Jump to content

Jay2020

Members
  • Content Count

    0
  • Joined

  • Last visited

Community Reputation

90 Excellent

About Jay2020

  • Rank
    Newbie

Recent Profile Visitors

The recent visitors block is disabled and is not being shown to other users.

  1. Question 19: Answer is C. AES-256 Check the following link under: Data Plane Authentication and Encryption [Hidden Content]
  2. Answer B and D is correct. Think Google Authenticator App. Widely used. If not This App then the same concept: You get a special series of numbers only you know from that app (knowledge) and its only valid per default for 30 seconds (time) There is no biometric, confidentality or encryption
  3. typo sorry - you are correct - and i corrected it.
  4. An engineer configured a new network identity in Cisco Umbrella but must verify that traffic is being routed through the Cisco Umbrella network. Which action tests the routing? A. Ensure that the client computers are pointing to the on-premises DNS servers. B. Enable the Intelligent Proxy to validate that traffic is being routed correctly. C. Add the public IP address that the client computers are behind to a Core Identity. D. Browse to [Hidden Content] to validate that the new identity is working. Is it B or D? As per my understanding, it should be B, as the welcome URL only lets us know if umbrella dns is working, but we need intelligent proxy to verify any new identity routes. Thoughts? I reviewed this question too. And Option D is correct. I read the user guide on how to add a network identity and how to test your network. Under "register a fixed network" it says as follows: Step 4 – Test Your Network Verify that your DNS connections are routed through Cisco Umbrella's global network by navigating to the following page in your client's browser: [Hidden Content]. You should see the Welcome to Umbrella page. Note: You may need to restart your client's network interface or your computer.
  5. The Answer is definitily C Database It was my job checking Webapps for possible injections. I will check for the reference why its database. SQL Injection has become a common issue with database-driven web sites ...... essentially, the attack is accomplished by placing a meta character into data input to then place SQL commands in the control plane, which did not exist there before. This flaw depends on the fact that SQL makes no real distinction between the control and data planes. [Hidden Content] user input validation in a web page or web application is just the "input field" for the control and data plane flaw... Beside that can i use sql-injection also against Shopsystem Queries to manipulate Session-Management or simply show structure and content of database tables. Meaning i dont need a user input field for injections to work. In MySQL, the table information_schema.tables contains all the metadata related to table objects. [Hidden Content]
  6. I reviewed this answer too and have to say that it's tricky and i believe A Security Intelligence is correct Cisco is advertising the work of their own Security Intelligence Group TALOS. Take a look at the Data Sheet of NGIPS, where they advertise it as a feature: Class-leading Collective Security Intelligence (CSI) from the Cisco Talos Group. The Cisco Firepower Management Center provides a single point of event collection and policy management [Hidden Content] Discussion allowed.
  7. I am very interested. lets see what I will find :-)
×
×
  • Create New...