cisco 300-735 online test

Question 1

DRAG DROP

Refer to the exhibit.
Drag and drop the elements from the left onto the script on the right that queries Cisco ThreatGRID for indications of
compromise.
Select and Place:

Answer:

Explanation:
Reference: https://community.cisco.com/t5/endpoint-security/amp-threat-grid-api/m-p/3538319

Question 2

Which API capability is available on Cisco Firepower devices?

• A. Firepower Management Center - Sockets API
• B. Firepower Management Center - eStreamer API
• C. Firepower Management Center - Camera API
• D. Firepower Management Center - Host Output API

Answer:

B

Question 3

Which API is designed to give technology partners the ability to send security events from their platform/service/appliance
within a mutual customer's environment to the Umbrella cloud for enforcement?

• A. Cisco Umbrella Management API
• B. Cisco Umbrella Security Events API
• C. Cisco Umbrella Enforcement API
• D. Cisco Umbrella Reporting API

Answer:

C

Question 4

Refer to the exhibit. The security administrator must temporarily disallow traffic that goes to a production web server using
the Cisco FDM REST API. The administrator sends an API query as shown in the exhibit.
What is the outcome of that action?

• A. The given code does not execute because the mandatory parameters, source, destination, and services are missing.
• B. The given code does not execute because it uses the HTTP method "PUT". It should use the HTTP method "POST".
• C. The appropriate rule is updated with the source, destination, services, and other fields set to "Any" and the action set to "DENY". Traffic to the production web server is disallowed, as expected.
• D. A new rule is created with the source, destination, services, and other fields set to "Any" and the action set to "DENY". Traffic to the production web server is disallowed, as expected.

Answer:

C

Question 5

Refer to the exhibit. A security engineer attempts to query the Cisco Security Management appliance to retrieve details of a
specific message.
What must be added to the script to achieve the desired result?

• A. Add message ID information to the URL string as a URI.
• B. Run the script and parse through the returned data to find the desired message.
• C. Add message ID information to the URL string as a parameter.
• D. Add message ID information to the headers.

Answer:

C

Question 6

What is the purpose of the snapshot APIs exposed by Cisco Stealthwatch Cloud?

• A. Report on flow data during a customizable time period.
• B. Operate and return alerts discovered from infrastructure observations.
• C. Return current configuration data of Cisco Stealthwatch Cloud infrastructure.
• D. Create snapshots of supported Cisco Stealthwatch Cloud infrastructure.

Answer:

B

Question 7

Which two event types can the eStreamer server transmit to the requesting client from a managed device and a
management center? (Choose two.)

• A. user activity events
• B. intrusion events
• C. file events
• D. intrusion event extra data
• E. malware events

Answer:

B D

Question 8

For which two programming languages does Cisco offer an SDK for Cisco pxGrid 1.0? (Choose two.)

• A. Python
• B. Perl
• C. Java
• D. C
• E. JavaScript

Answer:

C D

Question 9

DRAG DROP
Drag and drop the items to complete the curl request to the ThreatGRID API. The API call should request the first 10 IP
addresses that ThreatGRID saw samples communicate with during analysis, in the first two hours of January 18th (UTC
time), where those communications triggered a Behavior Indicator that had a confidence equal to or higher than 75 and a
severity equal to or higher than 95.
Select and Place:

Answer:

Explanation:
Reference:
https://support.umbrella.com/hc/en-us/articles/231248768-Cisco-Umbrella-Cisco-AMP-Threat-Grid-Cloud-Integration-Setup-
Guide

Question 10

DRAG DROP
Drag and drop the code to complete the curl command to query the Cisco Umbrella Investigate API for the umbrella
popularity list. Not all options are used.
Select and Place:

Answer:

Explanation:
Reference: https://docs.umbrella.com/investigate-api/reference