DRAG DROP

Drag and drop the code to complete the curl query to the Umbrella Reporting API that provides a detailed report of blocked security activity events from the organization with an organizationId of "12345678" for the last 24 hours. Not all options are used.

Select and Place:

DRAG DROP

Drag and drop the code to complete the curl query to the Cisco Umbrella Investigate API for the Latest Malicious Domains for the IP address 10.10.20.50. Not all options are used.

Select and Place:

Refer to the exhibit.

What does the response from the API contain when this code is executed?

A. error message and status code of 403

B. newly created domains in Cisco Umbrella Investigate

C. updated domains in Cisco Umbrella Investigate

D. status and security details for the domains

Refer to the exhibit.

A security engineer attempts to query the Cisco Security Management appliance to retrieve details of a specific message. What must be added to the script to achieve the desired result?

A. Add message ID information to the URL string as a URI.

B. Run the script and parse through the returned data to find the desired message.

C. Add message ID information to the URL string as a parameter.

D. Add message ID information to the headers.

Refer to the exhibit.

Which URL returned the data?

A. https://api.amp.cisco.com/v1/computers

B. https://api.amp.cisco.com/v0/computers

C. https://amp.cisco.com/api/v0/computers

D. https://amp.cisco.com/api/v1/computers

Refer to the exhibit.

A network operator wants to add a certain IP to a DMZ tag. Which code segment completes the script and achieves the goal?

A. Option A

B. Option B

C. Option C

D. Option D

Which two event types can the eStreamer server transmit to the requesting client from a managed device and a management center? (Choose two.)

A. user activity events

B. intrusion events

C. file events

D. intrusion event extra data

E. malware events

The Cisco Security Management Appliance API is used to make a GET call using the URI /sma/api/v2.0/reporting/mail_incoming_traffic_summary/detected_amp?startDate=2016-09-10T19:00:00.000ZandendDate=2018-0924T23:00:00.000Zanddevice_type=esaanddevice_name=esa01.

What does this GET call return?

A. values of all counters of a counter group, with the device group name and device type for web

B. value of a specific counter from a counter group, with the device name and type for email

C. value of a specific counter from a counter group, with the device name and type for web

D. values of all counters of a counter group, with the device group name and device type for email

What is the purpose of the snapshot APIs exposed by Cisco Stealthwatch Cloud?

A. Report on flow data during a customizable time period.

B. Operate and return alerts discovered from infrastructure observations.

C. Return current configuration data of Cisco Stealthwatch Cloud infrastructure.

D. Create snapshots of supported Cisco Stealthwatch Cloud infrastructure.

Which query parameter is required when using the reporting API of Cisco Security Management Appliances?

A. device_type

B. query_type

C. filterValue

D. startDate + endDate