Refer to the exhibit. The script outputs too many results when it is queried against the Cisco Umbrella Reporting API.
Which two configurations restrict the returned result to only 10 entries? (Choose two.)

A. Add params parameter in the get and assign in the {“return”: “10”} value.

B. Add ?limit=10 to the end of the URL string.

C. Add params parameter in the get and assign in the {“limit”: “10”} value.

D. Add ?find=10 to the end of the URL string.

E. Add ?return=10 to the end of the URL string.

Which step is required by Cisco pxGrid providers to expose functionality to consumer applications that are written in Python?

A. Look up the existing service using the /pxgrid/control/ServiceLookup endpoint.

B. Register the service using the /pxgrid/control/ServiceRegister endpoint.

C. Configure the service using the /pxgrid/ise/config/profiler endpoint.

D. Expose the service using the /pxgrid/ise/pubsub endpoint.

Refer to the exhibit. The security administrator must temporarily disallow traffic that goes to a production web server using the Cisco FDM REST API. The administrator sends an API query as shown in the exhibit.
What is the outcome of that action?

A. The given code does not execute because the mandatory parameters, source, destination, and services are missing.

B. The given code does not execute because it uses the HTTP method “PUT”. It should use the HTTP method “POST”.

C. The appropriate rule is updated with the source, destination, services, and other fields set to “Any” and the action set to “DENY”. Traffic to the production web server is disallowed, as expected.

D. A new rule is created with the source, destination, services, and other fields set to “Any” and the action set to “DENY”. Traffic to the production web server is disallowed, as expected.

Refer to the exhibit.
Which expression prints the text "802.1x"?

A. print(quiz[0][‘choices’][‘b’])

B. print(quiz[‘choices’][‘b’])

C. print(quiz[0][‘choices’][‘b’][‘802.1x’])

D. print(quiz[0][‘question’][‘choices’][‘b’])

DRAG DROP -
Drag and drop the code to complete the curl query to the Cisco Umbrella Investigate API for the Latest Malicious Domains for the IP address 10.10.20.50. Not all options are used.
Select and Place:
 

Refer to the exhibit. A security engineer created a script and successfully executed it to retrieve all currently open alerts.
Which print command shows the first returned alert?

A. print(response[data][0])

B. print(response[results][0])

C. print(response.json()[data][0])

D. print(response.json()[results][0])

DRAG DROP -
Drag and drop the code to complete the curl query to the Umbrella Reporting API that provides a detailed report of blocked security activity events from the organization with an organizationId of "12345678" for the last 24 hours. Not all options are used.
Select and Place:
 

Which API capability is available on Cisco Firepower devices?

A. Firepower Management Center – Sockets API

B. Firepower Management Center – eStreamer API

C. Firepower Management Center – Camera API

D. Firepower Management Center – Host Output API

In Cisco AMP for Endpoints, which API queues to find the list of endpoints in the group "Finance Hosts," which has a GUID of 6c3c2005-4c74-4ba7-8dbb- c4d5b6bafe03?

A. https://api.amp.cisco.com/v1/endpoints?group[]=6c3c2005-4c74-4ba7-8dbb-c4d5b6bafe03

B. https://api.amp.cisco.com/v1/computers?group_guid[]=6c3c2005-4c74-4ba7-8dbb-c4d5b6bafe03

C. https://api.amp.cisco.com/v1/computers?group_guid-6c3c2005-4c74-4ba7-8dbb-c4d5b6bafe03

D. https://api.amp.cisco.com/v1/endpoints?group-6c3c2005-4c74-4ba7-8dbb-c4d5b6bafe03

DRAG DROP -
 
Refer to the exhibit.
Drag and drop the elements from the left onto the script on the right that queries Cisco ThreatGRID for indications of compromise.
Select and Place:
 

DRAG DROP -
Drag and drop the items to complete the pxGrid script to retrieve all Adaptive Network Control policies. Assume that username, password, and base URL are correct. Not all options are used.
Select and Place:
 

Which request searches for a process window in Cisco ThreatGRID that contains the word "secret"?

A. /api/v2/search/submissions?term=processwindow&title=secret

B. /api/v2/search/submissions?term=processwindow&q=secret

C. /api/v2/search/submissions?term=window&title=secret

D. /api/v2/search/submissions?term=process&q=secret

DRAG DROP -
Drag and drop the code to complete the Cisco Umbrella Investigate WHOIS query that returns a list of domains that are associated with the email address
"
admin@example.com
". Not all options are used.
Select and Place:
 

For which two programming languages does Cisco offer an SDK for Cisco pxGrid 1.0? (Choose two.)

A. Python

B. Perl

C. Java

D. C

E. JavaScript

Which header set should be sent with all API calls to the Cisco Stealthwatch Cloud API?
A.
 
B.
 
C.
 
D.
 

Which description of synchronous calls to an API is true?

A. They can be used only within single-threaded processes.

B. They pause execution and wait for the response.

C. They always successfully return within a fixed time.

D. They can be used only for small requests.

The Cisco Security Management Appliance API is used to make a GET call using the URI /sma/api/v2.0/reporting/mail_incoming_traffic_summary/ detected_amp?startDate=2016-09-10T19:00:00.000Z&endDate=2018-09-24T23:00:00.000Z&device_type=esa&device_name=esa01.
What does this GET call return?

A. values of all counters of a counter group, with the device group name and device type for web

B. value of a specific counter from a counter group, with the device name and type for email

C. value of a specific counter from a counter group, with the device name and type for web

D. values of all counters of a counter group, with the device group name and device type for email

Refer to the exhibit. A Python function named "query" has been developed and the goal is to use it to query the service "com.cisco.ise.session" via Cisco pxGrid
2.0 APIs.
How is the function called, if the goal is to identify the sessions that are associated with the IP address 10.0.0.50?

A. query(config, secret, “getSessionByIpAddress/10.0.0.50”, “ipAddress”)

B. query(config, “10.0.0.50”, url, payload)

C. query(config, secret, url, “10.0.0.50”)

D. query(config, secret, url, ‘{“ipAddress”: “10.0.0.50”}’)

Which two APIs are available from Cisco ThreatGRID? (Choose two.)

A. Access

B. User Scope

C. Data

D. Domains

E. Curated Feeds

A security network engineer must implement intrusion policies using the Cisco Firepower Management Center API.
Which action does the engineer take to achieve the goal?

A. Make a PATCH request to the URI /api/fmc_config/v1/domain/{DOMAIN_UUID}/policy/intrusionpolicies.

B. Make a POST request to the URI /api/fmc_config/v1/domain/{DOMAIN_UUID}/policy/intrusionpolicies.

C. Intrusion policies can be read but not configured using the Cisco Firepower Management Center API.

D. Make a PUT request to the URI /api/fmc_config/v1/domain/{DOMAIN_UUID}/policy/intrusionpolicies.

Which two statements describe the characteristics of API styles for REST and RPC? (Choose two.)

A. REST-based APIs function in a similar way to procedures.

B. REST-based APIs are used primarily for CRUD operations.

C. REST and RPC API styles are the same.

D. RPC-based APIs function in a similar way to procedures.

E. RPC-based APIs are used primarily for CRUD operations.

Which two API capabilities are available on Cisco Identity Services Engine? (Choose two.)

A. Platform Configuration APIs

B. Monitoring REST APIs

C. Performance Management REST APIs

D. External RESTful Services APIs

E. Internal RESTful Services APIs

Refer to the exhibit.
What is the purpose of the API represented by this URL?

A. Getting or setting intrusion policies in FMC

B. Creating an intrusion policy in FDM

C. Updating access policies

D. Getting the list of intrusion policies configured in FDM

DRAG DROP -
Drag and drop the code to complete the script to search Cisco ThreatGRID and return all public submission records associated with cisco.com. Not all options are used.
Select and Place:
 

Which two destinations are supported by the Cisco Security Management Appliance reporting APIs? (Choose two.)

A. email

B. Microsoft Word file

C. FTP

D. web

E. csv file

DRAG DROP -
Drag and drop the code to complete the curl command to query the Cisco Umbrella Investigate API for the umbrella popularity list. Not all options are used.
Select and Place:
 

Which two URI parameters are needed for the Cisco Stealthwatch Top Alarm Host v1 API? (Choose two.)

A. startAbsolute

B. externalGeos

C. tenantId

D. intervalLength

E. tagID

Which snippet describes the way to create an URL object in Cisco FDM using FDM REST APIs with curl?
A.
 
B.
 
C.
 
D.
 

Refer to the exhibit. A network operator wrote a Python script to retrieve events from Cisco AMP.
 
Against which API gateway must the operator make the request?

A. BASE_URL = “https://api.amp.cisco.com”

B. BASE_URL = “https://amp.cisco.com/api”

C. BASE_URL = “https://amp.cisco.com/api/”

D. BASE_URL = “https://api.amp.cisco.com/”

Refer to the exhibit. A network operator must generate a daily flow report and learn how to act on or manipulate returned data. When the operator runs the script, it returns an enormous amount of information.
Which two actions enable the operator to limit returned data? (Choose two.)

A. Add recordLimit. followed by an integer (key:value) to the flow_data.

B. Add a for loop at the end of the script, and print each key value pair separately.

C. Add flowLimit, followed by an integer (key:value) to the flow_data.

D. Change the startDateTime and endDateTime values to include smaller time intervals.

E. Change the startDate and endDate values to include smaller date intervals.

Refer to the exhibit. A network operator must create a Python script that makes an API request to Cisco Umbrella to do a pattern search and return all matched
URLs with category information.
Which code completes the script?

A. URL = BASE_URL + “/find/exa[a-z]ple.com” PARAMS = { “categoryinclude” : “true”}

B. URL = BASE_URL + “/find/exa[a-z]ple.com” PARAMS = { “returncategory” : “true”}

C. URL = BASE_URL + “/find/exa[a-z]ple.com” PARAMS = { “includeCategory” : “true”}

D. URL = BASE_URL + “/find/exa[a-z]ple.com” PARAMS = { “returnCategory” : “true”}

Refer to the exhibit. A network operator wants to add a certain IP to a DMZ tag.
Which code segment completes the script and achieves the goal?
A.
 
B.
 
C.
 
D.
 

Refer to the exhibit.
What does the response from the API contain when this code is executed?

A. error message and status code of 403

B. newly created domains in Cisco Umbrella Investigate

C. updated domains in Cisco Umbrella Investigate

D. status and security details for the domains

If the goal is to create an access policy with the default action of blocking traffic, using Cisco Firepower Management Center REST APIs, which snippet is used?
A.
 
B.
 
C.
 
D.
 

DRAG DROP -
Drag and drop the code to complete the URL for the Cisco AMP for Endpoints API POST request so that it will add a sha256 to a given file_list using file_list_guid.
Select and Place:
 

Which query parameter is required when using the reporting API of Cisco Security Management Appliances?

A. device_type

B. query_type

C. filterValue

D. startDate + endDate

Refer to the exhibit.
What must be present in a Cisco Web Security Appliance before the script is run?

A. reporting group with the name web_malware_category_malware_name_user_detail

B. data for specified dates

C. reporting group with the name blocked_malware

D. data in the queried category

Which URI string is used to create a policy that takes precedence over other applicable policies that are configured on Cisco Stealthwatch?

A. /tenants/{tenantId}/policy/system/host-policy

B. /tenants/{tenantId}/policy/system/role-policy

C. /tenants/{tenantId}/policy/system

D. /tenants/{tenantId}/policy/system/{policyId}

DRAG DROP -
 
Refer to the exhibit. A Python function named "query" has been developed, and will be used to query the service "com.cisco.ise.session" via Cisco pxGrid 2.0
APIs.
Drag and drop the code to construct a Python call to the "query" function to identify the user groups that are associated with the user "fred". Not all options are used.
Select and Place:
 

Which API is used to query if the domain "example.com" has been flagged as malicious by the Cisco Security Labs team?

A. https://s-platform.api.opendns.com/1.0/events?example.com

B. https://investigate.api.umbrella.com/domains/categorization/example.com

C. https://investigate.api.umbrella.com/domains/volume/example.com

D. https://s-platform.api.opendns.com/1.0/domains?example.com

What are two capabilities of Cisco Firepower Management Center eStreamer? (Choose two.)

A. eStreamer is used to get sources for intelligence services.

B. eStreamer is used to send malware event data.

C. eStreamer is used to get a list of access control policies.

D. eStreamer is used to send policy data.

E. eStreamer is used to send intrusion event data.

After changes are made to the Cisco Firepower Threat Defense configuration using the Cisco Firepower Device Manager API, what must be done to ensure that the new policy is activated?

A. Submit a POST to the /api/fdm/latest/operational/deploy URI.

B. Submit a GET to the /api/fdm/latest/operational/deploy URI.

C. Submit a PUT to the /api/fdm/latest/devicesettings/pushpolicy URI.

D. Submit a POST to the /api/fdm/latest/devicesettings/pushpolicy URI.

Refer to the exhibit.
Which URL returned the data?

A. https://api.amp.cisco.com/v1/computers

B. https://api.amp.cisco.com/v0/computers

C. https://amp.cisco.com/api/v0/computers

D. https://amp.cisco.com/api/v1/computers

Which curl command lists all tags (host groups) that are associated with a tenant using the Cisco Stealthwatch Enterprise API?

A. curl -X PUT”Cookie:{Cookie Data}”https://{stealthwatch_host}/smc-configuration/rest/v1/tenants/{tenant_id}/tags

B. curl -X POST -H”Cookie:{Cookie Data}”https://{stealthwatch_host}/smc-configuration/rest/v1/tenants/tags

C. curl -X GET -H”Cookie:{Cookie Data}”https://{stealthwatch_host}/smc-configuration/rest/v1/tenants/{tenant_id}/tags

D. curl -X GET -H”Cookie:{Cookie Data}”https://{stealthwatch_host}/smc-configuration/rest/v1/tenants/tags

Which two event types can the eStreamer server transmit to the requesting client from a managed device and a management center? (Choose two.)

A. user activity events

B. intrusion events

C. file events

D. intrusion event extra data

E. malware events

DRAG DROP -
A Python script is being developed to return the top 10 identities in an organization that have made a DNS request to "www.cisco.com".
Drag and drop the code to complete the Cisco Umbrella Reporting API query to return the top identities. Not all options are used.
Select and Place:
 

DRAG DROP -
Drag and drop the items to complete the ThreatGRID API call to return a curated feed of sinkholed-ip-dns in stix format. Not all options are used.
Select and Place:
 

DRAG DROP -
Drag and drop the code to complete the API call to query all Cisco Stealthwatch Cloud observations. Not all options are used.
Select and Place:
 

Which snippet is used to create an object for network 10.0.69.0/24 using Cisco Firepower Management Center REST APIs?
A.
 
B.
 
C.
 
D.
 

Which two commands create a new local source code branch? (Choose two.)

A. git checkout -b new_branch

B. git branch -b new_branch

C. git checkout -f new_branch

D. git branch new_branch

E. git branch -m new_branch