Introducing The New!
Surepassexam Collection
Get Unlimited Access to all
Surepassexam's PREMIUM files
Q1. Which two statements about devices within a Cisco ESA cluster are true? (Choose two.)
A. Clustered systems must consist of devices in the same hardware series.
B. Clustered devices can communicate via either SSH or Cluster Communication Service.
C. Clustered devices can communicate only with Cluster Communication Service.
D. In-the-cloud devices must be in a separate cluster from on-premise devices.
E. Clustered devices can run different versions of AsyncOS.
Answer: A,B
Q2. Which two commands are used to verify that CWS redirection is working on a Cisco ASA appliance? (Choose two.)
A. show scansafe statistics
B. show webvpn statistics
C. show service-policy inspect scansafe
D. show running-config scansafe
E. show running-config webvpn
F. show url-server statistics
Answer: A,C
Q3. Which Cisco WSA is intended for deployment in organizations of up to 1500 users?
A. WSA S370
B. WSA S670
C. WSA S370-2RU
D. WSA S170
Answer: D
Q4. What is the default antispam policy for positively identified messages within the Cisco Email Security Appliance?
A. Drop
B. Deliver and Append with [SPAM]
C. Deliver and Prepend with [SPAM]
D. Deliver and Alternate Mailbox
Answer: C
Q5. Which configuration option causes an ASA with IPS module to drop traffic matching IPS signatures and to block all traffic if the module fails?
A. Inline Mode, Permit Traffic
B. Inline Mode, Close Traffic
C. Promiscuous Mode, Permit Traffic
D. Promiscuous Mode, Close Traffic
Answer: B
Q6. What Event Action in an IPS signature is used to stop an attacker from communicating with a network using an access-list?
A. Request Block Host
B. Deny Attacker Inline
C. Deny Connection Inline
D. Deny Packet Inline
E. Request Block Connection
Answer: A
Q7. Which IPS feature allows you to aggregate multiple IPS links over a single port channel?
A. UDLD
B. ECLB
C. LACP
D. PAgP
Answer: B
Q8. Which three statements about the Cisco IPS appliance configurations are true? (Choose three.)
A. The maximum number of denied attackers is set to 10000.
B. The block action duraton is set to 3600 seconds.
C. The Meta Event Generator is globally enabled.
D. Events Summarization is globally disabled.
E. Threat Rating Adjustment is globally disabled.
Answer: A,B,C
Q9. What are three features of the Cisco Security Intellishield Alert Manager Service? (Choose three.)
A. validation of alerts by security analysts
B. custom notifications
C. complete threat and vulnerability remediation
D. vendor-specific threat analysis
E. workflow-management tools
F. real-time threat and vulnerability mitigation
Answer: A,B,E
Q10. Which command can change the HTTPS SSL method on the Cisco ESA?
A. sslconfig
B. strictssl
C. sshconfig
D. adminaccessconfig
Answer: A
Q11. Which command sets the number of packets to log on a Cisco IPS sensor?
A. ip-log-count number
B. ip-log-packets number
C. ip-log-bytes number
D. ip-log number
Answer: B
Q12. The Web Cache Communication Protocol (WCCP) is a content-routing protocol that can facilitate the redirection of traffic flows in real time. Your organization has deployed WCCP to redirect web traffic that traverses their Cisco Adaptive Security Appliances (ASAs) to their Cisco Web Security Appliances (WSAs).
The simulator will provide access to the graphical user interfaces of one Cisco ASA and one Cisco WSA that are participating in a WCCP service. Not all aspects of the GUIs are implemented in the simulator. The options that have been implemented are sufficient to determine the best answer to each of the questions that are presented.
Your task is to examine the details available in the simulated graphical user interfaces and select the best answer.
Which of the following is true with respect to the version of WCCP configured on the Cisco ASA and the Cisco WSA?
A. Both are configured for WCCP v1.
B. Both are configured for WCCP v2.
C. Both are configured for WCCP v3.
D. There is a WCCP version mismatch between the Cisco WSA and the Cisco ASA.
Answer: B
Explanation:
ASA version shows as version 2.0:
\\psf\Home\Desktop\Screen Shot 2015-01-27 at 9.45.57 AM.png
WSA also shows version 2 is being used:
\\psf\Home\.Trash\Screen Shot 2015-01-27 at 9.47.53 AM.png
Q13. What step is required to enable HTTPS Proxy on the Cisco Web Security Appliance?
A. Web Security Manager HTTPS Proxy click Enable
B. Security Services HTTPS Proxy click Enable
C. HTTPS Proxy is enabled by default
D. System Administration HTTPS Proxy click Enable
Answer: B
Q14. Which type of signature is generated by copying a default signature and modifying its behavior?
A. meta
B. custom
C. atomic
D. normalized
Answer: B
Q15. Which two design considerations are required to add the Cisco Email Security Appliance to an existing mail delivery chain? (Choose two.)
A. Existing MX records should be maintained and policy routing should be used to redirect traffic to the ESA.
B. Update the MX records to point to the inbound listener interfaces on the ESA.
C. Update the MX records to point to the outbound listener interfaces on the ESA.
D. Different Listeners must be used to handle inbound and outbound mail handling.
E. The ESA should be connected to the same subnet as the Email Server because it maintains only a single routing table.
F. The ESA can be connected to a DMZ external to the Email Server because it maintains multiple routing tables.
G. The ESA can be connected to a DMZ external to the Email Server but it maintains only a single routing table.
H. Mail Listeners by default can share the same IP interface by defining the routes for sending and receiving.
Answer: B,G
Q16. Which three options are IPS signature classifications? (Choose three.)
A. tuned signatures
B. response signatures
C. default signatures
D. custom signatures
E. preloaded signatures
F. designated signatures
Answer: A,C,D