Introducing The New!
Surepassexam Collection
Get Unlimited Access to all
Surepassexam's PREMIUM files
Q1. When learning accept mode is set to auto, and the action is set to rotate, when is the KB created and used?
A. It is created every 24 hours and used for 24 hours.
B. It is created every 24 hours, but the current KB is used.
C. It is created every 1 hour and used for 24 hours.
D. A KB is created only in manual mode.
Answer: A
Q2. Who or what calculates the signature fidelity rating in a Cisco IPS?
A. the signature author
B. Cisco Professional Services
C. the administrator
D. the security policy
Answer: A
Q3. Which command disables SSH access for administrators on the Cisco ESA?
A. interfaceconfig
B. sshconfig
C. sslconfig
D. systemsetup
Answer: A
Q4. You ran the ssh generate-key command on the Cisco IPS and now administrators are unable to connect. Which action can be taken to correct the problem?
A. Replace the old key with a new key on the client.
B. Run the ssh host-key command.
C. Add the administrator IP addresses to the trusted TLS host list on the IPS.
D. Run the ssh authorized-keys command.
Answer: A
Q5. Which Cisco Cloud Web Security Connector feature allows access by all of an organization's users while applying Active Directory group policies?
A. a company authentication key
B. a group authentication key
C. a PAC file
D. proxy forwarding
E. a user authentication key
Answer: A
Q6. Which three functions can Cisco Application Visibility and Control perform? (Choose three.)
A. Validation of malicious traffic
B. Traffic control
C. Extending Web Security to all computing devices
D. Application-level classification
E. Monitoring
F. Signature tuning
Answer: B,D,E
Q7. Which IPS feature allows you to aggregate multiple IPS links over a single port channel?
A. UDLD
B. ECLB
C. LACP
D. PAgP
Answer: B
Q8. Which centralized reporting function of the Cisco Content Security Management Appliance
aggregates data from multiple Cisco ESA devices?
A. message tracking
B. web tracking
C. system tracking
D. logging
Answer: A
Q9. A new Cisco IPS device has been placed on the network without prior analysis. Which CLI command shows the most fired signature?
A. Show statistics virtual-sensor
B. Show event alert
C. Show alert
D. Show version
Answer: A
Q10. With Cisco IDM, which rate limit option specifies the maximum bandwidth for rate-limited traffic?
A. protocol
B. rate
C. bandwidth
D. limit
Answer: B
Q11. Which Cisco Cloud Web Security tool provides URL categorization?
A. Cisco Dynamic Content Analysis Engine
B. Cisco ScanSafe
C. ASA Firewall Proxy
D. Cisco Web Usage Control
Answer: D
Q12. Which three statements about the Cisco IPS appliance configurations are true? (Choose three.)
A. The maximum number of denied attackers is set to 10000.
B. The block action duraton is set to 3600 seconds.
C. The Meta Event Generator is globally enabled.
D. Events Summarization is globally disabled.
E. Threat Rating Adjustment is globally disabled.
Answer: A,B,C
Q13. A network engineer can assign IPS event action overrides to virtual sensors and configure
which three modes? (Choose three.)
A. Anomaly detection operational mode
B. Inline TCP session tracking mode
C. Normalizer mode
D. Load-balancing mode
E. Inline and Promiscuous mixed mode
F. Fail-open and fail-close mode
Answer: A,B,C
Q14. What Event Action in an IPS signature is used to stop an attacker from communicating with a network using an access-list?
A. Request Block Host
B. Deny Attacker Inline
C. Deny Connection Inline
D. Deny Packet Inline
E. Request Block Connection
Answer: A
Q15. Which antispam technology assumes that email from server A, which has a history of distributing spam, is more likely to be spam than email from server B, which does not have a history of distributing spam?
A. Reputation-based filtering
B. Context-based filtering
C. Cisco ESA multilayer approach
D. Policy-based filtering
Answer: A
Q16. What is the function of the Cisco Context Adaptive Scanning Engine in Cisco Hybrid Email Security services?
A. It uses real-time traffic threat assessment to identify suspicious email senders and messages.
B. It provides a preventive defense against viruses by scanning messages before they enter the network.
C. It analyzes message content and attachments to protect an organization's intellectual property.
D. It protects against blended threats by using human-like logic to review and evaluate traffic.
Answer: D