Introducing The New!
Surepassexam Collection
Get Unlimited Access to all
Surepassexam's PREMIUM files
Q1. Which two GUI options display users' activity in Cisco Web Security Appliance?.(Choose two.)
A. Web Security Manager Identity Identity Name
B. Security Services Reporting
C. Reporting Users
D. Reporting Reports by User Location
Answer: C,D
Q2. What is a primary difference between the web security features of the Cisco WSA and the Cisco ASA NGFW?
A. Cisco WSA provides URL filtering, while Cisco ASA NGFW does not.
B. Cisco ASA NGFW provides caching services, while Cisco WSA does not.
C. Cisco WSA provides web reputation filtering, while Cisco ASA NGFW does not.
D. Cisco ASA NGFW provides application visibility and control on all ports, while Cisco WSA does not.
Answer: D
Q3. Which Cisco WSA is intended for deployment in organizations of more than 6000 users?
A. WSA S370
B. WSA S670
C. WSA S370-2RU
D. WSA S170
Answer: B
Q4. Which Cisco Cloud Web Security tool provides URL categorization?
A. Cisco Dynamic Content Analysis Engine
B. Cisco ScanSafe
C. ASA Firewall Proxy
D. Cisco Web Usage Control
Answer: D
Q5. What can Cisco Prime Security Manager (PRSM) be used to achieve?
A. Configure and Monitor Cisco CX Application Visibility and Control, web filtering, access and decryption policies
B. Configure Cisco ASA connection limits
C. Configure TCP state bypass in Cisco ASA and IOS
D. Configure Cisco IPS signature and monitor signature alerts
E. Cisco Cloud Security on Cisco ASA
Answer: A
Q6. Which configuration mode enables a virtual sensor to monitor the session state for unidirectional traffic?
A. asymmetric mode
B. symmetric mode
C. loose mode
D. strict mode
Answer: A
Q7. What is the authentication method for an encryption envelope that is set to medium security?
A. The recipient must always enter a password, even if credentials are cached.
B. A password is required, but cached credentials are permitted.
C. The recipient must acknowledge the sensitivity of the message before it opens.
D. The recipient can open the message without authentication.
Answer: B
Q8. What are three benefits of the Cisco AnyConnect Secure Mobility Solution? (Choose three.)
A. It can protect against command-injection and directory-traversal attacks.
B. It provides Internet transport while maintaining corporate security policies.
C. It provides secure remote access to managed computers.
D. It provides clientless remote access to multiple network-based systems.
E. It enforces security policies, regardless of the user location.
F. It uses ACLs to determine best-route connections for clients in a secure environment.
Answer: B,C,E
Q9. Which three zones are used for anomaly detection? (Choose three.)
A. Internal zone
B. External zone
C. Illegal zone
D. Inside zone
E. Outside zone
F. DMZ zone
Answer: A,B,C
Q10. The security team needs to limit the number of e-mails they receive from the Intellishield Alert Service. Which three parameters can they adjust to restrict alerts to specific product sets? (Choose three.)
A. Vendor
B. Chassis/Module
C. Device ID
D. Service Contract
E. Version/Release
F. Service Pack/Platform
Answer: A,E,F
Q11. A system administrator wants to know if the email traffic from a remote partner will activate special treatment message filters that are created just for them. Which tool on the Cisco Email Security gateway can you use to debug or emulate the flow that a message takes through the work queue?
A. the message tracker interface
B. centralized or local message tracking
C. the CLI.findevent command
D. the trace tool
E. the CLI.grep command
Answer: D
Q12. The helpdesk was asked to provide a record of delivery for an important email message that a customer claims it did not receive. Which feature of the Cisco Email Security Appliance provides this record?
A. Outgoing Mail Reports
B. SMTP Routes
C. Message Tracking
D. Scheduled Reports
E. System Administration
Answer: C
Q13. Which three sender reputation ranges identify the default behavior of the Cisco Email Security Appliance? (Choose three.)
A. If it is between -1 and +10, the email is accepted
B. If it is between +1 and +10, the email is accepted
C. If it is between -3 and -1, the email is accepted and additional emails from the sender are throttled
D. If it is between -3 and +1, the email is accepted and additional emails from the sender are throttled
E. If it is between -4 and +1, the email is accepted and additional emails from the sender are throttled
F. If it is between -10 and -3, the email is blocked
G. If it is between -10 and -3, the email is sent to the virus and spam engines for additional scanning
H. If it is between -10 and -4, the email is blocked
Answer: A,C,F
Q14. When a Cisco Email Security Appliance joins a cluster, which four settings are inherited? (Choose four.)
A. IP address
B. DNS settings
C. SMTP routes
D. HAT
E. RAT
F. hostname
G. certificates
Answer: B,C,D,E
Q15. A new Cisco IPS device has been placed on the network without prior analysis. Which CLI command shows the most fired signature?
A. Show statistics virtual-sensor
B. Show event alert
C. Show alert
D. Show version
Answer: A
Q16. Which three options are valid event actions for a Cisco IPS? (Choose three.)
A. deny-packet-inline
B. deny-attack-reset
C. produce-verbose-alert
D. log-attacker-packets
E. deny-packet-internal
F. request-block-drop-connection
Answer: A,C,D