Introducing The New!
Surepassexam Collection
Get Unlimited Access to all
Surepassexam's PREMIUM files
Q1. At which value do custom signatures begin?
A. 1024
B. 10000
C. 1
D. 60000
Answer: D
Q2. Which four statements are correct regarding management access to a Cisco Intrusion Prevention System? (Choose four.)
A. The Telnet protocol is enabled by default
B. The Telnet protocol is disabled by default
C. HTTP is enabled by default
D. HTTP is disabled by default
E. SSH is enabled by default
F. SSH is disabled by default
G. HTTPS is enabled by default
H. HTTPS is disabled by default
Answer: B,D,E,G
Q3. What step is required to enable HTTPS Proxy on the Cisco Web Security Appliance?
A. Web Security Manager HTTPS Proxy click Enable
B. Security Services HTTPS Proxy click Enable
C. HTTPS Proxy is enabled by default
D. System Administration HTTPS Proxy click Enable
Answer: B
Q4. When you deploy a sensor to send connection termination requests, which additional traffic-monitoring function can you configure the sensor to perform?
A. Monitor traffic as it flows to the sensor.
B. Monitor traffic as it flows through the sensor.
C. Monitor traffic from the Internet only.
D. Monitor traffic from both the Internet and the intranet.
Answer: B
Q5. Which two benefits are provided by the dynamic dashboard in Cisco ASDM Version 5.2? (Choose two.)
A. It configures system polices for NAC devices.
B. It forwards traffic to destination devices.
C. It provides statistics for device health.
D. It replaces syslog, RADIUS, and TACACS+ servers.
E. It automatically detects Cisco security appliances to configure.
Answer: C,E
Q6. Which command is used to enable strong ciphers on the Cisco Web Security Appliance?
A. interfaceconfig
B. strictssl
C. etherconfig
D. adminaccessconfig
Answer: B
Q7. Which command establishes a virtual console session to a CX module within a Cisco Adaptive Security Appliance?
A. session 1 ip address
B. session 2 ip address
C. session 1
D. session ips console
E. session cxsc console
Answer: E
Q8. Which three zones are used for anomaly detection in a Cisco IPS? (Choose three.)
A. internal zone
B. external zone
C. illegal zone
D. inside zone
E. outside zone
F. DMZ zone
Answer: A,B,C
Q9. Which three statements about Cisco CWS are true? (Choose three.)
A. It provides protection against zero-day threats.
B. Cisco SIO provides it with threat updates in near real time.
C. It supports granular application policies.
D. Its Roaming User Protection feature protects the VPN from malware and data breaches.
E. It supports local content caching.
F. Its Cognitive Threat Analytics feature uses cloud-based analysis and detection to block threats outside the network.
Answer: A,B,C
Q10. What are three features of the Cisco Security Intellishield Alert Manager Service? (Choose three.)
A. validation of alerts by security analysts
B. custom notifications
C. complete threat and vulnerability remediation
D. vendor-specific threat analysis
E. workflow-management tools
F. real-time threat and vulnerability mitigation
Answer: A,B,E
Q11. Which three statements about Cisco ASA CX are true? (Choose three.)
A. It groups multiple ASAs as a single logical device.
B. It can perform context-aware inspection.
C. It provides high-density security services with high availability.
D. It uses policy-based interface controls to inspect and forward TCP- and UDP-based packets.
E. It can make context-aware decisions.
F. It uses four cooperative architectural constructs to build the firewall.
Answer: B,E,F
Q12. What is the access-list command on a Cisco IPS appliance used for?
A. to permanently filter traffic coming to the Cisco.IPS.appliance via the sensing port
B. to filter for traffic when the Cisco.IPS.appliance is in the inline mode
C. to restrict management access to the sensor
D. to create a filter that can be applied on the interface that is under attack
Answer: C
Q13. Which two statements about devices within a Cisco ESA cluster are true? (Choose two.)
A. Clustered systems must consist of devices in the same hardware series.
B. Clustered devices can communicate via either SSH or Cluster Communication Service.
C. Clustered devices can communicate only with Cluster Communication Service.
D. In-the-cloud devices must be in a separate cluster from on-premise devices.
E. Clustered devices can run different versions of AsyncOS.
Answer: A,B
Q14. Connections are being denied because of SenderBase Reputation Scores. Which two features must be enabled in order to record those connections in the mail log on the Cisco ESA? (Choose two.)
A. Rejected Connection Handling
B. Domain Debug Logs
C. Injection Debug Logs
D. Message Tracking
Answer: A,D
Q15. Which two design considerations are required to add the Cisco Email Security Appliance to an existing mail delivery chain? (Choose two.)
A. Existing MX records should be maintained and policy routing should be used to redirect traffic to the ESA.
B. Update the MX records to point to the inbound listener interfaces on the ESA.
C. Update the MX records to point to the outbound listener interfaces on the ESA.
D. Different Listeners must be used to handle inbound and outbound mail handling.
E. The ESA should be connected to the same subnet as the Email Server because it maintains only a single routing table.
F. The ESA can be connected to a DMZ external to the Email Server because it maintains multiple routing tables.
G. The ESA can be connected to a DMZ external to the Email Server but it maintains only a single routing table.
H. Mail Listeners by default can share the same IP interface by defining the routes for sending and receiving.
Answer: B,G
Q16. Refer to the exhibit.
What are two facts about the interface that you can determine from the given output? (Choose two.)
A. A Cisco Flexible NetFlow monitor is attached to the interface.
B. A quality of service policy is attached to the interface.
C. Cisco Application Visibility and Control limits throughput on the interface.
D. Feature activation array is active on the interface.
Answer: A,B