organizations to manage users and user permissions for various AWS services. If the organization (account ID 123412341234) wants their users to manage their subscription to the groups, they should create a relevant policy for that. The below mentioned policy allows the respective IAM user to update the membership of the group called MarketingGroup.


NEW QUESTION NO: 48
A sys admin has enabled logging on ELB. Which of the below mentioned fields will not be a part of the log file name?
A. Load Balancer IP
B. EC2 instance IP
C. S3 bucket name
D. Random string
Answer: B
Explanation/Reference:
Explanation:
Elastic Load Balancing access logs capture detailed information for all the requests made to the load balancer. Elastic Load Balancing publishes a log file from each load balancer node at the interval that the user has specified. The load balancer can deliver multiple logs for the same period. Elastic Load Balancing creates log file names in the following format:
"{Bucket}/{Prefix}/AWSLogs/{AWS AccountID}/elasticloadbalancing/{Region}/{Year}/{Month}/{Day}/{AWS Account ID}_elasticloadbalancing_{Region}_{Load Balancer Name}_{End Time}_{Load Balancer IP}_
{Random
String}.log"

NEW QUESTION NO: 49
You have two Elastic Compute Cloud (EC2) instances inside a Virtual Private Cloud (VPC) in the same Availability Zone (AZ) but in different subnets. One instance is running a database and the other instance an application that will interface with the database. You want to confirm that they can talk to each other for your application to work properly.
Which two things do we need to confirm in the VPC settings so that these EC2 instances can communicate inside the VPC? (Choose two.)
A. That the default route is set to a NAT instance or internet Gateway (IGW) for them to communicate.
B. Both instances are the same instance class and using the same Key-pair.
C. Security groups are set to allow the application host to talk to the database on the right port/protocol.
D. A network ACL that allows communication between the two subnets.
Answer: C,D

NEW QUESTION NO: 50
Your team Is excited about the use of AWS because now they have access to programmable Infrastructure" You have been asked to manage your AWS infrastructure in a manner similar to the way you might manage application code You want to be able to deploy exact copies of different versions of your infrastructure, stage changes into different environments, revert back to previous versions, and identify what versions are running at any particular time (development test QA. production).
Which approach addresses this requirement?
A. Use cost allocation reports and AWS Opsworks to deploy and manage your infrastructure.
B. Use AWS CloudWatch metrics and alerts along with resource tagging to deploy and manage your infrastructure.
C. Use AWS Beanstalk and a version control system like GIT to deploy and manage your infrastructure.
D. Use AWS CloudFormation and a version control system like GIT to deploy and manage your infrastructure.
Answer: D
Explanation/Reference:
Explanation:
http://aws.amazon.com/opsworks/faqs/

NEW QUESTION NO: 10
Case Study
This is a case study. Case studies are not timed separately. You can use as much exam time as you would like to complete each case. However, there may be additional case studies and sections on this exam. You must manage your time to ensure that you are able to complete all questions included on this exam in the time provided.
To answer the questions included in a case study, you will need to reference information that is provided in the case study. Case studies might contain exhibits and other resources that provide more information about the scenario that is described in the case study. Each question is independent of the other question on this case study.
At the end of this case study, a review screen will appear. This screen allows you to review your answers and to make changes before you move to the next sections of the exam. After you begin a new section, you cannot return to this section.
To start the case study
To display the first question on this case study, click the Next button. Use the buttons in the left pane to explore the content of the case study before you answer the questions. Clicking these buttons displays information such as business requirements, existing environment, and problem statements. If the case study has an All Information tab, note that the information displayed is identical to the information displayed on the subsequent tabs. When you are ready to answer a question, click the Question button to return to the question.
Overview
General Overview
Fabrikam, Inc. is a financial services organization.
Fabrikam recently purchased another financial services organization named Contoso, Ltd.
Fabrikam has 2,000 users. Contoso has 500 users.
Windows 10 and Office 2016 are deployed to all computers.
Physical Locations
Fabrikam has an office in the United States. Contoso has an office in the United Kingdom.
The offices connect to each other by using a WAN link. Each office also connects directly to the Internet.
Existing Environment
Active Directory
The network of Fabrikam contains an Active Directory forest.
The Active Directory Environment of Contoso was migrated to the Active Directory forest of Fabrikam. The forest contains three domains named fabrikam.com, contractor.fabrikam.com, and contoso.com.
All domain controllers run Windows Server 2008 R2.
All contractors outsourced by Fabrikam use the user principal name (UPN) suffix of contractor.fabrikam.com. If Fabrikam hires the contractor as a permanent employee, the UPN suffix changes to fabrikam.com.
Network
The network has the following configurations:
External IP address for the Unites States office: 192.168.1.100

External IP address for the United Kingdom office: 192.168.2.100

Internal IP address range for the Unites States office: 10.0.1.0/24

Internal IP address range for the United Kingdom office: 10.0.2.0/24

Active Directory Federation Services (AD FS)
AD FS and Web Application Proxies are deployed to support an app for the sales department. The app is accessed from the Microsoft Azure portal.
Office 365 Tenant
You have an Office 365 subscription that has the following configurations:
Organization name: Fabrikam Financial Services

Vanity domain: Fabrikamfinancialservices.onmicrosoft.com

Microsoft SharePoint domain: Fabrikamfinancialservices.sharepoint.com

Additional domains added to the subscription: Contoso.com and fabrikam.com

Requirements
Planned Changes
Fabrikam plans to implement the following changes:
Deploy Azure AD Connect.

Move mailboxes from Microsoft Exchange 2016 to Exchange Online.

Deploy Azure multi-factor authentication for devices that connect from untrusted networks only.

Deploy the Azure Authenticator app and the Company Portal app to all mobile devices.

Customize the AD FS sign-in webpage to include the Fabrikam logo, a helpdesk phone number, and a

sign-in description.
Once all of the Fabrikam users are replicated to Azure Active Directory (Azure AD), assign an E3

license to all of the users in the United States office.
Technical Requirements
Contoso identifies the following technical requirements:
When a device connects from an untrusted network to https://outlook.office.com, ensure that users

must type a verification code generated from a mobile app.
Ensure that all users can access Office 365 services from a web browser by using either a UPN or their

primary SMTP email address.
After Azure AD Connects is deployed, change the UPN suffix of all the users in the Contoso sales

department to fabrikam.com.
Ensure that administrators are notified when the health information of Exchange Online changes.

Use Office 365 reports to review previous tasks performed in Office 365.

Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution.
After you answer a question in this sections, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.
You need to ensure that a user named User1 can create mailboxes in Exchange Online and sites in SharePoint Online.
Solution: You add User1 to the Exchange administrator admin role.
Does this meet the goal?
A. Yes
B. No
Answer: B
Explanation/Reference:
Explanation:
The Exchange administrator admin role does not have the necessary privileges to create mailboxes in Exchange Online and sites in SharePoint Online.
References: https://support.office.com/en-us/article/About-Office-365-admin-roles-da585eea-f576-4f55- a1e0-87090b6aaa9d

NEW QUESTION NO: 11
You subscribe to Office 365.
You plan to implement single sign-on.
You need to deploy Active Directory Federation Services (AD FS) to a server for the planned implementation.
Which deployment methods should you use? (Each correct answer presents a complete solution.
(Choose all that apply.)
A. On a server that runs Windows Server 2008 R2, download and install AD FS 2.0.
B. On a server that runs Windows Server 2008, download and install AD FS 2.0.
C. On a server that runs Windows Server 2008, install the AD FS server role.
D. On a server that runs Windows Server 2008 R2, install the AD FS server role.
Answer: A,B
Explanation/Reference:
Explanation:
Single sign-on requires AD FS version 2.0. The AD FS server role is version 1.1.

NEW QUESTION NO: 12
You are the Office 365 administrator for a company. You plan to implement rights management.
You need to activate Microsoft Azure Rights Management.
What should you use?
A. the Windows PowerShellEnable-AadrmSuperUserFeature cmdlet
B. the Office365 Admin Center portal
C. the Windows PowerShellSet-OrganizationConfig cmdlet
D. the Microsoft Exchange Online Admin Center
Answer: B
Explanation/Reference:
Explanation:
Once you have signed up for an Office 365 plan that includes Rights Management, sign in to Office 365 with a work or school account that has the global administrator role for your Office 365 deployment. You should then navigate to the rights management page via Settings > Services & add-ins > Microsoft Azure Information Protection > Manage Microsoft Azure Information Protection settings. On the rights management page, click activate.
References: https://docs.microsoft.com/en-us/information-protection/deploy-use/activate-office365

NEW QUESTION NO: 13
DRAG DROP
You plan to use Office 365 FastTrack to deploy an Office 365 tenant.
Which action should you perform for each phase? To answer, drag the appropriate actions to the correct phases. Each action may be used once, more than once, or not at all. You may need to drag the split bar between panes or scroll to view content.
NOTE: Each correct selection is worth one point.
Select and Place:

Answer: 

Explanation/Reference:
Explanation:
References: https://fasttrack.microsoft.com/about

NEW QUESTION NO: 14
Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution.
After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.
You are the administrator for a company. You plan to use Office 365 for email and file sharing. You plan to implement a hybrid deployment with your current on-premises Active Directory Domain Services (AD DS) environment and Microsoft Azure Active Directory (Azure AD) Connect.
You must deploy Microsoft Exchange Online and OneDrive for Business for all employees. You have the following security requirements:
All employees must use complex passwords.

Passwords must be changed every six months.

Employees must use multi-factor authentication (MFA) when possible.

You need to implement MFA verification options to use with the employee's password.
Solution: Have the employee receive a phone call.
Does the solution meet the goal?
A. Yes
B. No
Answer: A
Explanation/Reference:
Explanation:
MFA for Office 365 requires users to acknowledge a phone call, text message, or app notification on their smart phones after correctly entering their passwords.
References: https://support.office.com/en-us/article/Set-up-multi-factor-authentication-for-Office-365-users-
8f0454b2-f51a-4d9c-bcde-2c48e41621c6

NEW QUESTION NO: 15
DRAG DROP
Contoso, Ltd. has an Office 365 tenant. The company has two servers named Server1 and Server2 that run Windows 2012 R2 Server. The servers are not joined to the contoso.com domain. Server2 is deployed to the perimeter network. You install Secure Sockets Layer (SSL) certificates on both servers.
You must use Integrated Windows authentication
You need to install and configure all AD FS components in the environment.
Which four actions should you perform in sequence? To answer, move the appropriate actions from the list of actions to the answer area and arrange them in the correct order.
Select and Place:

Answer: 

Explanation/Reference:
Explanation:
Note:
Prepare the Base Servers
Box 1, Box 2: AD FS Server
Base build the AD FS server with Windows Server 2012

Setup a connection to the internal network

Add the server to the local domain

Update the server with all Windows Updates

Box 3, Box 4: AD FS Proxy Server
Once the necessary WAP role services are installed, we are then able to launch the Web Application Proxy Wizard to configure WAP.
Note:
Base Build the AD FS Proxy server with Windows Server 2012

Setup a connection to the DMZ network (verify connectivity to the AD FS server on port 443)

DO NOT add the server to the local domain

Update the server with all Windows Updates


NEW QUESTION NO: 16
An organization is migrating from an on-premises Exchange organization to Office 365 tenant.
Users report that they cannot see the free/busy information for other users.
You need to determine why free/busy information does not display.
Which two Windows PowerShell cmdlets should you run? Each correct answer presents a complete solution.
A. Get-OrganizationRelationship
B. Get-SharingPolicy
C. Get-CsMeetingConfiguration
D. Get-CsClientPolicy
E. Get-IntraOrganizationConnector
Answer: A,B
Explanation/Reference:
Explanation:
A: Problem: Free/busy information can't be retrieved from one environment Users can't access free/busy information through Exchange federation in one direction only.
To display the trust information that is currently set up for the default Office 365 domain, run the following command:
Get-OrganizationRelationship | FL
B: If the free/busy problem persists, make sure that the sharing policies in the on-premises Exchange Server environment and in Exchange Online match. To determine this, run the following command in the Exchange ManagementShell, and then note the value in the Domains field in the results:
Get-SharingPolicy | FL
References: https://support.microsoft.com/en-us/kb/2555008

NEW QUESTION NO: 17
You are the Office 365 administrator for your company.
Users report that they cannot sign in to Skype for Business from their mobile devices, but they are able to send and receive Skype for Business messages by using their laptop computers.
You need to troubleshoot the issue.
What should you do?
A. From the Office 365 message center, confirm Skype for Business settings.
B. Use the Microsoft Connectivity Analyzer tool to confirm settings.
C. Confirm Skype for Business user licenses for the affected users.
D. From the Skype for Business admin center, verify the external access settings.
Answer: B
Explanation/Reference:
Explanation:
The Microsoft Connectivity Analyzer (MCA) tool is a companion to the Microsoft Remote Connectivity Analyzer web site. The MCA tool provides administrators and end users with the ability to run connectivity diagnostics for five common connectivity symptoms directly from their local computer.
One of the five symptoms that can be tested using MCA is:
"I can't log on to Skype for Business on my mobile device or the Skype for Business Windows Store App" - This test checks for the Domain Name Server (DNS) records for your on-premise domain to ensure they are configured correctly for supporting Mobile Skype for Business clients. Also it connects to the Autodiscover web service and makes sure that the authentication, certificate, web service for Mobility is correctly set up.

NEW QUESTION NO: 18
Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution.
After you answer a question in this sections, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.
You have an Office 365 subscription.
All of the users in your tenant are assigned an E5 license.
You need to view the list of planned updates for Microsoft Skype for Business Online.
Solution: You open the Skype for Business admin center and you review the contents of the dashboard.
Does this meet the goal?
A. Yes
B. No
Answer: B
Explanation/Reference:
Explanation:
Office 365 admin center allows you to view the health of the Skype for Business Online service, change and release notifications, and usage reports.
References:
https://support.office.com/en-us/article/About-the-Skype-for-Business-admin-role-aeb35bda-93fc-49b1- ac2c-c74fbeb737b5

NEW QUESTION NO: 19
Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution. Determine whether the solution meets the stated goals.
You have an on-premises Active Directory forest.
You deploy Active Directory Federation Services (AD FS) and purchase an Office 365 subscription.
You need to create a trust between the AD FS servers and the Office 365 subscription.
Solution: You run the New-MsolFederatedDomain cmdlet.
Does this meet the goal?
A. Yes
B. No
Answer: A
Explanation/Reference:
Explanation:
Each domain that you want to federate must either be added as a single sign-on domain or converted to be a single sign-on domain from a standard domain. Adding or converting a domain sets up a trust between AD FS and Microsoft Azure Active Directory (Microsoft Azure AD).
Note: The New-MSOLFederatedDomain cmdlet adds a new single sign-on domain (also known as identity- federated domain) to and configures the relying party trust settings between the on-premises AD FS server. Due to domain verification requirements, you may need to run this cmdlet several times in order to complete the process of adding the new single sign-on domain.
References:
https://msdn.microsoft.com/en-us/library/azure/dn194105(v=azure.98).aspx
https://msdn.microsoft.com/en-us/library/azure/jj205461.aspx

NEW QUESTION NO: 20
HOTSPOT
A company plans to deploy an Office 365 tenant.
You have the following requirements:
Administrators must be able to access the Office 365 admin center.

Microsoft Exchange Online must be used as a Simple Mail Transfer Protocol (SMTP) relay for a line-of-

business application that sends email messages to remote domains.
All users must be able to use the audio and video capabilities in Microsoft Skype for Business.

You need to configure the ports for the firewall.
Which port should you use for each application? Select the correct answer from each list in the answer area.
NOTE: Each correct selection is worth one point.
Hot Area:

Answer: 

Explanation/Reference:
Explanation:
Transport Control Protocol(TCP), User Datagram Protocol (UDP) ports, and Protocol Numbers are important to TCP/IP networking, intranets, and the Internet. Ports and protocol numbers provide access to a host computer. However, they also create a security hazard by allowing uninvited access. Therefore, knowing which port to allow or disable increases a network's security. If the wrong ports or protocol numbers are disabled on a firewall, router, or proxy server as a security measure, essential services might become unavailable.
TCP port 587 is an outgoing SMTP Mail port (TLS/Start TLS Port). Used by various outgoing mail servers as an alternative to port 25.
TCP port 443 is used for Audio, video and application sharing sessions as well as data sharing sessions.
RTP/UDP port 50020-50039 must be used for outbound video sessions.
RTP/UDP port 50000-50019 must be used for outbound audio sessions.
References:
https://support.office.com/en-us/article/Office-365-URLs-and-IP-address-ranges-8548a211-3fe7-47cb- abb1-355ea5aa88a2?ui=en-US&rs=en-US&ad=US
https://www.speedguide.net/port.php?port=587

NEW QUESTION NO: 1
An administrator needs to renew a certificate for a web server. Which of the following should be submitted to a CA?
A. CSR
B. Recovery agent
C. Private key
D. CRL
Answer: A
Explanation/Reference:
Explanation:
In public key infrastructure (PKI) systems, a certificate signing request (also CSR or certification request) is a message sent from an applicant to a certificate authority in order to apply for a digital identity certificate.
When you renew a certificate you send a CSR to the CA to get the certificate resigned.

NEW QUESTION NO: 2
Which of the following is an attack designed to activate based on time?
A. Backdoor
B. Logic Bomb
C. Trojan
D. Rootkit
Answer: B

NEW QUESTION NO: 3
An auditing team has found that passwords do not meet the best business practices.
Which of the following will MOST increase the security of the passwords? (Choose two.)
A. Password Complexity
B. Password Expiration
C. Password Age
D. Password Length
E. Password History
Answer: A,D
Explanation/Reference:
Explanation:
Passwords should have the strength to avoid discovery through attack, but it should also be easy enough for the user to remember. The length and complexity of a password combined are vital factors in defining a password's strength.

NEW QUESTION NO: 4
Company XYZ has encountered an increased amount of buffer overflow attacks. The programmer has been tasked to identify the issue and report any findings. Which of the following is the FIRST step of action recommended in this scenario?
A. Baseline Reporting
B. Capability Maturity Model
C. Code Review
D. Quality Assurance and Testing
Answer: C
Explanation/Reference:
Explanation:
A buffer overflow attack attacks a vulnerability caused by poor coding in an application. Reviewing the code of the application will enable you to identify code that is vulnerable to buffer overflow.
A buffer overflow occurs when a program or process tries to store more data in a buffer (temporary data storage area) than it was intended to hold. Since buffers are created to contain a finite amount of data, the extra information - which has to go somewhere - can overflow into adjacent buffers, corrupting or overwriting the valid data held in them. Although it may occur accidentally through programming error, buffer overflow is an increasingly common type of security attack on data integrity. In buffer overflow attacks, the extra data may contain codes designed to trigger specific actions, in effect sending new instructions to the attacked computer that could, for example, damage the user's files, change data, or disclose confidential information. Buffer overflow attacks are said to have arisen because the C programming language supplied the framework, and poor programming practices supplied the vulnerability.

NEW QUESTION NO: 5
Which of the following is BEST utilized to identify common misconfigurations throughout the enterprise?
A. Vulnerability scanning
B. Port scanning
C. Penetration testing
D. Black box
Answer: A
Explanation/Reference:
Explanation:
A vulnerability scan is the process of scanning the network and/or I.T. infrastructure for threats and vulnerabilities. The threats and vulnerabilities are then evaluated in a risk assessment and the necessary actions taken to resolve and vulnerabilities. A vulnerability scan scans for known weaknesses such as missing patches or security updates.
A vulnerability scan is the automated process of proactively identifying security vulnerabilities of computing systems in a network in order to determine if and where a system can be exploited and/or threatened.
While public servers are important for communication and data transfer over the Internet, they open the door to potential security breaches by threat agents, such as malicious hackers.
Vulnerability scanning employs software that seeks out security flaws based on a database of known flaws, testing systems for the occurrence of these flaws and generating a report of the findings that an individual or an enterprise can use to tighten the network's security.

NEW QUESTION NO: 6
A security administrator wants to check user password complexity. Which of the following is the BEST tool to use?
A. Password history
B. Password logging
C. Password cracker
D. Password hashing
Answer: C
Explanation/Reference:
Explanation:
The most important countermeasure against password crackers is to use long, complex passwords, which are changed regularly. Password-cracking tools compare hashes from potential passwords with the hashes stored in the accounts database. Each potential password is hashed, and that hash value is compared with the accounts database. If a match is found, the password-cracker tool has discovered a password for a user account.

NEW QUESTION NO: 7
An employee connects a wireless access point to the only jack in the conference room to provide Internet access during a meeting. The access point is configured to use WPA2-TKIP. A malicious user is able to intercept clear text HTTP communication between the meeting attendees and the Internet. Which of the following is the reason the malicious user is able to intercept and see the clear text communication?
A. The malicious user has access to the WPA2-TKIP key.
B. The wireless access point is broadcasting the SSID.
C. The malicious user is able to capture the wired communication.
D. The meeting attendees are using unencrypted hard drives.
Answer: C
Explanation/Reference:
Explanation:
In this question, the wireless users are using WPA2-TKIP. While TKIP is a weak encryption protocol, it is still an encryption protocol. Therefore, the wireless communications between the laptops and the wireless access point are encrypted.
The question states that user was able to intercept 'clear text' HTTP communication between the meeting attendees and the Internet. The HTTP communications are unencrypted as they travel over the wired network. Therefore, the malicious user must have been able to capture the wired communication.
TKIP and AES are two different types of encryption that can be used by a Wi-Fi network. TKIP stands for
"Temporal Key Integrity Protocol." It was a stopgap encryption protocol introduced with WPA to replace the very-insecure WEP encryption at the time. TKIP is actually quite similar to WEP encryption. TKIP is no longer considered secure, and is now deprecated.

NEW QUESTION NO: 8
A security analyst is reviewing the following packet capture of an attack directed at a company's server located in the DMZ:

Which of the following ACLs provides the BEST protection against the above attack and any further attacks from the same IP, while minimizing service interruption?
A. Deny TCP from 192.168.1.10 to 172.31.67.4
B. Deny IP from 192.168.1.10/32 to 0.0.0.0/0
C. Deny UDP from 192.168.1.0/24 to 172.31.67.0/24
D. DENY TCP from ANY to 172.31.64.4
Answer: A

NEW QUESTION NO: 9
A custom PKI application downloads a certificate revocation list (CRL) once per day. Management requests the list be checked more frequently. Which of the following is the BEST solution?
A. Refresh the CA public key each time a user logs in
B. Implement the OCSP protocol
C. Download the CRK every 60 seconds
D. Prompt the user to trust a certificate each time it is used
Answer: B

NEW QUESTION NO: 10
Which of the following is used to verify data integrity?
A. SHA
B. 3DES
C. AES
D. RSA
Answer: A
Explanation/Reference:
Explanation:
SHA stands for "secure hash algorithm". SHA-1 is the most widely used of the existing SHA hash functions, and is employed in several widely used applications and protocols including TLS and SSL, PGP, SSH, S/MIME, and IPsec. It is used to ensure data integrity.
Note:
A hash value (or simply hash), also called a message digest, is a number generated from a string of text.
The hash is substantially smaller than the text itself, and is generated by a formula in such a way that it is extremely unlikely that some other text will produce the same hash value.
Hashes play a role in security systems where they're used to ensure that transmitted messages have not been tampered with. The sender generates a hash of the message, encrypts it, and sends it with the message itself. The recipient then decrypts both the message and the hash, produces another hash from the received message, and compares the two hashes. If they're the same, there is a very high probability that the message was transmitted intact. This is how hashing is used to ensure data integrity.

NEW QUESTION NO: 10

 https://www.newpassleader.com/Cisco/300-320-exam-preparation-materials.html

(374 Q&As Dumps, 30%OFF Special Discount: 30free)

NEW QUESTION NO: 40
Which technology can block interfaces and provide a loop-free topology?
A. VLAN
B. VSS
C. STP
D. vPC
Answer: C

NEW QUESTION NO: 41
Refer to the exhibit. Which option should be the default gateway for the PC1 that is shown?

A. 10.2.2.2
B. 10.2.2.1
C. 10.2.2.3
D. 10.3.2.4
Answer: D

NEW QUESTION NO: 42
Which option is used as a top-of-rack device that is managed by its parent device, providing ease of management?
A. Cisco Nexus 9000
B. Cisco Nexus 2000
C. Cisco Nexus 7000
D. Cisco Nexus 5000
Answer: B

NEW QUESTION NO: 43
Which interface characteristic is used to calculate the cost of an interface in OSPF when the cost is not configured?
A. load
B. reliability
C. delay
D. bandwidth
Answer: D
Explanation/Reference:
Explanation:

NEW QUESTION NO: 44
Refer to the exhibit. A customer requires a web application implementation, but the web server has communication only to the application server and users, and the database server has communication only to the application server. What firewall design is the best fit for this scenario?

A. transparent mode with the servers on the same subnet
B. routed mode with three security zones
C. routed mode with two security zones
D. transparent mode with three security zones
Answer: B

NEW QUESTION NO: 45
An engineer is designing a campus network and must implement subsecond failover as it relates to OSPF and EIGRP designs. Which action accomplishes this requirement?
A. Design a triangle topology and tune the timers on the routing protocol.
B. Design a square topology and use port-channeling on each path.
C. Design a square topology and tune the timers on the routing protocol.
D. Design a triangle topology and use Bidirectional Forwarding Detection.
Answer: D
Explanation/Reference:
Explanation:

NEW QUESTION NO: 46
Which two physical components can enable high availability on a Cisco 6500 device? (Choose two.)
A. redundant power supplies
B. bundled Ethernet Interconnects
C. line modules with DFCs
D. VSS interlink cables
E. dual supervisor modules
Answer: A,E

NEW QUESTION NO: 47
Which option prevents the dropping of asymmetrically routed packets in active/active failover paired firewalls?
A. Configure different policies on both firewalls.
B. Assign similar interfaces on each firewall to the same asymmetric routing group.
C. Assign similar interfaces on each firewall to a different asymmetric routing group.
D. Nothing can be done to prevent this from happening.
Answer: B

NEW QUESTION NO: 48
Which STP feature can prevent other switches on the network from becoming the root switch, but still allow that interface to participate in STP otherwise?
A. Root Guard
B. UDLD
C. Bridge Assurance
D. BPDU Guard
Answer: A
Explanation/Reference:
Explanation:

NEW QUESTION NO: 49
Which architecture provides a way to deliver end-to-end QoS as required by real-time voice and video business applications?
A. IntServ
B. LLQ
C. DiffServ
D. ToS
E. DSCP
Answer: A

NEW QUESTION NO: 50
DRAG DROP
Drag and drop the Remote Data Center Layer 2 Extension option from the left onto its function on the right.
Select and Place:

Answer: 

NEW QUESTION NO: 20

A FortiGate unit can provide which of the following capabilities? (Select all that apply.)
A. Mail server
B. Email filtering
C. Firewall
D. Mail relay
E. VPN gateway
Answer: B,C,E

NEW QUESTION NO: 21
Which is an advantage of using SNMP v3 instead of SNMP v1/v2 when querying a FortiGate unit?
A. Packet encryption.
B. MIB-based report uploads.
C. SNMP access limited by access lists.
D. Running SNMP service on a non-standard port is possible.
Answer: A

NEW QUESTION NO: 22
The command structure of the FortiGate CLI consists of commands, objects, branches, tables, and parameters.
Which of the following items describes user?
A. A table
B. An object
C. A command
D. A parameter.
Answer: B

NEW QUESTION NO: 23
You wish to create a firewall policy that applies only to traffic intended for your web server. The web server has an IP address of 192.168.2.2 and a /24 subnet mask. When defining the firewall address for use in this policy, which one of the following addresses is correct?
A. 192.168.2.2 / 255.255.255.0
B. 192.168.2.2 / 255.255.255.255
C. 192.168.2.0 / 255.255.255.0
D. 192.168.2.0 / 255.255.255.255
Answer: B

NEW QUESTION NO: 24
Bob wants to send Alice a file that is encrypted using public key cryptography.
Which of the following statements is correct regarding the use of public key cryptography in this scenario?
A. Bob will use his public key to encrypt the file and Alice will use her private key to decrypt the file.
B. Bob will use his private key to encrypt the file and Alice will use her private key to decrypt the file.
C. Bob will use his public key to encrypt the file and Alice will use Bob's private key to decrypt the file
D. Bob will use Alice's public key to encrypt the file and Alice will use her private key to decrypt the file.
Answer: D

NEW QUESTION NO: 25
Examine the following CLI configuration:
config system session-ttl
set default 1800
end
What statement is true about the effect of the above configuration line?
A. Sessions can be idle for more than 1800 seconds.
B. After a session has been open for 1800 seconds, the FortiGate sends a keepalive packet to both client and server.
C. The maximum length of time a session can be open is 1800 seconds.
D. After 1800 seconds, the end user must re-authenticate.
Answer: A

NEW QUESTION NO: 26
Each UTM feature has configurable UTM objects such as sensors, profiles or lists that define how the feature will function.
An administrator must assign a set of UTM features to a group of users. Which of the following is the correct method for doing this?
A. The administrator must apply the UTM features directly to a user object.
B. The administrator must enable the UTM features in an identify-based policy applicable to the user group.
C. Enable a set of unique UTM features under "Edit User Group".
D. When defining the UTM objects, the administrator must list the user groups which will use the UTM object.
Answer: B

NEW QUESTION NO: 27
In NAT/Route mode when there is no matching firewall policy for traffic to be forwarded by the Firewall, which of the following statements describes the action taken on traffic?
A. The traffic is blocked.
B. The traffic is passed and logged.
C. The traffic is passed.
D. The traffic is blocked and logged.
Answer: A

NEW QUESTION NO: 28
Because changing the operational mode to Transparent resets device (or vdom) to all defaults, which precautions should an Administrator take prior to performing this? (Select all that apply.)
A. Disconnect redundant cables to ensure the topology will not contain layer 2 loops.
B. Set the unit to factory defaults.
C. Backup the configuration.
D. Update IPS and AV files.
Answer: A,C

NEW QUESTION NO: 29
The Idle Timeout setting on a FortiGate unit applies to which of the following?
A. Administrator access
B. FTP connections
C. Web browsing
D. User authentication
E. Web filtering overrides
Answer: A

NEW QUESTION NO: 30
The FortiGate unit can be configured to allow authentication to a RADIUS server. The RADIUS server can use several different authentication protocols during the authentication process.
Which of the following are valid authentication protocols that can be used when a user authenticates to the RADIUS server? (Select all that apply.)
A. FAP (FortiGate Authentication Protocol)
B. CHAP (Challenge-Handshake Authentication Protocol)
C. PAP (Password Authentication Protocol)
D. MS-CHAP-V2 (Microsoft Challenge-Handshake Authentication Protocol v2)
E. MS-CHAP (Microsoft Challenge-Handshake Authentication Protocol v1)
Answer: B,C,D,E

NEW QUESTION NO: 31
Which tasks fall under the responsibility of the SSL proxy in a typical HTTPS connection? (Choose two.)
A. Communication with the URL filter process.
B. The web client SSL handshake.
C. File buffering.
D. The web server SSL handshake.
Answer: B,D

NEW QUESTION NO: 32
Which part of an email message exchange is NOT inspected by the POP3 and IMAP proxies?
A. TCP connection
B. Message headers
C. Message body
D. File attachments
Answer: A

NEW QUESTION NO: 33
A FortiGate unit is configured to receive push updates from the FortiGuard Distribution Network, however, updates are not being received.
Which of the following statements are possible reasons for this? (Select all that apply.)
A. The FortiGate unit has not been registered.
B. There is a NAT device between the FortiGate unit and the FortiGuard Distribution Network and no override push IP is configured.
C. The FortiGate unit is in Transparent mode which does not support push updates.
D. The external facing interface of the FortiGate unit is configured to use DHCP.
Answer: A,B,D

NEW QUESTION NO: 34
An administrator configures a FortiGate unit in Transparent mode on the 192.168.11.0 subnet. Automatic Discovery is enabled to detect any available FortiAnalyzers on the network.
Which of the following FortiAnalyzers will be detected? (Select all that apply.)
A. 192.168.11.100
B. 192.168.11.251
C. 192.168.10.100
D. 192.168.10.251
Answer: A,B

NEW QUESTION NO: 35
Which of the following statements are correct concerning layer 2 broadcast domains in transparent mode VDOMs?(Choose two)
A. Each VLAN is a separate broadcast domain.
B. All the interfaces in the same broadcast domain must use the same VLAN ID.
C. The whole VDOM is a single broadcast domain even when multiple VLAN are used.
D. Interfaces configured with the same VLAN ID can belong to different broadcast domains.
Answer: A,D

NEW QUESTION NO: 36
Review the IPsec diagnostics output of the command diagnose vpn tunnel list shown in the exhibit.

Which of the following statements is correct regarding this output? (Select one answer).
A. One tunnel is rekeying.
B. Two tunnels are rekeying.
C. Two tunnels are up.
D. One tunnel is up.
Answer: C

NEW QUESTION NO: 37
Which of the following Fortinet products can receive updates from the FortiGuard Distribution Network?
(Select all that apply.)
A. FortiGate
B. FortiClient
C. FortiMail
D. FortiAnalyzer
Answer: A,B,C

NEW QUESTION NO: 38
Two devices are in an HA cluster, the device hostnames are STUDENT and REMOTE. Exhibit A shows the command output of diagnose sys session stat for the STUDENT device. Exhibit B shows the command output of diagnose sys session stat for the REMOTE device.
Exhibit A:

Exhibit B:

Given the information provided in the exhibits, which of the following statements are correct? (Choose two.)
A. The cluster mode is active-passive.
B. Session-pickup is likely to be enabled.
C. There is not enough information to determine the cluster mode.
D. STUDENT is likely to be the master device.
Answer: C,D

NEW QUESTION NO: 39
Examine at the output below from the diagnose sys top command:

Which statements are true regarding the output above? (Choose two.)
A. The sshd process is the one consuming most CPU.
B. The command diagnose sys kill miglogd will restart the miglogd process.
C. All the processes listed are in sleeping state.
D. The sshd process is using 123 pages of memory.
Answer: A,C

NEW QUESTION NO: 40
Which of the following are valid FortiGate device interface methods for handling DNS requests? (Select all that apply.)
A. Forward-only
B. Recursive
C. Non-recursive
D. Iterative
E. Conditional-forward
Answer: A,B,C