Home > Network Assurance Questions

Network Assurance Questions

January 28th, 2021 Go to comments

Question 1

Explanation

Syslog levels are listed below:

Level Keyword Description
0 emergencies System is unusable
1 alerts Immediate action is needed
2 critical Critical conditions exist
3 errors Error conditions exist
4 warnings Warning conditions exist
5 notification Normal, but significant, conditions exist
6 informational Informational messages
7 debugging Debugging messages

Number “5” in “%LINEPROTO-5- UPDOWN” is the severity level of this message so in this case it is “notification”.

Question 2

Explanation

The TCP port 6514 has been allocated as the default port for syslog over Transport Layer Security (TLS).

Reference: https://tools.ietf.org/html/rfc5425

Question 3

Explanation

The goal of the Cyber Threat Defense solution is to introduce a design and architecture that can help facilitate the discovery, containment, and remediation of threats once they have penetrated into the network interior.

Cisco Cyber Threat Defense version 2.0 makes use of several solutions to accomplish its objectives:

* NetFlow and the Lancope StealthWatch System
– Broad visibility
User and flow context analysis
– Network behavior and anomaly detection
– Incident response and network forensics

* Cisco FirePOWER and FireSIGHT
– Real-time threat management
– Deeper contextual visibility for threats bypassing the perimeters
– URL control

* Advanced Malware Protection (AMP)
– Endpoint control with AMP for Endpoints
– Malware control with AMP for networks and content

* Content Security Appliances and Services
– Cisco Web Security Appliance (WSA) and Cloud Web Security (CWS)
– Dynamic threat control for web traffic
– Outbound URL analysis and data transfer controls
– Detection of suspicious web activity
– Cisco Email Security Appliance (ESA)
– Dynamic threat control for email traffic
– Detection of suspicious email activity

* Cisco Identity Services Engine (ISE)
– User and device identity integration with Lancope StealthWatch
– Remediation policy actions using pxGrid

Reference: https://www.cisco.com/c/dam/en/us/td/docs/security/network_security/ctd/ctd2-0/design_guides/ctd_2-0_cvd_guide_jul15.pdf

Comments
  1. Hasan Asghari
    July 14th, 2020

    q 7 is tcp connect

  2. Hasan Asghari
    July 14th, 2020

    tcp connect wrong
    udp jitter is correct answer
    Your IP network is operational and you can access the destination device.
    If you are using a Cisco IP SLAs Responder on the destination device for any auto IP SLAs operation, the responder must be enabled before you configure the IP SLAs operation. The following operations require that an IP SLAs responder be enabled on the destination device:
    UDP Echo
    UPD Jitter
    VoIP UDP

  3. Anonymous
    September 19th, 2020

    Just took the test yesterday and passed! Wouldn’t have been able to do it w/o this site!
    For question #1 What is the logging severity level?

    know Syslog levels, my question had:
    “3 errors Error conditions exist” not “5 notification Normal, but significant, conditions exist”

  4. CP
    March 2nd, 2021

    Could someone tell me the answer and why? Thank you so much

    Question 7
    Which IP SLA operation requires the IP SLA responder to be configured on the remote end?
    A. ICMP echo
    B. UDP jitter
    C. CMP jitter
    D. TCP connect

  1. No trackbacks yet.