Jump to content

Recommended Posts

3 hours ago, invincible2k said:

can anyone please confirm SISE 300-715 60Q is valid?

 

I buy two dumps SCOR 350-701 and SISE 300-715

 

Hidden Content
  • Hidden Content

    • Give reaction to this post to see the hidden content.

Check this 

 

  • Like 8
  • Thanks 4
  • Sad 1

Share this post


Link to post
Share on other sites
18 minutes ago, omardalvi said:

An engineer configured a new network identity in Cisco Umbrella but must verify that traffic is being routed through the Cisco Umbrella network. Which action tests the routing?
A. Ensure that the client computers are pointing to the on-premises DNS servers.
B. Enable the Intelligent Proxy to validate that traffic is being routed correctly.
C. Add the public IP address that the client computers are behind to a Core Identity.
D. Browse to

Hidden Content

    Give reaction to this post to see the hidden content.
to validate that the new identity is working.

Is it B or D? As per my understanding, it should be B, as the welcome URL only lets us know if umbrella dns is working, but we need intelligent proxy to verify any new identity routes. Thoughts?

It's D because Engineer configured a new network Identity in Umbrella

Explaination: 

  • Like 34
  • Thanks 7
  • Haha 1

Share this post


Link to post
Share on other sites
On 4/18/2020 at 9:20 PM, ccnpexam18 said:

QUESTION 1
Which feature requires a network discovery policy on the Cisco Firepower Next Generation Intrusion Prevention System?
A. security intelligence
B. impact flags
C. health monitoring
D. URL filtering

Correct Answer: should be B (according to the dumps it’s A)

B is correct, because 1st of all: Security Intelligence, Health monitoring and URL filtering are not related to IPS.
2nd reason, we use Network discovery data (to understand what vulnerabilities you have in your network) for IPS, so when there is an attack we understand the impact flag (is the attack danger to your network). Let’s say you have only Windows devices in your network, if there is an attack related to MAC OS/Android/iOS, the impact flag is low, because, you don’t have such vulnerabilities in your network.

“The impact level in this field indicates the correlation between intrusion data, network discovery data, and vulnerability information.”

Hidden Content

    Give reaction to this post to see the hidden content.

 

I reviewed this answer too and have to say that it's tricky and i believe A Security Intelligence is correct

Cisco is advertising the work of their own Security Intelligence Group TALOS. Take a look at the Data Sheet of NGIPS, where they advertise it as a feature:

Class-leading Collective Security Intelligence (CSI) from the Cisco Talos Group.

The Cisco Firepower Management Center provides a single point of event collection and policy management

Hidden Content

    Give reaction to this post to see the hidden content.

Discussion allowed.

  • Like 22
  • Thanks 7
  • Haha 1

Share this post


Link to post
Share on other sites
Posted (edited)

QUESTION 15
Which flaw does an attacker leverage when exploiting SQL injection vulnerabilities?
A. user input validation in a web page or web application
B. Linux and Windows operating systems
C. database
D. web page images

Strangely, the answer here is (c.) Database. as proven by one exam taker. But I will still go for User Input validation because C. is really against my conscience

Edited by artiken

Share this post


Link to post
Share on other sites

QUESTION 1
Which feature requires a network discovery policy on the Cisco Firepower Next Generation Intrusion Prevention
System?
A. security intelligence
B. impact flags
C. health monitoring
D. URL filtering

Answer as suggested by an exam taker is (A), which I think makes sense. I will go for A too.

Share this post


Link to post
Share on other sites
3 hours ago, artiken said:

QUESTION 15
Which flaw does an attacker leverage when exploiting SQL injection vulnerabilities?
A. user input validation in a web page or web application
B. Linux and Windows operating systems
C. database
D. web page images

Strangely, the answer here is (c.) Database. as proven by one exam taker. But I will still go for User Input validation because C. is really against my conscience

If this question comes towards the end and im feeling confident, ill try answering c, or else ill stick to A 😛

Share this post


Link to post
Share on other sites

Hi all, I will take the exam on Thursday.

I will keep you updated after exam 🙂

 

  • Like 1

Share this post


Link to post
Share on other sites
Posted (edited)

 

5 hours ago, artiken said:

QUESTION 15
Which flaw does an attacker leverage when exploiting SQL injection vulnerabilities?
A. user input validation in a web page or web application
B. Linux and Windows operating systems
C. database
D. web page images

Strangely, the answer here is (c.) Database. as proven by one exam taker. But I will still go for User Input validation because C. is really against my conscience

The Answer is definitily C Database It was my job checking Webapps for possible injections. I will check for the reference why its database.

SQL Injection has become a common issue with database-driven web sites ...... essentially, the attack is accomplished by placing a meta character into data input to then place SQL commands in the control plane, which did not exist there before. This flaw depends on the fact that SQL makes no real distinction between the control and data planes.

Hidden Content

    Give reaction to this post to see the hidden content.


user input validation in a web page or web application is just the "input field" for the control and data plane flaw...

Beside that can i use sql-injection also against Shopsystem Queries to manipulate Session-Management or simply show structure and content of database tables. Meaning i dont need a user input field for injections to work.

In MySQL, the table information_schema.tables contains all the metadata related to table objects. 

Hidden Content

    Give reaction to this post to see the hidden content.

Edited by Jay2020
  • Like 21
  • Thanks 11
  • Haha 1

Share this post


Link to post
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.


×
×
  • Create New...