Cisco 500-651 Free Practice Questions

NEW QUESTION 1
Which is a key feature of Cisco Defense Orchestrator?

• A. Simplifies security policy management
• B. Identifies sensitive data in cloud environments
• C. Detects anomalous traffic on customer's network
• D. Provides retrospective security

Answer: A

Explanation: ASAS Cisco Cloud Security SE - Module 3

NEW QUESTION 2
Which feature of E-mail Security protects users from virus outbreaks using the Tabs database to quarantine suspicious messages?

• A. Antivirus defense
• B. Outbreak fitters
• C. Data Loss Prevention
• D. Advanced Malware Protection

Answer: B

Explanation: ASAS Security Web and Email SE Module 2

NEW QUESTION 3
Which Cisco solution falls under Advanced Threat?

• A. Umbrella
• B. Identity Services Engine
• C. Stealthwatch
• D. Threat Grid

Answer: C

Explanation: ASAS Security Advanced Threats SE Module 6

NEW QUESTION 4
What is a key difference between Basic Data Loss Prevention and Advanced Data Loss Prevention?

• A. Providing content analysis
• B. Instant visibility
• C. Dynamic outbreak considerations
• D. Ability to filter in real-time

Answer: C

NEW QUESTION 5
Which two products are part of Cisco's Data Center threat-centric solution? (Choose two.)

• A. Rapid threat detection through NGFW and NGFWv
• B. Enforced device security with Meraki
• C. URL filtering
• D. Relationship segmentation
• E. Automated policy enforcement with ASAv

Answer: AE

Explanation: ASAS Security Threat Centric Solutions - AM and SE Module 7

NEW QUESTION 6
Which feature discovers and controls malicious cloud apps connected to the corporate environ merit?

• A. Umbrella
• B. Cognitive Threat Analytics
• C. Cloudlock
• D. Investigate

Answer: C

Explanation: Cisco Cloudlock Apps Firewall discovers and controls malicious cloud apps connected to your corporate environment, and provides the world’s largest crowd-sourced security solution to identify individual app risk, using our Community Trust Rating.

NEW QUESTION 7
Which is a Cisco solution features retrospective security?

• A. AMP for Endpoint
• B. Cisco Defense Orchestrator
• C. Umbrella
• D. Investigate

Answer: A

Explanation: ASAS Cisco Cloud Security SE - Module 3

NEW QUESTION 8
Which feature of Cisco AnyConnect allows pie-login authentication using windows machines, or single sign-on user authentication using Windows logon credentials?

• A. Secure Layer-2 Network Access
• B. Flexible AAA Options
• C. Differentiated Mobile Access
• D. Trusted Network Detection

Answer: A

NEW QUESTION 9
Which three features provided by NGFW and NGIPS support the 'Internet Edge" use case? (Choose three.)

• A. Supports High Availability
• B. Support for profiling devices
• C. Supports dynamic routing protocols such as OSPF or BGP
• D. Support for Platform exchange grid
• E. Support for High Bandwith environments
• F. Support for integrated posture assessment

Answer: ACE

Explanation: ASAS Security NGFW and NGIPS SE Module 4

NEW QUESTION 10
Which two features are part of the ISE Plus license? (Choose two.)

• A. Threat Centric NAC
• B. Profiling and feed services
• C. Guest management
• D. Cisco pxGrid
• E. Basic network Access AA
• F. 802 IX

Answer: BD

Explanation: ASAS Policy and Access SE Module 5

NEW QUESTION 11
Which are three key features of DNS-layer security? (Choose three.)

• A. Data Loss Prevention
• B. Retrospective Analysis
• C. Real-time sandboxing
• D. Provides visibility into all Internet activity
• E. Acts as first level of protection by providing security at DNS layer
• F. Resolves all DNS request through a single recursive DNS service

Answer: DEF

NEW QUESTION 12
Which Cisco Product is integrated with the AnyConnect Web Security Module?

• A. Cisco Stealthwatch
• B. Cisco Defense Orchestrator
• C. Cisco Cloud Web Security
• D. Cisco Email Security Appliance

Answer: C

Explanation: ASAS Policy and Access SE Module 5

NEW QUESTION 13
Which StealthWatch device monitors, analyzes, separates, categorizes, and stores information from each flow, allowing it to create a baseline of typical expected network activity?

• A. Flow collector
• B. Advanced malware protection
• C. Forensic investigation
• D. Malware clustering

Answer: A

NEW QUESTION 14
Which two options are attack vectors of the threat-centric defense? (Choose two)

• A. Voicemail
• B. Backups
• C. Mobile
• D. Video surveillance
• E. Cloud apps

Answer: CE

NEW QUESTION 15
Which feature of ISE combines user identification with robust context sharing platform to prevent
inappropriate access?

• A. Centralized policy management
• B. Context-aware access
• C. Patch management
• D. Platform exchange grid

Answer: B

Explanation: ASAS Policy and Access SE Module 5

NEW QUESTION 16
Which license subscription terms are available for AMP licensing?

• A. 1 month 3 months 6 months
• B. 1 yea
• C. 5 year
• D. 10 years
• E. 5 years 10 years 30 years
• F. 1 yea
• G. 3 year
• H. 6 years

Answer: D

Explanation: ASA Security Advanced Threats SE Module 6