Cisco 350-701 Practice Test - Questions Answers, Page 22

Cisco IOS public key infrastructure (PKI) provides certificate management to support security protocols such as IP Security (IPSec), secure shell (SSH), and secure socket layer (SSL). This module identifies and describes concepts that are needed to understand, plan for, and implement a PKI.

A PKI is composed of the following entities: …

– A distribution mechanism (such as Lightweight Directory Access Protocol [LDAP] or HTTP) forcertificate revocation lists (CRLs)

Reference: https://www.cisco.com/c/en/us/td/docs/ios-xml/ios/sec_conn_pki/configuration/15-mt/sec-pki-15-mtbook/sec-pki-overview.html

Denial-of-service (DDoS) aims at shutting down a network or service, causing it to be inaccessible to its intended users.

The Smurf attack is a DDoS attack in which large numbers of Internet Control Message Protocol

(ICMP) packets with the intended victim's spoofed source IP are broadcast to a computer network using an IP broadcast address.

Endpoint protection platforms (EPP) prevent endpoint security threats like known and unknown malware.

Endpoint detection and response (EDR) solutions can detect and respond to threats that your EPP and other security tools did not catch.

EDR and EPP have similar goals but are designed to fulfill different purposes. EPP is designed to provide device-level protection by identifying malicious files, detecting potentially malicious activity, and providing tools for incident investigation and response.

The preventative nature of EPP complements proactive EDR. EPP acts as the first line of defense, filtering out attacks that can be detected by the organization's deployed security solutions. EDR acts as a second layer of protection, enabling security analysts to perform threat hunting and identify more subtle threats to the endpoint.

Effective endpoint defense requires a solution that integrates the capabilities of both EDR and EPP to provide protection against cyber threats without overwhelming an organization's security team.

Southbound APIs enable SDN controllers to dynamically make changes based on real-time demands and scalability needs.

The version 9 export format uses templates to provide access to observations of IP packet flows in a flexible and extensible manner. A template defines a collection of fields, with corresponding descriptions of structure and semantics.

Reference: https://tools.ietf.org/html/rfc3954

The HMAC-SHA-1-96 (also known as HMAC-SHA-1) encryption technique is used by IPSec to ensure that a message has not been altered. (-> Therefore answer "integrity" is the best choice). HMACSHA- 1 uses the SHA-1 specified in

FIPS-190-1, combined with HMAC (as per RFC 2104), and is described in RFC 2404.

Reference: https://www.ciscopress.com/articles/article.asp?p=24833&seqNum=4