and removing data from Cisco Unified
Communications Manager.CHAPTER 11
1. B. The Investigate API provides enrichment of
security events with intelligence to SIEM or other
security visibility tools.
2. C. The Umbrella Enforcement API involves an
HTTP POST request, which internally comprises
the Investigate API to check whether the domain
is safe.
3. A. The response header contains the token X-
auth-access-token, which needs to be used in
all subsequent API calls.
4. B. A named object is a reusable configuration
that associates a name with a value.
5. C. APTs allow bad actors to gain access to and
control endpoint resources over an extended
period to steal valuable data without being
detected.
6. B. ISE enables devices and users to be identified
and provisioned and enables policies to be
applied.
7. B. Threat Grid is a unified malware analysis and
threat intelligence platform.
8. B. IOCs are used to indicate that the system has
been affected by some form of malware.CHAPTER 12
1. A, B, D. There are three standards-based
programmable interfaces for operating on the
YANG data models: NETCONF, RESTCONF, and
gRPC.
2. B. By default, the NETCONF server on the device
runs on TCP port 830 and uses the SSH process
for transport.