Cisco Certified Network Professional Security Intermediate Practice Exam: Medium Difficulty 2025

A security administrator is implementing a zero-trust security model for their organization. They need to ensure that all users are continuously verified regardless of their location. Which combination of technologies would BEST support this implementation?

An organization is experiencing a DDoS attack that is overwhelming their web servers with SYN packets. The security team needs to implement a solution on their Cisco ASA firewall. Which feature should they configure to mitigate this specific attack?

A company is deploying applications in AWS and needs to ensure consistent security policy enforcement across both their on-premises data center and cloud environment. Their existing infrastructure uses Cisco Firepower. What approach would provide the MOST seamless integration?

A security analyst notices that despite having Cisco AMP for Endpoints deployed, a workstation was infected with ransomware. The AMP console shows the file was initially marked as 'Unknown' and later changed to 'Malicious'. What AMP feature would have prevented the execution while the file disposition was still unknown?

An organization is implementing ISE for network access control. They need to redirect non-compliant devices to a remediation VLAN while allowing compliant corporate devices full network access. Guest devices should be redirected to a web portal. Which ISE authorization result combinations would achieve this?

A security engineer is configuring Cisco Umbrella for a distributed workforce. The company wants DNS-layer security for roaming users without requiring a full VPN connection. Which deployment method should be implemented?

During a security incident investigation, an analyst needs to understand the attack timeline and identify patient zero. The environment uses Cisco Secure Network Analytics (Stealthwatch). Which feature would provide the MOST comprehensive view of the lateral movement after initial compromise?

A network security architect is designing a solution to prevent lateral movement of threats within the data center. The solution must operate at Layer 3/4 and provide dynamic segmentation without requiring network topology changes. Which technology best meets these requirements?

An organization has deployed Cisco ISE with device profiling enabled. The security team notices that many IoT devices are being incorrectly classified. They need to improve profiling accuracy for a specific manufacturer's medical devices. What combination of profiling probes would provide the MOST accurate classification?

A company's security operations center needs to implement automated threat response. They use Cisco Firepower for IPS and Cisco ISE for network access control. When Firepower detects a compromised host, they want to automatically quarantine it. What integration approach would accomplish this?