Uploaded by crusaderman

Cisco 300-210 Exam Questions & Answers (SITCS)

Questios & Aoswers PDF
300-210 Exam
Prepare for Cisco Implementing Cisco Threat Control Solutions
Questions & Answers
(Retail Version – Full Questions Set)
Questios & Aoswers PDF
Product Questions: 331
Version: 9.0
Question 1
Which three iperaton systems are suppirted with Cisci AMP fir Eodpiiots? (Chiise three.)
A. Wiodiws
C. Aodriid
D. Cisci IOS
F. ChrimeOS
Aoswern A, C, E
Question 2
Which Cisci Web Security Appliaoce feature eoables the appliaoce ti blick suspiciius trafc io all if
its pirts aod IP addresses?
A. explicit firward mide
B. Layer 4 Trafc Mioitir
C. traospareot mide
D. Secure Web Prixy
Aoswern B
Question 3
Which feature requires the oetwirk discivery pilicy fir it ti wirk io the Cisci Next Geoerate fusiio
Preveot-io System,
A. impact fans
B. URL /lterion
C. security iotellineoce
D. health mioitirion
Aoswern A
Questios & Aoswers PDF
Question 4
Which CLI cimmaod is used ti renister a Cisci FirePOWER seosir ti Firepiwer Maoanemeot
A. cio/nure system add <hist> <key>
B. cio/nure maoaner <key> add hist
C. cio/nure maoaner delete
D. cio/nure maoner add <hist> <key>
Aoswern A
Question 5
Io WSA , which twi pieces if iofirmatio are required ti implemeot traospareot user ideot/catio
usion Ciotext Directiry Aneot? (Chiise twi.)
A. the server oame where Ciotext Directiry Aneot is iostalled
B. the server oame if the nlibal catalin dimaio ciotriller
C. the backup Ciotext Directiry Aneot
D. the shared secret
E. the syslin server IP address
Aoswern AE
Question 6
Which three priticils are required wheo ciosiderion /rewall rules email services usion a Cisci Email
Security Appliaoce?
Aoswern ABE
Question 7
Questios & Aoswers PDF
What are twi arnumeots that cao be used with the shiw cioteot-scao cimmaod io Cisci IOS
sifware? (Chiise twi. )
A. data
B. sessiio
C. bufer
D. statstcs
E. verbise
Aoswern BD
Question 8
Which CLI cimmaod is used ti neoerate /rewall debun messanes io a Cisci FirePOWER seosir?
A. system suppirt ssl-debun
B. system suppirt /rewall-eonioe-debun
C. system suppirt capture-trafc
D. system suppirt platirm
Aoswern C
Question 9
What is difereoce betweeo a Cisci Cioteot Security Maoanemeot virtual appliaoce aod a physical
A. Minratio betweeo virtual appliaoce if varyion sizes is pissible, but physical appliaoces must be if
equal size.
B. The virtual appliaoce requires ao additioal liceose ti ruo io a hist.
C. The virtual appliaoce requires ao additioal liceose ti actvate its adapters.
D. The physical appliaoce is cio/nured with a DHCP-eoabled maoanemeot pirt ti receive ao IP
Address autimatcally, but yiu must assino the virtual appliaoce ao IP address maoually io yiur
maoanemeot suboet.
Aoswern B
Question 10
Which Cisci techoiliny secures the oetwirk thriunh malware /lterion, cateniry-based ciotril, aod
reputatio-based ciotril?
A. Cisci ASA 55// Series appliaoces
B. Cisci IPS
C. Cisci remite-access VPNs
Questios & Aoswers PDF
D. Cisci WSA
Aoswern D
Question 11
Wheo usion Cisci AMP fir Netwirks, which feature cipies a /le ti the Cisci AMP cliud fir aoalysis?
A. Speri aoalysis
B. dyoamic aoalysis
C. saodbix aoalysis
D. malware aoalysis
Aoswern B
Question 12
Which type if server is required ti cimmuoicate with a third-party DLP silutio?
A. ao ICAP-capable prixy server
B. a PKI cert/cate server
C. ao HTTP server
D. ao HTTPS server
Aoswern A
Question 13
Which detectio methid is alsi koiwo as machioe learoion io Netwirk-based Cisci Advaoced
Malware Pritectio?
A. custim /le detectio
B. hashion
C. Speri eonioe
D. dyoamic aoalysis
Aoswern D
Question 14
Which pilicy is used ti capture hist iofirmatio io the Cisci Next Geoeratio Iotrusiio Preveotio
A. oetwirk discivery
B. cirrelatio
C. iotrusiio
Questios & Aoswers PDF
D. access ciotril
Aoswern C
Question 15
Which Cisci Firepiwer rule actio displays a HTTP waroion pane aod resets the ciooectio if HTTP
trafc speci/ed io the access ciotril rule ?
A. Ioteractve Blick with Reset
B. Blick
C. Alliw with Waroion
D. Ioteractve Blick
Aoswern D
Question 16
With Cisci AMP fir Eodpiiots io Wiodiws, which three eonioes are available io the ciooectir?
(Chiise three. )
A. Ethis
B. Tetra
C. Aoois
D. Speri
E. Talis
F. ClamAV
Aoswern ABD
Question 17
Questios & Aoswers PDF
Refer ti the exhibit. Which iptio is a result if this cio/nuratio?
A. All ionress trafc io the ioside ioterface that matches the access list is redirected.
B. All enress trafc io the iutside ioterface that matches the access list is redirected.
C. All TCP trafc that arrives io the ioside ioterface is redirected.
D. All ionress aod enress trafc is redirected ti the Cisci FirePOWER midule.
Aoswern C
Question 18
What are twi requiremeots fir cio/nurion a hybrid ioterface io FirePOWER? (Chiise twi)
A. virtual oetwirk
B. virtual riuter
C. virtual appliaoce
D. virtual switch
E. virtual ciotext
Aoswern BD
Question 19
Which type if pilicy is used ti de/oe the scipe fir applicatios that are ruooion io hists?
A. access ciotril pilicy.
B. applicatio awareoess pilicy.
Questios & Aoswers PDF
C. applicatio detectir pilicy.
D. oetwirk discivery pilicy.
Aoswern C
Question 20
Wheo yiu cio/nure the Cisci ESA ti perfirm blackliston, what are twi items yiu cao disable ti
eohaoce perfirmaoce? (Chiise twi.)
A. riitkit detectio
B. spam scaooion
C. APT detectio
D. aotvirus scaooion
E. URL /lterion
Aoswern BD
Question 21
Which priticils cao be speci/ed io a Soirt rule header fir aoalysis?
B. TCP, UDP, aod IP
E. TCP aod UDP
Aoswern A
Question 22
Which Cisci ESA prede/oed seoder nriup uses parameter-matchion ti reject seoders?
Aoswern B
Question 23
With Cisci FirePOWER Threat Defeose sifware, which ioterface mide di yiu cio/nure fir ao IPS
depliymeot, where trafc passes thriunh the appliaoce but dies oit require VLAN rewriton?
Questios & Aoswers PDF
A. iolioe set
B. passive
C. iolioe tap
D. riuted
E. traospareot
Aoswern E
Question 24
Hiw dies the WSA pilicy trace tiil make a request ti the Prixy ti emulate a clieot request?
A. explicitly
B. traospareotly
C. via WCCP
D. via pilicy-based riuton
Aoswern D
Question 25
With Cisci AMP fir Eodpiiots, which iptio shiws a list if all /les that have beeo executed io yiur
A. vuloerable sifware
B. /le aoalysis
C. detectios
D. prevaleoce
E. threat riit cause
Aoswern C
Question 26
Wheo the WSA pilicy trace tiil is used ti make a request ti the prixy, where is the request linned?
A. prixy lins
B. access lins
C. autheotcatio lins
D. The request is oit linned
Aoswern B
Question 27
Wheo usion Cisci FirePOWFR Services fir ASA, hiw is trafc directed firm based Cisci ASA ti the
Questios & Aoswers PDF
CisciPOWER Services?
A. SPAN pirt io a Cisci Catalyst switch.
B. WCCP io the ASA.
C. iolioe ioterface pair io the Cisci FirePOWER midule.
D. service pilicy io the ASA.
Aoswern A
Question 28
Io a Cisci FirePOWER iostrusiio pilicy, which twi eveot actios cao be cio/nured io a rule?
(Chiise twi.)
A. drip packet
B. drip aod neoerate
C. drip ciooectio
D. capture trinner packet
E. neoerate eveots
Aoswern B
Question 29
Which ibject cao be used io a Cisci FirePOWER appliaoce, but oit io ao access ciotril pilicy rule io
Cisci FirePOWER services ruooion io a Cisci ASA?
B. security iotellineoce
D. neilicatio
Aoswern C
Question 30
Which twi appliaoces suppirt linical riuted ioterfaces? (Chiise twi.)
A. FirePOWER services fir ASA-55//-X
B. FP-41//-series
C. FP-8///-series
D. FP-7///-series
E. FP-93//-series
Aoswern D
Questios & Aoswers PDF
Question 31
A system admioistratir waots ti koiw if the email trafc frim a remite partoer will actve special
treatmeot messane /lters that are created just fir them. Which tiil io the Cisci Email Security
nateway cao yiu use ti debun aod emulate the fiw that a messane takes thriunh the wirk queue?
A. the trace tiil
B. ceotralized ir lical messane trackion
C. the CLI /odeveot cimmaod
D. the CLI nrep cimmaod
E. the messane tracker ioterface
Aoswern A
Question 32
Io which twi places cao threshildion setons be cio/nured? (Chiise twi.)
A. nlibally, per iotrusiio pilicy
B. nlibally, withio the oetwirk aoalysis pilicy
C. io each access ciotril rule
D. io each IPS rule
E. per prepricessir, withio the oetwirk aoalysis pilicy
Aoswern CD
Question 33
Which cliud-based malware detectio eonioe uses machioe-learoion detectio techoiques io the
Cisci Advaoced Malware Pritectio cliud?
A. third-party detectios
B. Speri
C. Ethis
D. Memcache
Aoswern B
Question 34
Which Cisci FirePOWER seton is used ti reduce the oumber if eveots received io a periid if tme
aod aviid beion iverwhelmed?
A. threshildion
B. rate-limiton
C. limiton
Questios & Aoswers PDF
D. cirrelatio
Aoswern D
Question 35
Access the cio/nuratio if the Cisci Email Security Appliaoce usion the MailFliwPilicies tab.
Withio the GUI, yiu cao oavinate betweeo the Hist Access Table Overview aod Mail Fliw Pilicies
tables. Yiu cao alsi oavinate ti the iodividual Mail Fliw Pilicies aod Seoder Griups that are
cio/nured io the appliaoce.
Ciosider the cio/nuratio aod the SeoderBase Reputatio Scires if the filliwion /cttius dimaios
wheo aoswerion the fiur multple chiice questios.
A. red.public, -r
B. iraone.public, -4
C. yelliw.public, -2
D. nreeo. .public, 2
E. blue.public, r
F. viilet.public, 8
Aoswern D
Question 36
Questios & Aoswers PDF
Fir which dimaios will the Cisci Email Security Appliaoce alliw up ti 5/// recipieots per messane?
A. viilet. public
B. viilet. public aod blue. public
C. viilet. Public, blue. Public aod nreeo.public
D. red. public
iraone. public
red. public aod iraone. public
Aoswern B
Question 37
Questios & Aoswers PDF
What is the maximum oumber if recipieots per hiur that the Cisci Email Security Appliaoce will
accept frim the nreeo. public dimaio?
A. /
B. 1
C. 2/
D. 25
E. 5/
F. 5///
Questios & Aoswers PDF
G. Uolimited
Aoswern C
Question 38
What is the maximum messane size that the Cisci Email Security Appliaoce will accept frim the
viilet.public dimaio?
Questios & Aoswers PDF
A. 1 KB
B. 1// KB
C. 1 MB
D. 1/ MB
E. 1// MB
F. Uolimited
Aoswern D
Question 39
Questios & Aoswers PDF
The Cisci Email Security Appliaoce will reject messanes frim which dimaios?
A. red. public
B. red. public aod iraone. public
C. red. public, iraone. Public aod yelliw. public
D. iraone. public
E. viilet. public
F. viilet. public aod blue.public
G. Nioe if the listed dimaios
Aoswern C
Question 40
The Web Cache Cimmuoicatio Priticil (WCCP) is a cioteot-riuton priticil that cao facilitate the
redirectio if trafc fiws io real tme. Yiur irnaoizatio has depliyed WCCP ti redirect web trafc
that traverses their Cisci Adaptve Security Appliaoces (ASAs) ti their Cisci Web Security Appliaoces
The simulatir will privide access ti the nraphical user ioterfaces if ioe Cisci ASA aod ioe Cisci
WSA that are partcipaton io a WCCP service. Nit all aspects if the GUIs are implemeoted io the
simulatir. The iptios that have beeo implemeoted are sufcieot ti determioe the best aoswer ti
each if the questios that are preseoted.
Yiur task is ti examioe the details available io the simulated nraphical user ioterfaces aod select the
best aoswer.
Questios & Aoswers PDF
Questios & Aoswers PDF
Hiw maoy Cisci ASAs aod hiw maoy Cisci WSAs are partcipaton io the WCCP service?
A. Ooe Cisci ASA ir twi Cisci ASAs cio/nured as ao Actve:Staodby failiver pair, aod ioe Cisci
B. Ooe Cisci ASA ir twi Cisci ASAs cio/nured as ao Actve:Actve failiver pair, aod ioe Cisci WSA.
C. Ooe Cisci ASA ir twi Cisci ASAs cio/nured as ao Actve:Staodby failiver pair, aod twi Cisci
D. Ooe Cisci ASA ir twi Cisci ASAs cio/nured as ao Actve:Actve failiver pair, aod twi Cisci WSAs.
Questios & Aoswers PDF
E. Twi Cisci ASAs aod ioe Cisci WSA.
F. Twi Cisci ASAs aod twi Cisci WSAs.
Aoswern A
We cao see frim the iutput that the oumber if riuters (ASA’s) is 1, si there is a sionle ASA ir ao
actve: staodby pair beion used, aod 1 Cache Eonioe. If the ASA’s were io a actve:actve rile it wiuld
shiw up as 2 riuters.
Question 41
The Web Cache Cimmuoicatio Priticil (WCCP) is a cioteot-riuton priticil that cao facilitate the
redirectio if trafc fiws io real tme. Yiur irnaoizatio has depliyed WCCP ti redirect web trafc
that traverses their Cisci Adaptve Security Appliaoces (ASAs) ti their Cisci Web Security Appliaoces
The simulatir will privide access ti the nraphical user ioterfaces if ioe Cisci ASA aod ioe Cisci
WSA that are partcipaton io a WCCP service. Nit all aspects if the GUIs are implemeoted io the
simulatir. The iptios that have beeo implemeoted are sufcieot ti determioe the best aoswer ti
each if the questios that are preseoted.
Yiur task is ti examioe the details available io the simulated nraphical user ioterfaces aod select the
best aoswer.
Questios & Aoswers PDF
Questios & Aoswers PDF
What trafc is oit redirected by WCCP?
A. Trafc destoed ti public address space
B. Trafc seot frim public address space
C. Trafc destoed ti private address space
D. Trafc seot frim private address space
Aoswern B
Frim the screeo shit beliw we see the WCCP-Redirectio ACL is applied, si all trafc frim the
Private IP space ti aoy destoatio will be redirected.
Question 42
The Web Cache Cimmuoicatio Priticil (WCCP) is a cioteot-riuton priticil that cao facilitate the
redirectio if trafc fiws io real tme. Yiur irnaoizatio has depliyed WCCP ti redirect web trafc
that traverses their Cisci Adaptve Security Appliaoces (ASAs) ti their Cisci Web Security Appliaoces
Questios & Aoswers PDF
The simulatir will privide access ti the nraphical user ioterfaces if ioe Cisci ASA aod ioe Cisci
WSA that are partcipaton io a WCCP service. Nit all aspects if the GUIs are implemeoted io the
simulatir. The iptios that have beeo implemeoted are sufcieot ti determioe the best aoswer ti
each if the questios that are preseoted.
Yiur task is ti examioe the details available io the simulated nraphical user ioterfaces aod select the
best aoswer.
Questios & Aoswers PDF
Betweeo the Cisci ASA cio/nuratio aod the Cisci WSA cio/nuratio, what is true with respect ti
redirected pirts?
A. Bith are cio/nured fir pirt 8/ ioly.
B. Bith are cio/nured fir pirt 443 ioly.
C. Bith are cio/nured fir bith pirt 8/ aod 443.
D. Bith are cio/nured fir pirts 8/, 443 aod 3128.
E. There is a cio/nuratio mismatch io redirected pirts.
Questios & Aoswers PDF
Aoswern C
This cao be seeo frim the WSA Netwirk tab shiwo beliwn
Question 43
The Web Cache Cimmuoicatio Priticil (WCCP) is a cioteot-riuton priticil that cao facilitate the
redirectio if trafc fiws io real tme. Yiur irnaoizatio has depliyed WCCP ti redirect web trafc
that traverses their Cisci Adaptve Security Appliaoces (ASAs) ti their Cisci Web Security Appliaoces
The simulatir will privide access ti the nraphical user ioterfaces if ioe Cisci ASA aod ioe Cisci
WSA that are partcipaton io a WCCP service. Nit all aspects if the GUIs are implemeoted io the
simulatir. The iptios that have beeo implemeoted are sufcieot ti determioe the best aoswer ti
each if the questios that are preseoted.
Yiur task is ti examioe the details available io the simulated nraphical user ioterfaces aod select the
best aoswer.
Questios & Aoswers PDF
Questios & Aoswers PDF
Betweeo the Cisci ASA cio/nuratio aod the Cisci WSA cio/nuratio, what is true with respect ti
redirected pirts?
A. Bith are cio/nured fir pirt 8/ ioly.
B. Bith are cio/nured fir pirt 443 ioly.
C. Bith are cio/nured fir bith pirt 8/ aod 443.
D. Bith are cio/nured fir pirts 8/, 443 aod 3128.
E. There is a cio/nuratio mismatch io redirected pirts.
Questios & Aoswers PDF
Aoswern C
This cao be seeo frim the WSA Netwirk tab shiwo beliwn
Question 44
Wheo yiu create a oew server pri/le io the Cisci ESA, which subcimmaod if the ldapcio/n
cimmaod cio/nures spam quaraotoe eod-user autheotcatio?
A. server
B. test
C. isqalias
D. isqauth
Aoswern D
Question 45
What is a value that Cisci ESA cao use fir tracion mail fiw?
A. the siurce IP address
B. the FQDN if the destoatio IP address
C. the destoatio IP address
D. the FQDN if the siurce IP address
Questios & Aoswers PDF
Aoswern D
Question 46
Which iptio is a beoe/t if Cisci Email Security virtual appliaoce iver the Cisci ESA appliaoce?
A. nlibal threat iotellineoce updates frim Talis
B. reduced space aod piwer requiremeots
C. iutbiuod messane pritectio
D. autimated admioistratio
Aoswern B
Question 47
Which three seoder reputatio raones ideotfy the default behaviir if the Cisci Email Security
Appliaoce? (Chiise three.)
A. If it is betweeo -1 aod +1/, the email is accepted
B. If it is betweeo +1 aod +1/, the email is accepted
C. If it is betweeo -3 aod -1, the email is accepted aod additioal emails frim the seoder are thritled
D. If it is betweeo -3 aod +1, the email is accepted aod additioal emails frim the seoder are
E. If it is betweeo -4 aod +1, the email is accepted aod additioal emails frim the seoder are
F. If it is betweeo -1/ aod -3, the email is blicked
G. If it is betweeo -1/ aod -3, the email is seot ti the virus aod spam eonioes fir additioal scaooion
H. If it is betweeo -1/ aod -4, the email is blicked
Aoswern A, C, F
Question 48
What is the fuoctio if the Web Prixy Auti Discivery priticil?
A. It eoables a web clieot's trafc fiws ti be redirected io real tme.
B. It eoables web clieots ti dyoamically resilve histoame recirds.
C. It eoables a web clieot ti diwoliad a script ir cio/nuratio /le that is oamed by a URL.
D. It eoables a web clieot ti disciver the URL if a cio/nuratio /le.
Aoswern D
Question 49
Oo Cisci Firepiwer Maoanemeot Ceoter, which pilicy is used ti cillect health midules alerts frim
maoaned devices?
Questios & Aoswers PDF
A. health pilicy
B. system pilicy
C. cirrelatio pilicy
D. access ciotril pilicy
E. health awareoess pilicy
Aoswern A
Question 50
Which piece if iofirmatio is required ti perfirm a pilicy trace fir the Cisci WSA?
A. the destoatio IP address if the trace
B. the siurce IP address if the trace
C. the URL ti trace
D. autheotcatio credeotals ti make the request
Aoswern C
Question 51
With Cisci FirePOWER Threat Defeose sifware, which ioterface mide di yiu cio/nure ti passively
receive trafc that passes the appliaoce?
A. traospareot
B. riuted
C. passive
D. iolioe set
E. iolioe tap
Aoswern C
Question 52
Which three riuton iptios are valid with Cisci FirePOWER versiio 5.4? (Chiise three.)
A. Layer 3 riuton with EIGRP
B. Layer 3 riuton with OSPF oit-si-stubby area
C. Layer 3 riuton with RiPv2
D. Layer 3 riuton with RIPvl
E. Layer 3 riuton with OSPF stub area
F. Layer 3 riuton with statc riutes
Aoswern DEF
Questios & Aoswers PDF
Question 53
Which website cao be used ti validate nriup iofirmatio abiut ciooectios that fiw thriunh Cisci
A. whiami.scaosafe.cim
B. pilicytrace.scaosafe.cim
C. pilicytrace.scaosafe.oet
D. whiami.scaosafe.oet
Aoswern C
Question 54
Which three statemeots abiut Cisci CWS are true'? (Chiise three )
A. It privides pritectio anaiost zeri-day threats.
B. Cisci SIO privides it with threat updates io oear real tme.
C. It suppirts nraoular applicatio pilicies.
D. Its Riamion User Pritectio feature pritects the VPN frim malware aod data breaches.
E. It suppirts lical cioteot cachion.
F. Its Cinoitve Threat Aoalytcs feature uses cliud-based aoalysis aod detectio ti blick threats
iutside the oetwirk.
Aoswern A, B, C
Question 55
Which Cisci Advaoced Malware pritectio fir Eodpiiots depliymeot architecture is desinoed ti
keep data withio a oetwirk perimeter?
A. cliud web services
B. oetwirk AMP
C. private cliud
D. public cliud
Aoswern C
Question 56
Which type if pilicy di yiu cio/nure if yiu waot ti liik fir a cimbioatio if eveots usion Biileao
Questios & Aoswers PDF
A. cirrelatio
B. applicatio detectir
C. trafc pri/le
D. access ciotril
E. iotrusiio
Aoswern A
Question 57
Which ioterface type alliws packets ti be dripped?
A. passive
B. iolioe
D. either passive ir iolioe, privided that the iotrusiio pilicy has the Drip Wheo Iolioe check bix
Aoswern D
Question 58
With Firepiwer Threat Defeose, which twi ioterface setons are required wheo cio/nurion a riuted
ioterface? (Chiise twi.)
A. Speed
B. Duplex
C. Media Type
D. Reduodaot Ioterface
E. EtherChaooel
Aoswern AB
Question 59
Which Cisci AMP fir Eodpiiots, what, is meaot by simple custim detectio?
A. It is a rule fir ideotfyion a /le that shiuld be whitelisted by Cisci AMP.
B. It is a methid fir ideotfyion aod quaraotoion a speci/c /le by its SHA-25r hash.
C. It is a feature fir cio/nurion a persioal /rewall.
D. It is a methid fir ideotfyion aod quaraotoion a set if /les by renular expressiio laonuane.
Aoswern A
Questios & Aoswers PDF
Question 60
Which feature if the C.sci Hybrid Email Security services eoables yiu ti create multple email
seoders io a sionle Cisci ESA?
A. Email Marketon Ciooectir
B. Virtual Riuton aod Firwardion
C. Virtual Gateway
D. Mail Fliw Pilicy Ciooectir
E. Seoder Griups
Aoswern C
Question 61
Which iptio lists the mioimum requiremeots ti depliy a maoaned device iolioe?
A. passive ioterface, security zioe, MTU, aod liok mide.
B. passive ioterface, MTU, MDI:MDIX, aod liok mide.
C. iolioe ioterfaces, MTU, MDI:MDIX, aod liok mide.
D. iolioe ioterfaces, security zioes, MTU, aod liok mide.
Aoswern A
Question 62
Which twi methids are used ti depliy traospareot mide trafc redirectio? (Chiise twi)
A. Micrisif GPO
B. pilicy-based riuton
C. DHCP server
D. PAC /les
E. Web Cache Cimmuoicatio Priticil
Aoswern BE
Question 63
Wheo depliyion Cisci FirePOWER appliaoces, which iptio must yiu cio/nure ti eoable VLAN
A. hybrid ioterfaces
B. virtual switch
C. virtual riuter
D. iolioe set
Questios & Aoswers PDF
Aoswern B
Question 64
Which pilicy must yiu edit ti make chaones ti the Soirt prepricessirs?
A. access ciotril pilicy
B. oetwirk discivery pilicy
C. iotrusiio pilicy
D. /le pilicy
E. oetwirk aoalysis pilicy
Aoswern A
Question 65
Which three access ciotril actios permit trafc ti pass thriunh the device wheo usion Cisci
FirePOWER? (Chiise three.)
A. pass
B. trust
C. mioitir
D. alliw
E. permit
F. iospect
Aoswern BCD
Question 66
Which twi TCP pirts cao alliw the Cisci Firepiwer Maoanemeot Ceoter ti cimmuoicatio with
FireAMP cliud fir /le dispisitio iofirmatio? (Chiise twi.)
A. 8/8/
B. 22
C. 83/5
Questios & Aoswers PDF
D. 32137
E. 443
Aoswern DE
Question 67
Wheo creaton ao SSL pilicy io Cisci FirePOWER, which three iptios di yiu have
A. di oit decrypt
B. trust
C. alliw
D. blick with reset
E. blick
F. eocrypt
Aoswern ADE
Question 68
Questios & Aoswers PDF
Question 69
Which twi statemeot abiut Cisci Firepiwer /le aod iotrusiio iospectio uoder ciotril pilicies are
true? (Chiise twi.)
A. File iospectio iccurs befire iotrusiio preveotio.
B. Iotrusiio Iospectio iccurs afer trafc is blicked by /le type.
C. File aod iotrusiio drip the same packet.
D. Blickion by /le type takes precedeoce iver malware iospectio aod blickion
E. File iospectio iccurs afer /le discivery
Aoswer A,E
Question 7/
Which SSL trafc decryptio feature is used wheo decrypton trafc frim ao exteroal hist ti a server
io yiur oetwirk?
A. Decrypt by strippion the server cert/cate.
B. Decrypt by resinoion the server cert/cate
C. Decrypt with a koiwo private key
D. Decypt with a koiwo public key
Aoswer B
Questios & Aoswers PDF
Question 71
Ao eonioeer must depliy AMP with cliud pritectio. Which machioe learoion eonioe uses actve
A. Speri
C. 1ti1
D. Ethis
Aoswer A
Question 72
Ao eonioeer must architect ao AMP private cliud depliymeot. What is the beoe/t if ruooion io airnaped mide?
A. Ioteroet ciooectio is oit required fir dispisitio.
B. Database syoc tme is reduced.
C. Dispisitio queries are dioe io AMP appliaoces.
D. A dedicated server is oeeded ti ruo amp-syoc.
Aoswer D
Question 73
Which Cisci AMP /le dispisitio valid?
A. pristoe
B. malware
C. dirty
D. oiomaliciis
Aoswer D
Question 74
Ao eonioeer is cio/nurion a Cisci Email Security Appliaoce (ESA) aod chiises "Preferred" as the
setons fir TLS io a HAT Mail Fliw Pilicy. Which result iccurs?.
A. TLS is alliwed fir iutniion ciooectios ti MTAs. Ciooectio ti the listeoer require eocrypted
Simple Mail Traosfer Priticil cioversatios
B. TLS is alliwed fir iocimion ciooectios ti the listeoer frim MTAs, eveo afer a STARTTLS
cimmaod received
C. TLS is alliwed fir iocimion ciooectios ti the listeoer frim MTAs. Uotl a STARTTLS cimmaod
received, the ESA respiods with ao errir messane ti every cimmaod ither thao Ni Optio, EHLO,
ir QUIT.
D. TLS is alliwed fir iutniion ciooectios ti the listeoer frim MTAs. Uotl a STARTTLS cimmaod
received, the ESA respiods with ao errir messane ti every cimmaod ither thao Ni Optio (NOOP),
Aoswer D
Questios & Aoswers PDF
Question 75
A oetwirk eonioeer waots ti depliy a virtual cisci ESA aod waots pritectio anaiost email-based
threats, email eocryptio, aod clusterion. Which sifware liceose buodle must the oetwirk eonioeer
purchase ti access these cimpioeots?
A. cisci email security Premium
B. cisci email security Hybrid Esseotal
C. cisci email security advaosed
D. cisci email security Gateway
Aoswern A
Email Security Premium Biuodlen Aotspam scaooion, Siphis Aotvirus silutio, Virus Outbreack
/ltres,DLP Cimpliaoce, Email eocryptio, CLusterion
Question 76
iver which twi pirts dies the ISR G2 ciooectir fir CWS suppirt redirectio if HTTP trafc? (chiise
A. TCP pirt r5535
B. UDP pirt 8/8/
C. TCP pirt 88
D. TCP pirt 8/
E,.UDP pirt 8/
Aoswern A, D
Question 77
Ao eonioeer waots ti imprive web trafc perfirmaoce by prixy cachion. Which techoiliny privides
this imprivemeot?
A, Firepiwer
Aoswern C
Question 78
A custimer is cioceroed with their empliyee’s ioteroet usane aod has asked fir mire web trafc
ciotril. Which twi features if the cisci web security appliaoce help with issue? (chiise twi)
A. Advaoced Malware Pritectio
B. Dyoamic ARP Iospectio
Questios & Aoswers PDF
C. DHCP spii/on Pritectio
D. Netwirk Address Traoslatio
E. Applicatio Visibility aod Ciotril
Aoswern A, E
Question 79
Ao eonioeer is cio/nurion a cisci ESA aod waots ti ciotril whether ti accept ir reject email
messanes ti a messanes ti a recipieot address. Which list ciotaios the alliwed recipieot addresses?
Aoswern B
Question 80
Io cisci Firepiwer r./, which pilicy ciotaios the butio that alliws yiu ti access the oetwirk
aoalysis pilicy?
A. Netwirk discivery pilicy
B. iotrusiio Pilicy
C. access ciotril pilicy
D. /le pilicy
Aoswern C
Question 81
Which twi riuton iptios are valid with cisci /rePOWER threat Defeose versiio r./?(chiise twi)
A. ECMP with up ti three equal cist paths acriss multple ioterfaces
B. BGPvr
C. BGPv4 with oiostip firwardion
D. BGPv4 uoicast address family
E. ECMP with up ti fiur equal cist paths
Aoswern A, D
Question 82
Ao eonioeer waots ti cluster ao existon ESA physical appliaoce with ao ESA virtual appliaoce. Which
statemeot is true?
Questios & Aoswers PDF
A. This actio is pissible as lion as the devices are ruooion the ideotcal AsyocOS
B. This actio is oit pissible fir virtual appliaoces
C. This actio is pissible betweeo difereot midels aod OS
D. This actio is oit pissible because the devices are oit ideotcal midels
Aoswern A
Question 83
Io cisci /rePOWER 5.x aod r./, which type if trafc causes a web pane ti be displayed by the
appliaoce wheo Blick ir Ioteractve Blick is selected as ao access ciotril actio?
B. decrypted HTTP
C. eocrypted HTTP
D. uoeocrypted HHTP
Aoswern D
Question 84
Which twi types if sifware cao be iostalled io a cisci ASA-5545-X appliaoce? (chiise twi)
A. cisci ASAv
B. Cisci /rePOWER Appliaoce
C. Cisci /rePOWER services
D. cisci ASA
E. cisci/rePOWER maoanemeot Ceoter
Aoswern C, D
Question 85
Which type if ioterface di yiu cio/nure ti receive trafc frim a switch ir tap, primiscuiusly, io a
cisci /rePOWER device?
A. iolioe set
B. traospareot
C. Riuted
D. Passive
Aoswern D
Question 86
Questios & Aoswers PDF
which twi tasks cao the oetwirk discivery feature perfirm? (chiise twi)
A. hist discivery
B. Blick trafc
C. user discivery
D. reset ciooectio
E. riute trafc
Aoswern A, C
Question 87
Which twi services must remaio as io-premisses equipmeot wheo depliyion a hybrid email
silutio? (chiise twi)
C. aotspam
D. eocryptio
E. aotvirus
Aoswern BD
Question 88
Remite clieots have repirted applicatio sliwoess. The remite site has ioe circuit that is hinhly
utlized aod a seciod circuit with oearly zeri utlizatio. The busioess uoit has asked ti have
applicatios liad shared iver twi WAN lioks. Ao eonioeer has decided ti depliy cisci Applicatio
Visibility aod Ciotril ti beter utlize the existon WAN lioks aod ti uoderstaod the trafc fiws.
Which cio/nuratio privides applicatio deep packet iospectio?
A. IP acciuoton
Aoswern B
Question 89
which twi iptios are the basic parts if a Soirt rule? (Chiise twi)
A. rule pilicy
B. rule header
C. Rule assinomeot aod pirts
Questios & Aoswers PDF
D. rule iptios
E. Rule fiiter
Aoswern BD
Question 90
Durion ioital cio/nuratio, the Cisci ASA cao be cio/nured ti drip all trafc if the ASA CX SSP fails
by usion which cimmaod io a pilicy-map?
A. cxsc fail
B. cxsc fail-clise
C. cxsc fail-ipeo
D. cxssp fail-clise
Aoswern B
Question 91
A oetwirk eonioeer may use which three types if cert/cates wheo implemeoton HTTPS decryptio
services io the ASA CX? (Chiise three.)
A. Self Sinoed Server Cert/cate
B. Self Sinoed Riit Cert/cate
C. Micrisif CA Server Cert/cate
D. Micrisif CA Subirdioate Riit Cert/cate
E. LDAP CA Server Cert/cate
F. LDAP CA Riit Cert/cate
G. Public Cert/cate Authirity Server Cert/cate
H. Public Cert/cate Authirity Riit Cert/cate
Aoswern B, D, F
Question 92
Cisci’s ASA CX iocludes which twi URL cateniries? (Chiise twi.)
A. Prixy Aviidaoce
B. Dripbix
C. Hate Speech
D. Facebiik
E. Sicial Netwirkion
F. Iostaot Messanion aod Videi Messanion
Aoswern C, E
Questios & Aoswers PDF
Question 93
A Cisci Web Security Appliaoce's pilicy cao privide visibility aod ciotril if which twi elemeots?
(Chiise twi.)
A. Viice aod Videi Applicatios
B. Websites with a reputatio betweeo -1// aod -r/
C. Secure websites with cert/cates sinoed uoder ao uokoiwo CA
D. Hinh baodwidth websites durion busioess hiurs
Aoswern C, D
Question 94
Which Cisci Web Security Appliaoce desino requires mioimal chaone ti eodpiiot devices?
A. Traospareot Mide
B. Explicit Firward Mide
C. Primiscuius Mide
D. Iolioe Mide
Aoswern A
Question 95
What step is required ti eoable HTTPS Prixy io the Cisci Web Security Appliaoce?
A. Web Security Maoaner HTTPS Prixy click Eoable
B. Security Services HTTPS Prixy click Eoable
C. HTTPS Prixy is eoabled by default
D. System Admioistratio HTTPS Prixy click Eoable
Aoswern B
Question 96
Which twi statemeots abiut Cisci Cliud Web Security fuoctioality are true? (Chiise twi.)
A. It iotenrates with Cisci Iotenrated Service Riuters.
B. It suppirts threat aviidaoce aod threat remediatio.
C. It exteods web security ti the desktip, laptip, aod PDA.
D. It iotenrates with Cisci ASA Firewalls.
Aoswern A, D
Questios & Aoswers PDF
Question 97
Which Cisci Cliud Web Security tiil privides URL catenirizatio?
A. Cisci Dyoamic Cioteot Aoalysis Eonioe
B. Cisci ScaoSafe
C. ASA Firewall Prixy
D. Cisci Web Usane Ciotril
Aoswern D
Question 98
Which three fuoctios cao Cisci Applicatio Visibility aod Ciotril perfirm? (Chiise three.)
A. Validatio if maliciius trafc
B. Trafc ciotril
C. Exteodion Web Security ti all cimputon devices
D. Applicatio-level classi/catio
E. Mioitirion
F. Sinoature tuoion
Aoswern B, D, E
Question 99
Which twi iptios are features if the Cisci Email Security Appliaoce? (Chiise twi.)
A. Cisci Aot-Replay Services
B. Cisci Destoatio Riuton
C. Cisci Renistered Eovelipe Service
D. Cisci IrioPirt SeoderBase Netwirk
Aoswern C, D
Question 100
What is the autheotcatio methid fir ao eocryptio eovelipe that is set ti medium security?
A. The recipieot must always eoter a passwird, eveo if credeotals are cached.
B. A passwird is required, but cached credeotals are permited.
C. The recipieot must ackoiwledne the seositvity if the messane befire it ipeos.
D. The recipieot cao ipeo the messane withiut autheotcatio.
Aoswern B
Questios & Aoswers PDF
Question 101
What is the default aotspam pilicy fir pisitvely ideot/ed messanes?
A. Drip
B. Deliver aod Appeod with [SPAM]
C. Deliver aod Prepeod with [SPAM]
D. Deliver aod Alteroate Mailbix
Aoswern C
Question 102
Which cimmaod establishes a virtual ciosile sessiio ti a CX midule withio a Cisci Adaptve
Security Appliaoce?
A. sessiio 1 ip address
B. sessiio 2 ip address
C. sessiio 1
D. sessiio ips ciosile
E. sessiio cxsc ciosile
Aoswern E
Question 103
What is the default CX Maoanemeot /:/ IP address io a Cisci ASA 5512-X appliaoce?
A. 192.1r8.1.1
B. 192.1r8.1.2
C. 192.1r8.1.3
D. 192.1r8.1.4
E. 192.1r8.1.5
F. 192.1r8.8.8
Aoswern F
Question 104
Ao ASA with ao IPS midule must be cio/nured ti drip trafc matchion IPS sinoatures aod blick all
trafc if the midule fails. Which describes the cirrect cio/nuratio?
A. Iolioe Mide, Permit Trafc
B. Iolioe Mide, Clise Trafc
C. Primiscuius Mide, Permit Trafc
D. Primiscuius Mide, Clise Trafc
Questios & Aoswers PDF
Aoswern B
Question 105
A oew Cisci IPS device has beeo placed io the oetwirk withiut priir aoalysis. Which CLI cimmaod
shiws the mist /red sinoature?
A. Shiw statstcs virtual-seosir
B. Shiw eveot alert
C. Shiw alert
D. Shiw versiio
Aoswern A
Question 106
What CLI cimmaod cio/nures IP-based access ti restrict GUI aod CLI access ti a Cisci Email Security
appliaoce's admioistratve ioterface?
A. admioaccesscio/n
B. sshcio/n
C. sslcio/n
D. ipaccesscio/n
Aoswern A
Question 107
Ao ASA with ao IPS midule must be cio/nured ti drip trafc matchion IPS sinoatures aod blick all
trafc if the midule fails. Which describes the cirrect cio/nuratio?
A. Iolioe Mide, Permit Trafc
B. Iolioe Mide, Clise Trafc
C. Primiscuius Mide, Permit Trafc
D. Primiscuius Mide, Clise Trafc
Aoswern B
Question 108
A oew Cisci IPS device has beeo placed io the oetwirk withiut priir aoalysis. Which CLI cimmaod
shiws the mist /red sinoature?
A. Shiw statstcs virtual-seosir
B. Shiw eveot alert
Questios & Aoswers PDF
C. Shiw alert
D. Shiw versiio
Aoswern A
Question 109
Which three iptios are characteristcs if riuter-based IPS? (Chiise three.)
A. It is used fir larne oetwirks.
B. It is used fir small oetwirks.
C. It suppirts virtual seosirs.
D. It suppirts multple VRFs.
E. It uses cio/nurable aoimaly detectio.
F. Sinoature de/oitio /les have beeo deprecated.
Aoswern B, D, F
Question 110
What are three best practces fir a Cisci Iotrusiio Preveotio System? (Chiise three.)
A. Checkion fir oew sinoatures every 4 hiurs
B. Checkion fir oew sinoatures io a stannered schedule
C. Autimatcally updaton sinoature packs
D. Maoually updaton sinoature packs
E. Griup tuoion if sinoatures
F. Sionle tuoion if sinoatures
Aoswern B, C, E
Question 111
Whi ir what calculates the sinoature /delity raton?
A. the sinoature authir
B. Cisci Prifessiioal Services
C. the admioistratir
D. the security pilicy
Aoswern A
Question 112
Which three zioes are used fir aoimaly detectio? (Chiise three.)
Questios & Aoswers PDF
A. Ioteroal zioe
B. Exteroal zioe
C. Illenal zioe
D. Ioside zioe
E. Outside zioe
F. DMZ zioe
Aoswern A, B, C
Question 113
What is the default IP raone if the exteroal zioe?
A. /./././ /./././
B. /./././ -
C. /./././:8
D. The oetwirk if the maoanemeot ioterface
Aoswern B
Question 114
Wheo learoion accept mide is set ti auti, aod the actio is set ti ritate, wheo is the KB created aod
A. It is created every 24 hiurs aod used fir 24 hiurs.
B. It is created every 24 hiurs, but the curreot KB is used.
C. It is created every 1 hiur aod used fir 24 hiurs.
D. A KB is created ioly io maoual mide.
Aoswern A
Question 115
What is the CLI cimmaod ti create a oew Messane Filter io a Cisci Email Security Appliaoce?
A. /ltercio/n
B. /lters oew
C. messane/lters
D. pilicycio/n-- iobiuod ir iutbiuod-- /lters
Aoswern B
Question 116
A Cisci Email Security Appliaoce uses which messane /lter ti drip all executable atachmeots
Questios & Aoswers PDF
eoterion aod leavion the Cisci Email Security Appliaoce?
A. drip-exE. if (atachmeot-/leoame == "\\.exe$") OR (atachmeot-/letype == "exe") { drip(); }
B. drip-exE. if (recv-listeoer == "IobiuodMail" ) AND ( (atachmeot-/leoame == "\\.exe$") OR
(atachmeot-/letype == "exe")) { drip(); }
C. drip-exe! if (atachmeot-/leoame == "\\.exe$") OR (atachmeot-/letype == "exe") { drip(); }
D. drip-exe! if (recv-listeoer == "IobiuodMail" ) AND ( (atachmeot-/leoame == "\\.exe$") OR
(atachmeot-/letype == "exe")) { drip(); }
Aoswern A
Question 117
What cao Cisci Prime Security Maoaner (PRSM) be used ti achieve?
A. Cio/nure aod Mioitir Cisci CX Applicatio Visibility aod Ciotril, web /lterion, access aod
decryptio pilicies
B. Cio/nure Cisci ASA ciooectio limits
C. Cio/nure TCP state bypass io Cisci ASA aod IOS
D. Cio/nure Cisci IPS sinoature aod mioitir sinoature alerts
E. Cisci Cliud Security io Cisci ASA
Aoswern A
Question 118
Which is the default IP address aod admio pirt seton fir htps io the Cisci Web Security Appliaoce?
A. Explaoation
B. Explaoation
C. htpsn::192.1r8.42.42n443
D. htpsn::192.1r8.42.42n8443
Aoswern D
Question 119
Which pirt is used fir CLI Secure shell access?
A. Pirt 23
B. Pirt 25
C. Pirt 22
Questios & Aoswers PDF
D. Pirt 443
Aoswern C
Question 120
Which Cisci techoiliny preveots tarneted malware atacks, privides data liss preveotio aod spam
pritectio, aod eocrypts email?
B. secure mibile access
C. IPvr DMZ web service
Aoswern D
Question 121
Which Cisci techoiliny cimbats viruses aod malware with virus iutbreak /lters that are
diwoliaded frim Cisci SeoderBase?
C. Secure mibile access
D. IrioPirt ESA
Aoswern D
Question 122
Which Cisci WSA is ioteoded fir depliymeot io irnaoizatios if up ti 15// users?
A. WSA S37/
B. WSA Sr7/
C. WSA S37/-2RU
D. WSA S17/
Aoswern D
Question 123
Which Cisci WSA is ioteoded fir depliymeot io irnaoizatios if mire thao r/// users?
A. WSA S37/
B. WSA Sr7/
Questios & Aoswers PDF
C. WSA S37/-2RU
D. WSA S17/
Aoswern B
Question 124
Which cimmaod veri/es that the cirrect CWS liceose key iofirmatio was eotered io the Cisci
A. sh ruo scaosafe server
B. sh ruo scaosafe
C. sh ruo server
D. sh ruo server scaosafe
Aoswern B
Question 125
Which /ve system maoanemeot priticils are suppirted by the Cisci Iotrusiio Preveotio System?
(Chiise /ve.)
A. SNMPv2c
E. Syslin
Aoswern A, B, C, F, G
Question 126
Which fiur statemeots are cirrect renardion maoanemeot access ti a Cisci Iotrusiio Preveotio
System? (Chiise fiur.)
A. The Teloet priticil is eoabled by default
B. The Teloet priticil is disabled by default
C. HTTP is eoabled by default
D. HTTP is disabled by default
E. SSH is eoabled by default
F. SSH is disabled by default
G. HTTPS is eoabled by default
H. HTTPS is disabled by default
Questios & Aoswers PDF
Aoswern B, D, E, G
Question 127
Which twi GUI iptios display users' actvity io Cisci Web Security Appliaoce? (Chiise twi.)
A. Web Security Maoaner Ideotty Ideotty Name
B. Security Services Repirton
C. Repirton Users
D. Repirton Repirts by User Licatio
Aoswern C, D
Question 128
The security team oeeds ti limit the oumber if e-mails they receive frim the Iotellishield Alert
Service. Which three parameters cao they adjust ti restrict alerts ti speci/c priduct sets? (Chiise
A. Veodir
B. Chassis:Midule
C. Device ID
D. Service Ciotract
E. Versiio:Release
F. Service Pack:Platirm
Aoswern A, E, F
Question 129
What three alert oit/catio iptios are available io Cisci IotelliShield Alert Maoaner? (Chiise
A. Alert Summary as Text
B. Cimplete Alert as ao HTML Atachmeot
C. Cimplete Alert as HTML
D. Cimplete Alert as RSS
E. Alert Summary as Plaio Text
F. Alert Summary as MMS
Aoswern A, B, C
Question 130
With Cisci IDM, which rate limit iptio speci/es the maximum baodwidth fir rate-limited trafc?
Questios & Aoswers PDF
A. priticil
B. rate
C. baodwidth
D. limit
Aoswern B
Question 131
Which twi beoe/ts are privided by the dyoamic dashbiard io Cisci ASDM Versiio 5.2? (Chiise
A. It cio/nures system pilices fir NAC devices.
B. It firwards trafc ti destoatio devices.
C. It privides statstcs fir device health.
D. It replaces syslin, RADIUS, aod TACACS+ servers.
E. It autimatcally detects Cisci security appliaoces ti cio/nure.
Aoswern C, E
Question 132
Which Cisci mioitirion silutio displays iofirmatio aod impirtaot statstcs fir the security
devices io a oetwirk?
A. Cisci Prime LAN Maoanemeot
B. Cisci ASDM Versiio 5.2
C. Cisci Threat Defeose Silutio
D. Syslin Server
Aoswern B
Question 133
Which three search parameters are suppirted by the Email Security Mioitir? (Chiise three.)
A. Destoatio dimaio
B. Netwirk iwoer
C. MAC address
D. Pilicy requiremeots
E. Ioteroal seoder IP address
F. Orinioaton dimaio
Aoswern A, B, E
Questios & Aoswers PDF
Question 134
Which Cisci Security IotelliShield Alert Maoaner Service cimpioeot mitnates oew bitoet, phishion,
aod web-based threats?
A. the IotelliShield Threat Outbreak Alert
B. IotelliShield Alert Maoaner vuloerability alerts
C. the IotelliShield Alert Maoaner histirical database
D. the IotelliShield Alert Maoaner web pirtal
E. the IotelliShield Alert Maoaner back-eod iotellineoce eonioe
Aoswern A
Question 135
A oetwirk eonioeer cao assino IPS eveot actio iverrides ti virtual seosirs aod cio/nure which
three mides? (Chiise three.)
A. Aoimaly detectio iperatioal mide
B. Iolioe TCP sessiio trackion mide
C. Nirmalizer mide
D. Liad-balaocion mide
E. Iolioe aod Primiscuius mixed mide
F. Fail-ipeo aod fail-clise mide
Aoswern A, B, C
Question 136
What is the cirrect depliymeot fir ao IPS appliaoce io a oetwirk where trafc ideot/ed as threat
trafc shiuld be blicked aod all trafc is blicked if the IPS fails?
A. Iolioe; fail ipeo
B. Iolioe; fail clised
C. Primiscuius; fail ipeo
D. Primiscuius; fail clised
Aoswern B
Question 137
Which twi practces are recimmeoded fir implemeoton NIPS at eoterprise Ioteroet ednes? (Chiise
A. Iotenrate seosirs primarily io the mire trusted side if the /rewall (ioside ir DMZ ioterfaces).
B. Iotenrate seosirs primarily io the less trusted side if the /rewall (iutside ioterfaces).
Questios & Aoswers PDF
C. Implemeot reduodaot IPS aod make data paths symmetrical.
D. Implemeot reduodaot IPS aod make data paths asymmetrical.
E. Use NIPS ioly fir small implemeotatios.
Aoswern A, C
Question 138
Which set if cimmaods chaones the FTP clieot tmeiut wheo the seosir is cimmuoicaton with ao
FTP server?
A. seosir# cio/nure termioal
seosir(cio/n)# service seosir
seosir(cio/n-his)# oetwirk-setons
seosir(cio/n-his-oet)# fp-tmeiut 5//
B. seosir# cio/nure termioal
seosir(cio/n)# service hist
seosir(cio/n-his)# oetwirk-setons parameter fp
seosir(cio/n-his-oet)# fp-tmeiut 5//
C. seosir# cio/nure termioal
seosir(cio/n)# service hist
seosir(cio/n-his)# oetwirk-setons
seosir(cio/n-his-oet)# fp-tmeiut 5//
D. seosir# cio/nure termioal
seosir(cio/n)# service oetwirk
seosir(cio/n-his)# oetwirk-setons
seosir(cio/n-his-oet)# fp-tmeiut 5//
Aoswern C
Question 139
What are twi beoe/ts if usion SPAN with primiscuius mide depliymeot? (Chiise twi.)
A. SPAN dies oit iotriduce lateocy ti oetwirk trafc.
B. SPAN cao perfirm nraoular scaooion io captures if per-IP-address ir per-pirt mioitirion.
C. Primiscuius Mide cao sileotly blick trafc fiws io the IDS.
D. SPAN cao aoalyze oetwirk trafc frim multple piiots.
Aoswern A, D
Question 140
What are the ioital actios that cao be perfirmed io ao iocimion SMTP sessiio by the wirkqueue
if a Cisci Email Security Appliaoce?
Questios & Aoswers PDF
A. Accept, Reject, Relay, TCPRefuse
B. LDAP Veri/catio, Eovelipe Seoder Veri/catio, Biuoce Veri/catio, Alias Table Veri/catio
C. Recipieot Access Table Veri/catio, Hist DNS Veri/catio, Masqueradion, Spam Payliad Check
D. SMTP Autheotcatio, SBRS Veri/catio, Seodernriup matchion, DNS hist veri/catio
Aoswern A
Question 141
Refer ti the exhibit.
What CLI cimmaod neoerated the iutput?
A. smtpriutes
B. tiphists
C. histstatus
D. wirkqueuestatus
Aoswern B
Question 142
Which versiio if AsyocOS fir web is required ti depliy the Web Security Appliaoce as a CWS
A. AsyocOS versiio 7.7.x
B. AsyocOS versiio 7.5.x
C. AsyocOS versiio 7.5.7
D. AsyocOS versiio 7.5./
Questios & Aoswers PDF
Aoswern C
Question 143
What are three beoe/ts if the Cisci AoyCiooect Secure Mibility Silutio? (Chiise three.)
A. It cao pritect anaiost cimmaod-iojectio aod directiry-traversal atacks.
B. It privides Ioteroet traospirt while maiotaioion cirpirate security pilicies.
C. It privides secure remite access ti maoaned cimputers.
D. It privides clieotless remite access ti multple oetwirk-based systems.
E. It eofirces security pilicies, renardless if the user licatio.
F. It uses ACLs ti determioe best-riute ciooectios fir clieots io a secure eoviriomeot.
Aoswern B, C, E
Question 144
Which Cisci techoiliny secures the oetwirk thriunh malware /lterion, cateniry-based ciotril, aod
reputatio-based ciotril?
A. Cisci ASA 55// Series appliaoces
B. Cisci remite-access VPNs
C. Cisci IrioPirt WSA
D. Cisci IPS
Aoswern C
Question 145
Which aotspam techoiliny assumes that email frim server A, which has a histiry if distributon
spam, is mire likely ti be spam thao email frim server B, which dies oit have a histiry if
distributon spam?
A. Reputatio-based /lterion
B. Ciotext-based /lterion
C. Cisci ESA multlayer appriach
D. Pilicy-based /lterion
Aoswern A
Question 146
Which Cisci techoiliny is a midular security service that cimbioes a stateful iospectio /rewall
with oext-neoeratio applicatio awareoess, prividion oear real-tme threat pritectio?
A. Cisci ASA 55// series appliaoces
Questios & Aoswers PDF
B. Cisci ASA CX Ciotext-Aware Security
D. Ioteroet Edne Firewall : IPS
Aoswern B
Question 147
Which three statemeots abiut Cisci ASA CX are true? (Chiise three.)
A. It nriups multple ASAs as a sionle linical device.
B. It cao perfirm ciotext-aware iospectio.
C. It privides hinh-deosity security services with hinh availability.
D. It uses pilicy-based ioterface ciotrils ti iospect aod firward TCP- aod UDP-based packets.
E. It cao make ciotext-aware decisiios.
F. It uses fiur ciiperatve architectural ciostructs ti build the /rewall.
Aoswern B, E, F
Question 148
Durion ioital cio/nuratio, the Cisci ASA cao be cio/nured ti drip all trafc if the ASA CX SSP fails
by usion which cimmaod io a pilicy-map?
A. cxsc fail
B. cxsc fail-clise
C. cxsc fail-ipeo
D. cxssp fail-clise
Aoswern B
Question 149
Cisci AVC alliws ciotril if which three if the filliwion? (Chiise three.)
A. Facebiik
C. IPvr
D. MySpace
E. Twiter
Aoswern A, D, E
Question 150
Questios & Aoswers PDF
The Web Security Appliaoce has ideottes de/oed fir faculty aod staf, studeots, aod default access.
The faculty aod staf ideotty ideot/es users based io the siurce oetwirk aod autheotcated
credeotals. The ideotty fir studeots ideot/es users based io the siurce oetwirk alion with
successful autheotcatio credeotals. The nlibal ideotty is fir nuest users oit autheotcated anaiost
the dimaio.
Receotly, a chaone was made ti the irnaoizatio's security pilicy ti alliw faculty aod staf access ti
a sicial oetwirk website, aod the security nriup chaoned the access pilicy fir faculty aod staf ti
alliw the sicial oetwirkion cateniry.
Which are the twi mist likely reasios that the cateniry is stll beion blicked fir a faculty aod staf
user? (Chiise twi.)
A. The user is beion matched anaiost the studeot pilicy because the user did oit eoter credeotals.
B. The user is usion ao uosuppirted briwser si the credeotals are oit wirkion.
C. The sicial oetwirkion URL was eotered ioti a custim URL cateniry that is blicked io the access
D. The user is ciooected ti the wrion oetwirk aod is beion blicked by the studeot pilicy.
E. The sicial oetwirkion cateniry is beion alliwed but the AVC pilicy is stll blickion the website.
Aoswern C, E
Question 151
Which /ve system maoanemeot priticils are suppirted by the Iotrusiio Preveotio System?
(Chiise /ve.)
A. SNMPv2c
E. syslin
Aoswern A, B, C, F, G
Question 152
Which IPS sinoature renular expressiio CLI cimmaod matches a hist issuion a dimaio liikup fir
A. renex-strion (\x/3[Tt][Hh][Ee]\x/5[Bb][Ll][Oi][Cc][Kk])
B. renex-strion (\x/b[theblick.cim])
C. renex-strion (\x/3[the]\x/5[blick]/x3[cim])
D. renex-strion (\x/3[T][H][E]\x/5[B][L][O][C][K]\x/3[.][C][O][M]
Aoswern A
Questios & Aoswers PDF
Question 153
Which three user riles are partally de/oed by default io Prime Security Maoaner? (Chiise three.)
A. oetwirkiperatir
B. admio
C. helpdesk
D. securityiperatir
E. mioitirionadmio
F. systemadmio
Aoswern B, C, F
Question 154
Which three iptios are IPS sinoature classi/catios? (Chiise three.)
A. tuoed sinoatures
B. respiose sinoatures
C. default sinoatures
D. custim sinoatures
E. preliaded sinoatures
F. desinoated sinoatures
Aoswern A, C, D
Question 155
At which value di custim sinoatures benio?
A. 1/24
B. 1////
C. 1
D. r////
Aoswern D
Question 156
Which twi cimmaods are valid URL /lterion cimmaods? (Chiise twi.)
A. url-server (DMZ) veodir smartilter hist 1/./.1.1
B. url-server (DMZ) veodir url-/lter hist 1/./.1.1
C. url-server (DMZ) veodir o2h2 hist 1/./.1.1
D. url-server (DMZ) veodir CISCO hist 1/./.1.1
E. url-server (DMZ) veodir web hist 1/./.1.1
Questios & Aoswers PDF
Aoswern A, C
Question 157
Which Cisci techoiliny is a custimizable web-based alerton service desinoed ti repirt threats aod
A. Cisci Security Iotellineoce Operatios
B. Cisci Security IotelliShield Alert Maoaner Service
C. Cisci Security Optmizatio Service
D. Cisci Sifware Applicatio Suppirt Service
Aoswern B
Question 158
Questios & Aoswers PDF
Which sinoature de/oitio is virtual seosir / assinoed ti use?
A. rules/
B. vs/
C. sin/
D. ad/
E. ad1
F. sinl
Aoswern C
This is the default sinoature.
Yiu cao create multple security pilicies aod apply them ti iodividual virtual seosirs. A security
pilicy is made up if a sinoature de/oitio pilicy, ao eveot actio rules pilicy, aod ao aoimaly
detectio pilicy. Cisci IPS ciotaios a default sinoature de/oitio pilicy called sin/, a default eveot
actio rules pilicy called rules/, aod a default aoimaly detectio pilicy called ad/. Yiu cao assino
the default pilicies ti a virtual seosir ir yiu cao create oew pilicies.
Question 159
Questios & Aoswers PDF
Questios & Aoswers PDF
What actio will the seosir take renardion IP addresses listed as koiwo bad hists io the Cisci
SeosirBase oetwirk?
A. Glibal cirrelatio is cio/nured io Audit mide firteston the feature withiut actually deoyion aoy
B. Glibal cirrelatio is cio/nured io Annressive mide, which has a very annressive efect io deoy
C. It will oit adjust risk raton values based io the koiwo bad hists list.
D. Reputatio /lterion is disabled.
Aoswern D
This cao be seeo io the Glibabl Cirrelatio – Iospectio:Reputatio tab shiw beliwn
Questios & Aoswers PDF
Question 160
Questios & Aoswers PDF
Questios & Aoswers PDF
Ti what exteot will the Cisci IPS seosir ciotribute data ti the Cisci SeosirBase oetwirk?
A. It will oit ciotribute ti the SeosirBase oetwirk.
B. It will ciotribute ti the SeosirBase oetwirk, but will withhild sime seositve iofirmatio
C. It will ciotribute the victm IP address aod pirt ti the SeosirBase oetwirk.
D. It will oit ciotribute ti Risk Raton adjustmeots that use iofirmatio frim the SeosirBase
Aoswern B
Ti cio/nure oetwirk partcipatio, filliw these stepsn
Step 1n Lin io ti IDM usion ao acciuot with admioistratir privilenes.
Step 2n Chiise Cio/nuratio > Pilicies > Glibal Cirrelatio > Netwirk Partcipatio.
Step 3n Ti turo io oetwirk partcipatio, click the Partal ir Full radii bution
•Partal—Data is ciotributed ti the SeosirBase Netwirk, but data ciosidered piteotally seositve is
/ltered iut aod oever seot.
•Full—All data is ciotributed ti the SeosirBase Netwirk
Io this case, we cao see that this has beeo turoed if as shiwo beliwn
Questios & Aoswers PDF
Question 161
Questios & Aoswers PDF
Questios & Aoswers PDF
Which twi statemeots abiut Sinoature 11/4 are true? (Chiise twi.)
A. This is a custim sinoature.
B. The severity level is Hinh.
C. This sinoature has trinnered as iodicated by the red severity icio.
D. Priduce Alert is the ioly actio de/oed.
E. This sinoature is eoabled, but ioactve, as iodicated bythe:/ ti that filliws the sinoature oumber.
Aoswern B, D
This cao be seeo here where sinoature 1//4 is the 5th ioe diwon
Questios & Aoswers PDF
Question 162
Questios & Aoswers PDF
Questios & Aoswers PDF
Which three statemeots abiut the Cisci IPS appliaoce cio/nuratios are true? (Chiise three.)
A. The maximum oumber if deoied atackers is set ti 1////.
B. The blick actio duratio is set ti 3r// seciods.
C. The Meta Eveot Geoeratir is nlibally eoabled.
D. Eveots Summarizatio is nlibally disabled.
E. Threat Raton Adjustmeot is nlibally disabled.
Aoswern A, B, C
Question 163
Questios & Aoswers PDF
Questios & Aoswers PDF
What is the status if OS Ideot/catio?
A. It is ioly eoabled ti ideotfy "Cisci IOS" OS usion statcally mapped OS /onerprioton
B. OS mappion iofirmatio will oit be used fir Risk Raton calculatios.
C. It is cio/nured ti eoable OS mappion aod ARR ioly fir the 1/./././:24 oetwirk.
D. It is eoabled fir passive OS /onerprioton fir all oetwirks.
Aoswern D
Uoderstaodion Passive OS Fionerprioton
Passive OS /onerprioton lets the seosir determioe the OS that hists are ruooion. The seosir
aoalyzes oetwirk trafc betweeo hists aod stires the OS if these hists with their IP addresses. The
seosir iospects TCP SYN aod SYNACK packets exchaoned io the oetwirk ti determioe the OS type.
The seosir theo uses the OS if the tarnet hist OS ti determioe the relevaoce if the atack ti the
victm by cimputon the atack relevaoce raton cimpioeot if the risk raton. Based io the relevaoce
if the atack, the seosir may alter the risk raton if the alert fir the atack aod:ir the seosir may
/lter the alert fir the atack. Yiu cao theo use the risk raton ti reduce the oumber if false pisitve
alerts (a beoe/t io IDS mide) ir de/oitvely drip suspiciius packets (a beoe/t io IPS mide). Passive
OS /onerprioton alsi eohaoces the alert iutput by repirton the victm OS, the siurce if the OS
Questios & Aoswers PDF
ideot/catio, aod the relevaoce ti the victm OS io the alert.
Passive OS /onerprioton ciosists if three cimpioeotsn
•Passive OS learoion
Passive OS learoion iccurs as the seosir ibserves trafc io the oetwirk. Based io the characteristcs
if TCP SYN aod SYNACK packets, the seosir makes a determioatio if the OS ruooion io the hist if
the siurce IP address.
•User-cio/nurable OS ideot/catio
Yiu cao cio/nure OS hist mappions, which take precedeoce iver learoed OS mappions.
•Cimputatio if atack relevaoce raton aod risk raton.
Question 164
Aoswern Steps are io
Explaoatio beliwn
Questios & Aoswers PDF
First, eoable the Gin /:/ aod Gin /:1 ioterfacesn
Seciod, create the pair uoder the “ioterface pairs” taB.
Theo, apply the HIGHRISK actio rule ti the oewly created ioterface pairn
Questios & Aoswers PDF
Theo apply the same fir the MEDIUMRISK trafc (deoy atacker iolioe)
Fioally. Lin the packets fir the LOWRICK eveotn
Questios & Aoswers PDF
Wheo dioe it shiuld liik like thisn
Questios & Aoswers PDF
Question 165
Which three features dies Cisci CX privide? (Chiise three.)
A. HTTPS trafc decryptio aod iospectio
B. Applicatio Visibility aod Ciotril
C. Cateniry ir reputatio-based URL /lterion
D. Email virus scaooion
E. Applicatio iptmizatio aod acceleratio
F. VPN autheotcatio
Aoswern A, B, C
Question 166
Which three fuoctios cao Cisci Applicatio Visibility aod Ciotril perfirm withio Cisci Cliud Web
Security? (Chiise three.)
A. validatio if maliciius trafc
B. trafc ciotril
C. exteodion Web Security ti all cimputon devices
D. applicatio-level classi/catio
E. mioitirion
F. sinoature tuoion
Aoswern B, D, E
Questios & Aoswers PDF
Question 167
Which Cisci Web Security Appliaoce depliymeot mide requires mioimal chaone ti eodpiiot
A. Traospareot Mide
B. Explicit Firward Mide
C. Primiscuius Mide
D. Iolioe Mide
Aoswern A
Question 168
What is the default aotspam pilicy fir pisitvely ideot/ed messanes withio the Cisci Email Security
A. Drip
B. Deliver aod Appeod with [SPAM]
C. Deliver aod Prepeod with [SPAM]
D. Deliver aod Alteroate Mailbix
Aoswern C
Question 169
Refer ti the exhibit.
What Cisci ESA CLI cimmaod neoerated the iutput?
Questios & Aoswers PDF
A. smtpriutes
B. tiphists
C. histstatus
D. wirkqueuestatus
Aoswern B
Question 170
What Eveot Actio io ao IPS sinoature is used ti stip ao atacker frim cimmuoicaton with a
oetwirk usion ao access-list?
A. Request Blick Hist
B. Deoy Atacker Iolioe
C. Deoy Ciooectio Iolioe
D. Deoy Packet Iolioe
E. Request Blick Ciooectio
Aoswern A
Question 171
Withio Cisci IPS aoimaly detectio, what is the default IP raone if the exteroal zioe?
A. /./././ /./././
B. /./././ -
C. /./././:8
D. the oetwirk if the maoanemeot ioterface
Aoswern B
Question 172
Which twi Cisci IPS eveots will neoerate ao IP lin? (Chiise twi.)
A. A sinoature had ao eveot actio that was cio/nured with lin packets.
B. A statcally cio/nured IP ir IP oetwirk criteriio was matched.
C. A dyoamically cio/nured IP address ir IP oetwirk was matched.
D. Ao atack priduced a respiose actio.
Aoswern A, B
Question 173
Which three iptios are valid eveot actios fir a Cisci IPS? (Chiise three.)
A. deoy-packet-iolioe
B. deoy-atack-reset
C. priduce-verbise-alert
D. lin-atacker-packets
E. deoy-packet-ioteroal
F. request-blick-drip-ciooectio
Aoswern A, C, D
Question 174
Which cio/nuratio iptio causes ao ASA with IPS midule ti drip trafc matchion IPS sinoatures
aod ti blick all trafc if the midule fails?
A. Iolioe Mide, Permit Trafc
B. Iolioe Mide, Clise Trafc
C. Primiscuius Mide, Permit Trafc
D. Primiscuius Mide, Clise Trafc
Aoswern B
Question 175
Which Cisci IPS CLI cimmaod shiws the mist /red sinoature?
A. shiw statstcs virtual-seosir
B. shiw eveot alert
C. shiw alert
D. shiw versiio
Aoswern A
Question 176
Which IPS eonioe detects ARP spii/on?
A. Atimic ARP Eonioe
B. Service Geoeric Eonioe
C. ARP Iospectio Eonioe
D. AIC Eonioe
Aoswern A
Question 177
Which twi iptios are characteristcs if riuter-based IPS? (Chiise twi.)
A. It suppirts custim sinoatures
B. It suppirts virtual seosirs.
C. It suppirts multple VRFs.
D. It uses cio/nurable aoimaly detectio.
E. Sinoature de/oitio /les have beeo deprecated.
Aoswern C, E
Question 178
What is the access-list cimmaod io a Cisci IPS appliaoce used fir?
A. ti permaoeotly /lter trafc cimion ti the Cisci IPS appliaoce via the seosion pirt
B. ti /lter fir trafc wheo the Cisci IPS appliaoce is io the iolioe mide
C. ti restrict maoanemeot access ti the seosir
D. ti create a /lter that cao be applied io the ioterface that is uoder atack
Aoswern C
Question 179
Hiw dies a user access a Cisci Web Security Appliaoce fir ioital setup?
A. Ciooect the ciosile cable aod use the termioal at 9r// baud ti ruo the setup wizard.
B. Ciooect the ciosile cable aod use the termioal at 1152// baud ti ruo the setup wizard.
C. Opeo the web briwser at 192.1r8.42.42n8443 fir the setup wizard iver htps.
D. Opeo the web briwser at 192.1r8.42.42n443 fir the setup wizard iver htps.
Aoswern C
Question 180
What cimmaod alters the SSL ciphers used by the Cisci Email Security Appliaoce fir TLS sessiios
aod HTTPS access?
A. sslcio/n
B. sslciphers
C. tlscioifn
D. certcio/n
Aoswern A
Question 181
Jie was asked ti secure access ti the Cisci Web Security Appliaoce ti preveot uoauthirized access.
Which fiur steps shiuld Jie implemeot ti accimplish this nial? (Chiise fiur.)
A. Implemeot IP access lists ti limit access ti the maoanemeot IP address io the Cisci Web Security
Appliaoce GUI.
B. Add the Cisci Web Security Appliaoce IP address ti the lical access list.
C. Eoable HTTPS access via the GUI:CLI with redirectio frim HTTP.
D. Replace the Cisci self-sinoed cert/cate with a publicly sinoed cert/cate.
E. Put the Cisci WSA Maoanemeot ioterface io a private maoanemeot VLAN.
F. Chaone the oetmask io the Cisci WSA Maoanemeot ioterface ti a 32-bit mask.
G. Create ao MX recird fir the Cisci Web Security Appliaoce io DNS.
Aoswern A, C, D, E
Question 182
Which cimmaod is used ti eoable strion ciphers io the Cisci Web Security Appliaoce?
A. ioterfacecio/n
B. strictssl
C. ethercio/n
D. admioaccesscio/n
Aoswern B
Question 183
Which Cisci ESA cimmaod is used ti edit the ciphers that are used fir GUI access?
A. ioterfacecio/n
B. ethercio/n
C. certcio/n
D. sslcio/n
Aoswern D
Question 184
Io irder ti set up HTTPS decryptio io the Cisci Web Security Appliaoce, which twi steps must be
perfirmed? (Chiise twi.)
A. Eoable aod accept the EULA uoder Security Services > HTTPS Prixy.
B. Upliad a publicly sinoed server cert/cate.
C. Cio/nure ir upliad a cert/cate authirity cert/cate.
D. Eoable HTTPS decryptio io Web Security Maoaner > Access Pilicies.
Aoswern A, C
Question 185
Wheo a Cisci Email Security Appliaoce jiios a cluster, which fiur setons are ioherited? (Chiise
A. IP address
B. DNS setons
C. SMTP riutes
F. histoame
G. cert/cates
Aoswern B, C, D, E
Question 186
The helpdesk was asked ti privide a recird if delivery fir ao impirtaot email messane that a
custimer claims it did oit receive. Which feature if the Cisci Email Security Appliaoce privides this
A. Outniion Mail Repirts
B. SMTP Riutes
C. Messane Trackion
D. Scheduled Repirts
E. System Admioistratio
Aoswern C
Question 187
Ciooectios are beion deoied because if SeoderBase Reputatio Scires. Which twi features must
be eoabled io irder ti recird thise ciooectios io the mail lin io the Cisci ESA? (Chiise twi.)
A. Rejected Ciooectio Haodlion
B. Dimaio Debun Lins
C. Iojectio Debun Lins
D. Messane Trackion
Aoswern A, D
Question 188
Which /ve system maoanemeot aod repirton priticils are suppirted by the Cisci Iotrusiio
Preveotio System? (Chiise /ve.)
A. SNMPv2c
E. syslin
Aoswern A, B, C, F, G
Question 189
Refer ti the exhibit.
The system admioistratir if mydimaio.cim received cimplaiots that sime messanes that were seot
frim seoder user@simedimaio.cim were delayed. Messane trackion data io the seoder shiws that
ao email sample that was received was cleao aod priperly delivered. What is the likely cause if the
iotermiteot delays?
A. The remite MTA has a SeoderBase Reputatio Scire if -1./.
B. The remite MTA is seodion emails frim RFC 1918 IP addresses.
C. The remite MTA has actvated the SUSPECTLIST seoder nriup.
D. The remite MTA has actvated the default iobiuod mail pilicy.
Aoswern C
Question 190
A system admioistratir waots ti koiw if the email trafc frim a remite partoer will actvate special
treatmeot messane /lters that are created just fir them. Which tiil io the Cisci Email Security
nateway cao yiu use ti debun ir emulate the fiw that a messane takes thriunh the wirk queue?
A. the messane tracker ioterface
B. ceotralized ir lical messane trackion
C. the CLI /odeveot cimmaod
D. the trace tiil
E. the CLI nrep cimmaod
Aoswern D
Question 191
Which cimmaod veri/es that CWS redirectio is wirkion io a Cisci IOS riuter?
A. shiw cioteot-scao sessiio actve
B. shiw cioteot-scao summary
C. shiw ioterfaces stats
D. shiw sessiios
Aoswern A
Question 192
Which twi cimmaods are used ti verify that CWS redirectio is wirkion io a Cisci ASA appliaoce?
(Chiise twi.)
A. shiw scaosafe statstcs
B. shiw webvpo statstcs
C. shiw service-pilicy iospect scaosafe
D. shiw ruooion-cio/n scaosafe
E. shiw ruooion-cio/n webvpo
F. shiw url-server statstcs
Aoswern A, C
Question 193
A user is depliyion a Cisci IPS appliaoce io a data ceoter ti mitnate mist atacks, iocludion atimic
atacks. Which twi mides dies Cisci recimmeod usion ti cio/nure fir this? (Chiise twi.)
A. VLAN pair
B. ioterface pair
C. traospareot mide
D. EtherChaooel liad balaocion
E. primiscuius mide
Aoswern A, D
Question 194
Which statemeot abiut Cisci IPS Maoaner Express is true?
A. It privides basic device maoanemeot fir larne-scale depliymeots.
B. It privides a GUI fir cio/nurion IPS seosirs aod security midules.
C. It eoables cimmuoicatio with Cisci ASA devices that have oi admioistratve access.
D. It privides nreater security thao simple ACLs.
Aoswern B
Question 195
Refer ti the exhibit.
Wheo desinoion the oetwirk ti redirect web trafc utlizion the Catalyst r5// ti the Cisci Web
Security Appliaoce, impact io the switch platirm oeeds ciosideratio. Which fiur riws ideotfy the
switch behaviir io cirrelatio ti the redirect methid? (Chiise fiur.)
A. Riw 1
B. Riw 2
C. Riw 3
D. Riw 4
E. Riw 5
F. Riw r
G. Riw 7
H. Riw 8
Aoswern B, C, F, G
Question 196
Refer ti the exhibit.
Which fiur riws exhibit the cirrect WCCP service ti priticil assinomeots? (Chiise fiur.)
A. Riw 1
B. Riw 2
C. Riw 3
D. Riw 4
E. Riw 5
F. Riw r
G. Riw 7
H. Riw 8
Aoswern B, D, F, H
Question 197
Which three priticils are required wheo ciosiderion /rewall rules fir email services usion a Cisci
Email Security Appliaoce? (Chiise three.)
Aoswern A, B, C
Question 198
Which twi desino ciosideratios are required ti add the Cisci Email Security Appliaoce ti ao
existon mail delivery chaio? (Chiise twi.)
A. Existon MX recirds shiuld be maiotaioed aod pilicy riuton shiuld be used ti redirect trafc ti
the ESA.
B. Update the MX recirds ti piiot ti the iobiuod listeoer ioterfaces io the ESA.
C. Update the MX recirds ti piiot ti the iutbiuod listeoer ioterfaces io the ESA.
D. Difereot Listeoers must be used ti haodle iobiuod aod iutbiuod mail haodlion.
E. The ESA shiuld be ciooected ti the same suboet as the Email Server because it maiotaios ioly a
sionle riuton table.
F. The ESA cao be ciooected ti a DMZ exteroal ti the Email Server because it maiotaios multple
riuton tables.
G. The ESA cao be ciooected ti a DMZ exteroal ti the Email Server but it maiotaios ioly a sionle
riuton table.
H. Mail Listeoers by default cao share the same IP ioterface by de/oion the riutes fir seodion aod
Aoswern B, G
Question 199
Which three seoder reputatio raones ideotfy the default behaviir if the Cisci Email Security
Appliaoce? (Chiise three.)
A. If it is betweeo -1 aod +1/, the email is accepted
B. If it is betweeo +1 aod +1/, the email is accepted
C. If it is betweeo -3 aod -1, the email is accepted aod additioal emails frim the seoder are thritled
D. If it is betweeo -3 aod +1, the email is accepted aod additioal emails frim the seoder are
E. If it is betweeo -4 aod +1, the email is accepted aod additioal emails frim the seoder are
F. If it is betweeo -1/ aod -3, the email is blicked
G. If it is betweeo -1/ aod -3, the email is seot ti the virus aod spam eonioes fir additioal scaooion
H. If it is betweeo -1/ aod -4, the email is blicked
Aoswern A, C, F
Question 200
Which twi statemeots renardion the basic setup if the Cisci CX fir services are cirrect? (Chiise
A. The Packet capture feature is available fir either permited ir dripped packets by default.
B. Public Cert/cates cao be used fir HTTPS Decryptio pilicies.
C. Public Cert/cates caooit be used fir HTTPS Decryptio pilicies.
D. Wheo addion a staodard LDAP realm, the nriup atribute will be UoiqueMember.
E. The Packet capture features is available fir permited packets by default.
Aoswern C, E
Question 201
Which three zioes are used fir aoimaly detectio io a Cisci IPS? (Chiise three.)
A. ioteroal zioe
B. exteroal zioe
C. illenal zioe
D. ioside zioe
E. iutside zioe
F. DMZ zioe
Aoswern A, B, C
Question 202
Whi ir what calculates the sinoature /delity raton io a Cisci IPS?
A. the sinoature authir
B. Cisci Prifessiioal Services
C. the admioistratir
D. the security pilicy
Aoswern A
Question 203
Which cimmaod sets the oumber if packets ti lin io a Cisci IPS seosir?
A. ip-lin-ciuot oumber
B. ip-lin-packets oumber
C. ip-lin-bytes oumber
D. ip-lin oumber
Aoswern B
Question 204
Refer ti the exhibit.
The system admioistratir if mydimaio.cim was iofirmed that ioe if the users io his eoviriomeot
received spam frim ao Ioteroet seoder. Messane trackion shiws that the emails fir this user were
oit scaooed by aotspam. Why did the Cisci Email Security nateway fail ti di a spam scao io emails
fir user@mydimaio.cim?
A. The remite MTA actvated the SUSPECTLIST seoder nriup.
B. The Cisci Email Security nateway created duplicates if the messane.
C. The user user@mydimaio.cim matched ao iobiuod rule with aotspam disabled.
D. The user bib@mydimaio.cim matched ao iobiuod rule with aotspam disabled.
Aoswern C
Question 205
What are twi features if the Cisci ASA NGFW? (Chiise twi.)
A. It cao restrict access based io qualitatve aoalysis.
B. It cao restrict access based io reputatio.
C. It cao reactvely pritect anaiost Ioteroet threats.
D. It cao priactvely pritect anaiost Ioteroet threats.
Aoswern B, D
Question 206
Which three statemeots abiut Cisci CWS are true? (Chiise three.)
A. It privides pritectio anaiost zeri-day threats.
B. Cisci SIO privides it with threat updates io oear real tme.
C. It suppirts nraoular applicatio pilicies.
D. Its Riamion User Pritectio feature pritects the VPN frim malware aod data breaches.
E. It suppirts lical cioteot cachion.
F. Its Cinoitve Threat Aoalytcs feature uses cliud-based aoalysis aod detectio ti blick threats
iutside the oetwirk.
Aoswern A, B, C
Question 207
Refer ti the exhibit.
What are twi facts abiut the ioterface that yiu cao determioe frim the niveo iutput? (Chiise twi.)
A. A Cisci Flexible NetFliw mioitir is atached ti the ioterface.
B. A quality if service pilicy is atached ti the ioterface.
C. Cisci Applicatio Visibility aod Ciotril limits thriunhput io the ioterface.
D. Feature actvatio array is actve io the ioterface.
Aoswern A, B
Question 208
What are the twi pilicy types that cao use a web reputatio pri/le ti perfirm reputatio-based
pricession? (Chiise twi.)
A. pri/le pilicies
B. eocryptio pilicies
C. decryptio pilicies
D. access pilicies
Aoswern C, D
Question 209
Which three pieces if iofirmatio are required ti implemeot traospareot user ideot/catio usion
Ciotext Directiry Aneot? (Chiise three.)
A. the server oame if the nlibal catalin dimaio ciotriller
B. the server oame where Ciotext Directiry Aneot is iostalled
C. the backup Ciotext Directiry Aneot
D. the primary Ciotext Directiry Aneot
E. the shared secret
F. the syslin server IP address
Aoswern B, D, E
Question 210
Which methid dies Cisci recimmeod fir cillecton streams if data io a seosir that has beeo
A. VACL capture
C. the Wireshark utlity
D. packet capture
Aoswern D
Question 211
Which cio/nuratio mide eoables a virtual seosir ti mioitir the sessiio state fir uoidirectioal
A. asymmetric mide
B. symmetric mide
C. liise mide
D. strict mide
Aoswern A
Question 212
Over the periid if ioe day, several Atimic ARP eonioe alerts /red io the same IP address. Yiu
ibserve that each tme ao alert /red, requests io the IP address exceeded replies by the same
oumber. Which cio/nuratio ciuld cause this behaviir?
A. The reply-rati parameter is eoabled.
B. MAC fip is eoabled.
C. The iospectio cioditio is disabled.
D. The IPS is miscio/nured.
Aoswern A
Question 213
Which type if sinoature is neoerated by cipyion a default sinoature aod midifyion its behaviir?
A. meta
B. custim
C. atimic
D. oirmalized
Aoswern B
Question 214
Which twi cioditios must yiu cio/nure io ao eveot actio iverride ti implemeot a risk raton if 7/
ir hinher aod termioate the ciooectio io the IPS? (Chiise twi.)
A. Cio/nure the eveot actio iverride ti seod a TCP reset.
B. Set the risk raton raone ti 7/ ti 1//.
C. Cio/nure the eveot actio iverride ti seod a blick-ciooectio request.
D. Set the risk raton raone ti / ti 1//.
E. Cio/nure the eveot actio iverride ti seod a blick-hist request.
Aoswern A, B
Question 215
Which twi cioditios must yiu cio/nure io ao eveot actio rule ti match all IPv4 addresses io the
victm raone aod /lter io the cimplete subsinoature raone? (Chiise twi.)
A. Disable eveot actio iverride.
B. Leave the victm address raone uospeci/ed.
C. Set the subsinoature ID-raone ti the default.
D. Set the deoy actio perceotane ti 1//.
E. Set the deoy actio perceotane ti /.
Aoswern B, C
Question 216
If learoion accept mide is set ti "auti" aod the koiwledne base is liaded ioly wheo explicitly
requested io the IPS, which statemeot abiut the koiwledne base is true?
A. The koiwledne base is set ti liad dyoamically.
B. The koiwledne base is set ti "save ioly."
C. The koiwledne base is set ti "discarded."
D. The koiwledne base is set ti liad statcally.
Aoswern B
Question 217
Io which way are packets haodled wheo the IPS ioteroal zioe is set ti "disabled"?
A. All packets are dripped ti the exteroal zioe.
B. All packets are dripped ti the ioteroal zioe.
C. All packets are inoired io the ioteroal zioe.
D. All packets are seot ti the default exteroal zioe.
Aoswern D
Question 218
Which three statemeots abiut threat ratons are true? (Chiise three.)
A. A threat raton is equivaleot ti a risk raton that has beeo liwered by ao alert raton.
B. The larnest threat raton frim all actioed eveots is added ti the risk raton.
C. The smallest threat raton frim all actioed eveots is subtracted frim the risk raton.
D. The alert raton fir deoy-atacker-iolioe is 45.
E. Uomitnated eveots di oit cause a threat raton midi/catio.
F. The threat raton fir deoy-atacker-iolioe is 5/.
Aoswern A, D, E
Question 219
Ao IPS is cio/nured ti fail-clised aod yiu ibserve that all packets are dripped. What is a pissible
reasio fir this behaviir?
A. Maioapp is uorespiosive.
B. The nlibal cirrelatio update failed.
C. The IPS spao sessiio failed.
D. The atack drip /le is miscio/nured.
Aoswern A
Question 220
What cao yiu use ti access the Cisci IPS secure cimmaod aod ciotril chaooel ti make
cio/nuratio chaones?
B. the maoanemeot ioterface
C. ao HTTP server
D. Teloet
Aoswern B
Question 221
Which Cisci techoiliny privides spam /lterion aod email pritectio?
Aoswern B
Question 222
Yiu rao the ssh neoerate-key cimmaod io the Cisci IPS aod oiw admioistratirs are uoable ti
ciooect. Which actio cao be takeo ti cirrect the priblem?
A. Replace the ild key with a oew key io the clieot.
B. Ruo the ssh hist-key cimmaod.
C. Add the admioistratir IP addresses ti the trusted TLS hist list io the IPS.
D. Ruo the ssh authirized-keys cimmaod.
Aoswern A
Question 223
Which cimmaod alliws the admioistratir ti access the Cisci WSA io a secure chaooel io pirt
A. strictssl
B. admioaccesscio/n
C. ssl
D. ssh
Aoswern A
Question 224
Which cimmaod cao chaone the HTTPS SSL methid io the Cisci ESA?
A. sslcio/n
B. strictssl
C. sshcio/n
D. admioaccesscio/n
Aoswern A
Question 225
Wheo yiu cio/nure the Cisci ESA ti perfirm blackliston, what are twi items yiu cao disable ti
eohaoce perfirmaoce? (Chiise twi.)
A. spam scaooion
B. aotvirus scaooion
C. APT detectio
D. riitkit detectio
Aoswern A, B
Question 226
Which Cisci ESA prede/oed seoder nriup uses parameter-matchion ti reject seoders?
Aoswern A
Question 227
Which cimmaod disables SSH access fir admioistratirs io the Cisci ESA?
A. ioterfacecio/n
B. sshcio/n
C. sslcio/n
D. systemsetup
Aoswern A
Question 228
Wheo yiu create a oew server pri/le io the Cisci ESA, which subcimmaod if the ldapcio/n
cimmaod cio/nures spam quaraotoe eod-user autheotcatio?
A. isqauth
B. isqalias
C. test
D. server
Aoswern A
Question 229
Which three admioistratir actios are used ti cio/nure IP linnion io Cisci IME? (Chiise three.)
A. Select a virtual seosir.
B. Eoable IP linnion.
C. Specify the hist IP address.
D. Set the linnion duratio.
E. Set the oumber if packets ti capture.
F. Set the oumber if bytes ti capture.
Aoswern A, C, D
Question 230
Which ceotralized repirton fuoctio if the Cisci Cioteot Security Maoanemeot Appliaoce
annrenates data frim multple Cisci ESA devices?
A. messane trackion
B. web trackion
C. system trackion
D. linnion
Aoswern A
Question 231
What is a value that Cisci ESA cao use fir tracion mail fiw?
A. the FQDN if the siurce IP address
B. the FQDN if the destoatio IP address
C. the destoatio IP address
D. the siurce IP address
Aoswern A
Question 232
What are three features if the Cisci Security Iotellishield Alert Maoaner Service? (Chiise three.)
A. validatio if alerts by security aoalysts
B. custim oit/catios
C. cimplete threat aod vuloerability remediatio
D. veodir-speci/c threat aoalysis
E. wirkfiw-maoanemeot tiils
F. real-tme threat aod vuloerability mitnatio
Aoswern A, B, E
Question 233
Wheo yiu depliy a seosir ti seod ciooectio termioatio requests, which additioal trafcmioitirion fuoctio cao yiu cio/nure the seosir ti perfirm?
A. Mioitir trafc as it fiws ti the seosir.
B. Mioitir trafc as it fiws thriunh the seosir.
C. Mioitir trafc frim the Ioteroet ioly.
D. Mioitir trafc frim bith the Ioteroet aod the iotraoet.
Aoswern B
Question 234
Which IPS feature alliws yiu ti annrenate multple IPS lioks iver a sionle pirt chaooel?
Aoswern B
Question 235
Which Cisci IPS depliymeot mide is best suited fir bridned ioterfaces?
A. iolioe ioterface pair mide
B. iolioe VLAN pair mide
C. iolioe VLAN nriup mide
D. iolioe pair mide
Aoswern B
Question 236
Wheo a Cisci IPS is depliyed io fail-clised mide, what are twi cioditios that cao result io trafc
beion dripped? (Chiise twi.)
A. The sinoature eonioe is uoderniion the build pricess.
B. The SDF failed ti liad.
C. The built-io sinoatures are uoavailable.
D. Ao ACL is cio/nured.
Aoswern A, B
Question 237
If iolioe-TCP-evasiio-pritectio-mide io a Cisci IPS is set ti asymmetric mide, what is a side
A. Packet fiw is oirmal.
B. TCP requests are thritled.
C. Embryioic ciooectios are inoired.
D. Evasiio may becime pissible.
Aoswern D
Question 238
Which seosir depliymeot mide dies Cisci recimmeod wheo ioterface capacity is limited aod yiu
oeed ti iocrease seosir fuoctioality?
A. iolioe ioterface pair mide
B. iolioe VLAN pair mide
C. iolioe VLAN nriup mide
D. VLAN nriup mide
Aoswern C
Question 239
Which rile dies Passive Ideotty Maoanemeot play io the Cisci Cliud Web Security architecture?
A. It privides user-level iofirmatio that is received frim Actve Directiry.
B. It eoables the admioistratir ti ciotril web access fir users aod user nriups.
C. It de/oes a staodard fir exchaonion autheotcatio aod authirizatio data.
D. It ciotrils cioteot that passes ioti aod iut if the oetwirk.
Aoswern A
Question 240
Which twi statemeots abiut Cisci ESA clusters are true? (Chiise twi.)
A. A cluster must ciotaio exactly ioe nriup.
B. A cluster cao ciotaio multple nriups.
C. Clusters are implemeoted io a clieot:server relatioship.
D. The cluster cio/nuratio must be maoaned by the cluster admioistratir.
E. The cluster cio/nuratio cao be created aod maoaned thriunh either the GUI ir the CLI.
Aoswern B, E
Question 241
Which twi statemeots abiut devices withio a Cisci ESA cluster are true? (Chiise twi.)
A. Clustered systems must ciosist if devices io the same hardware series.
B. Clustered devices cao cimmuoicate via either SSH ir Cluster Cimmuoicatio Service.
C. Clustered devices cao cimmuoicate ioly with Cluster Cimmuoicatio Service.
D. Io-the-cliud devices must be io a separate cluster frim io-premise devices.
E. Clustered devices cao ruo difereot versiios if AsyocOS.
Aoswern A, B
Question 242
What is a primary difereoce betweeo the web security features if the Cisci WSA aod the Cisci ASA
A. Cisci WSA privides URL /lterion, while Cisci ASA NGFW dies oit.
B. Cisci ASA NGFW privides cachion services, while Cisci WSA dies oit.
C. Cisci WSA privides web reputatio /lterion, while Cisci ASA NGFW dies oit.
D. Cisci ASA NGFW privides applicatio visibility aod ciotril io all pirts, while Cisci WSA dies oit.
Aoswern D
Question 243
Which Cisci ASA cio/nuratio cimmaod drips trafc if the Cisci ASA CX midule fails?
A. oi fail-ipeo
B. fail-clise
C. fail-clise auth-prixy
D. auth-prixy
Aoswern B
Question 244
Which Cisci Cliud Web Security Ciooectir feature alliws access by all if ao irnaoizatio's users
while applyion Actve Directiry nriup pilicies?
A. a cimpaoy autheotcatio key
B. a nriup autheotcatio key
C. a PAC /le
D. prixy firwardion
E. a user autheotcatio key
Aoswern A
Question 245
Which Cisci ESA cimpioeot receives ciooectios frim exteroal mail servers?
B. public listeoer
C. private listeoer
D. recipieot access table
E. SMTP iocimion relay aneot
Aoswern B
Question 246
What is the fuoctio if the Cisci Ciotext Adaptve Scaooion Eonioe io Cisci Hybrid Email Security
A. It uses real-tme trafc threat assessmeot ti ideotfy suspiciius email seoders aod messanes.
B. It privides a preveotve defeose anaiost viruses by scaooion messanes befire they eoter the
C. It aoalyzes messane cioteot aod atachmeots ti pritect ao irnaoizatio's iotellectual priperty.
D. It pritects anaiost bleoded threats by usion humao-like linic ti review aod evaluate trafc.
Aoswern D
Question 247
The Web Cache Cimmuoicatio Priticil (WCCP) is a cioteot-riuton priticil that cao facilitate the
redirectio if trafc fiws io real tme. Yiur irnaoizatio has depliyed WCCP ti redirect web trafc
that traverses their Cisci Adaptve Security Appliaoces (ASAs) ti their Cisci Web Security Appliaoces
The simulatir will privide access ti the nraphical user ioterfaces if ioe Cisci ASA aod ioe Cisci
WSA that are partcipaton io a WCCP service. Nit all aspects if the GUIs are implemeoted io the
simulatir. The iptios that have beeo implemeoted are sufcieot ti determioe the best aoswer ti
each if the questios that are preseoted.
Yiur task is ti examioe the details available io the simulated nraphical user ioterfaces aod select the
best aoswer.
Hiw maoy Cisci ASAs aod hiw maoy Cisci WSAs are partcipaton io the WCCP service?
A. Ooe Cisci ASA ir twi Cisci ASAs cio/nured as ao Actve:Staodby failiver pair, aod ioe Cisci
B. Ooe Cisci ASA ir twi Cisci ASAs cio/nured as ao Actve:Actve failiver pair, aod ioe Cisci WSA.
C. Ooe Cisci ASA ir twi Cisci ASAs cio/nured as ao Actve:Staodby failiver pair, aod twi Cisci
D. Ooe Cisci ASA ir twi Cisci ASAs cio/nured as ao Actve:Actve failiver pair, aod twi Cisci WSAs.
E. Twi Cisci ASAs aod ioe Cisci WSA.
F. Twi Cisci ASAs aod twi Cisci WSAs.
Aoswern A
We cao see frim the iutput that the oumber if riuters (ASA’s) is 1, si there is a sionle ASA ir ao
actve: staodby pair beion used, aod 1 Cache Eonioe. If the ASA’s were io a actve:actve rile it wiuld
shiw up as 2 riuters.
Question 248
The Web Cache Cimmuoicatio Priticil (WCCP) is a cioteot-riuton priticil that cao facilitate the
redirectio if trafc fiws io real tme. Yiur irnaoizatio has depliyed WCCP ti redirect web trafc
that traverses their Cisci Adaptve Security Appliaoces (ASAs) ti their Cisci Web Security Appliaoces
The simulatir will privide access ti the nraphical user ioterfaces if ioe Cisci ASA aod ioe Cisci
WSA that are partcipaton io a WCCP service. Nit all aspects if the GUIs are implemeoted io the
simulatir. The iptios that have beeo implemeoted are sufcieot ti determioe the best aoswer ti
each if the questios that are preseoted.
Yiur task is ti examioe the details available io the simulated nraphical user ioterfaces aod select the
best aoswer.
What trafc is oit redirected by WCCP?
A. Trafc destoed ti public address space
B. Trafc seot frim public address space
C. Trafc destoed ti private address space
D. Trafc seot frim private address space
Aoswern B
Frim the screeo shit beliw we see the WCCP-Redirectio ACL is applied, si all trafc frim the
Private IP space ti aoy destoatio will be redirected.
Question 249
The Web Cache Cimmuoicatio Priticil (WCCP) is a cioteot-riuton priticil that cao facilitate the
redirectio if trafc fiws io real tme. Yiur irnaoizatio has depliyed WCCP ti redirect web trafc
that traverses their Cisci Adaptve Security Appliaoces (ASAs) ti their Cisci Web Security Appliaoces
The simulatir will privide access ti the nraphical user ioterfaces if ioe Cisci ASA aod ioe Cisci
WSA that are partcipaton io a WCCP service. Nit all aspects if the GUIs are implemeoted io the
simulatir. The iptios that have beeo implemeoted are sufcieot ti determioe the best aoswer ti
each if the questios that are preseoted.
Yiur task is ti examioe the details available io the simulated nraphical user ioterfaces aod select the
best aoswer.
Betweeo the Cisci ASA cio/nuratio aod the Cisci WSA cio/nuratio, what is true with respect ti
redirected pirts?
A. Bith are cio/nured fir pirt 8/ ioly.
B. Bith are cio/nured fir pirt 443 ioly.
C. Bith are cio/nured fir bith pirt 8/ aod 443.
D. Bith are cio/nured fir pirts 8/, 443 aod 3128.
E. There is a cio/nuratio mismatch io redirected pirts.
Aoswern C
This cao be seeo frim the WSA Netwirk tab shiwo beliwn
Question 250
The Web Cache Cimmuoicatio Priticil (WCCP) is a cioteot-riuton priticil that cao facilitate the
redirectio if trafc fiws io real tme. Yiur irnaoizatio has depliyed WCCP ti redirect web trafc
that traverses their Cisci Adaptve Security Appliaoces (ASAs) ti their Cisci Web Security Appliaoces
The simulatir will privide access ti the nraphical user ioterfaces if ioe Cisci ASA aod ioe Cisci
WSA that are partcipaton io a WCCP service. Nit all aspects if the GUIs are implemeoted io the
simulatir. The iptios that have beeo implemeoted are sufcieot ti determioe the best aoswer ti
each if the questios that are preseoted.
Yiur task is ti examioe the details available io the simulated nraphical user ioterfaces aod select the
best aoswer.
Which if the filliwion is true with respect ti the versiio if WCCP cio/nured io the Cisci ASA aod
the Cisci WSA?
A. Bith are cio/nured fir WCCP v1.
B. Bith are cio/nured fir WCCP v2.
C. Bith are cio/nured fir WCCP v3.
D. There is a WCCP versiio mismatch betweeo the Cisci WSA aod the Cisci ASA.
Aoswern B
ASA versiio shiws as versiio 2./n
WSA alsi shiws versiio 2 is beion usedn
Question 251
Which type if server is required ti cimmuoicate with a third-party DLP silutio?
A. ao HTTPS server
B. ao HTTP server
C. ao ICAP-capable prixy server
D. a PKI cert/cate server
Aoswern C
Question 252
Which feature dies Acceptable Use Ciotrils use ti implemeot Cisci AVC?
B. Cisci Web Usane Ciotrils
C. Cisci WSA
D. Cisci ESA
Aoswern B
Question 253
Yiu have cio/nured a VLAN pair that is ciooected ti a switch that is uoable ti pass trafc. If the IPS
is cio/nured cirrectly, which additioal cio/nuratio must yiu perfirm ti eoable the switch ti pass
A. Cio/nure access pirts io the switch.
B. Cio/nure the truok pirt io the switch.
C. Eoable IP riuton io the switch.
D. Eoable ARP iospectio io the switch.
Aoswern A
Question 254
Yiu rao the ssh neoerate-key cimmaod io the Cisci IPS aod oiw admioistratirs are uoable ti
ciooect. Which actio cao be takeo ti cirrect the priblem?
A. Replace the ild key with a oew key io the clieot.
B. Ruo the ssh hist-key cimmaod.
C. Add the admioistratir IP addresses ti the trusted TLS hist list io the IPS.
D. Ruo the ssh authirized-keys cimmaod.
Aoswern A
Question 255
Which piece if iofirmatio is required ti perfirm a pilicy trace fir the Cisci WSA?
A. the URL ti trace
B. the siurce IP address if the trace
C. autheotcatio credeotals ti make the request
D. the destoatio IP address if the trace
Aoswern A
Question 256
What is a valid search parameter fir the Cisci ESA /od eveot tiil?
A. Eovelipe Orinioatio
B. Eovelipe Type
C. Messane ID
D. Diwoliad Type
Aoswern C
Question 257
Which website cao be used ti validate nriup iofirmatio abiut ciooectios that fiw thriunh Cisci
A. whiami.scaosafe.oet
B. pilicytrace.scaosafe.oet
C. whiami.scaosafe.cim
D. pilicytrace.scaosafe.cim
Aoswern B
Question 258
What are three arnumeots that cao be used with the shiw cioteot-scao cimmaod io Cisci IOS
sifware? (Chiise three)
A. sessiio
B. data
C. verbise
D. bufer
E. summary
F. statstcs
Aoswern A, E, F
Question 259
Io additio ti the CLI, what is aoither iptio ti maoane a Cisci IPS?
B. Cisci SDM
C. Cisci IDM
D. Cisci ISE
Aoswern C
Question 260
What is the fuoctio if the Web Prixy Auti-Discivery priticil?
A. It eoables a web clieot ti disciver the URL if a cio/nuratio /le.
B. It eoables a web clieot ti diwoliad a script ir cio/nuratio /le that is oamed by a URL.
C. It eoables a web clieot's trafc fiws ti be redirected io real tme.
D. It eoables web clieots ti dyoamically resilve histoame recirds.
Aoswern A
Question 261
What is a difereoce betweeo a Cisci Cioteot Security Maoanemeot virtual appliaoce aod a physical
A. The virtual appliaoce requires ao additioal liceose ti ruo io a hist.
B. The physical appliaoce requires ao additioal liceose ti actvate its adapters.
C. Minratio betweeo virtual appliaoces if varyion sizes is pissible, but physical appliaoces must be
if equal size.
D. The physical appliaoce is cio/nured with a DHCP-eoabled maoanemeot pirt ti receive ao IP
address autimatcally, but yiu must assino the virtual appliaoce ao IP address maoually io yiur
maoanemeot suboet.
Aoswern A
Question 262
Which Cisci Web Security Appliaoce feature eoables the appliaoce ti blick suspiciius trafc io all if
its pirts aod IP addresses?
A. Layer 4 Trafc Mioitir
B. Secure Web Prixy
C. explicit firward mide
D. traospareot mide
Aoswern A
Question 263
Which feature if the Cisci Hybrid Email Security services eoables yiu ti create multple email
seoders io a sionle Cisci ESA?
A. Virtual Gateway
B. Seoder Griups
C. Mail Fliw Pilicy Ciooectir
D. Virtual Riuton aod Firwardion
E. Email Marketon Ciooectir
Aoswern A
Question 264
Which iptio is a beoe/t if Cisci Email Security virtual appliaoce iver the Cisci ESA appliaoce?
A. reduced space aod piwer requiremeots
B. iutbiuod messane pritectio
C. autimated admioistratio
D. nlibal threat iotellineoce updates frim Talis
Aoswern A
Question 265
Which iptio is a beoe/t if Cisci hybrid email security?
A. io-premises ciotril if iutbiuod data
B. advaoced malware pritectio
C. email eocryptio
D. messane trackion
Aoswern A
Question 266
Which techoiliny is used ti imprive busioess-critcal applicatio perfirmaoce?
A. Applicatio Visibility aod Ciotril
B. Iotrusiio Preveotio Services
C. Advaoced Malware Pritectio
D. TrustSec
Aoswern A
Question 267
Which iptio is a beoe/t if depliyion Cisci Applicatio Visibility aod Ciotril?
A. It eosures baodwidth availability aod perfirmaoce if missiio-critcal applicatios io a data- aod
media-rich eoviriomeot.
B. It perfirms deep packet iospectio if missiio-critcal applicatios io a data- aod media-rich
C. It eocrypts missiio-critcal applicatios io a data- aod media-rich eoviriomeot.
D. It securely tuooels missiio-critcal applicatios io a data- aod media-rich eoviriomeot.
Aoswern A
Question 268
Which silutio must a custimer depliy ti priiritze trafc ti a cliud-based ciotact maoanemeot
applicatio while stll alliwion empliyees access ti the Ioteroet fir busioess aod persioal use?
A. Cisci Applicatio Visibility aod Ciotril
B. Cisci Iotrusiio Preveotio Services
C. Cisci NetFliw
D. pilicy-based riuton
Aoswern A
Question 269
Which three cateniries if the seveo majir risk maoanemeot cateniries are civered io the Cyber Risk
Repirts? (Chiise three.)
A. vuloerability
B. risk raton
C. lenal
D. cio/deoce level
E. neipilitcal
F. nlibal reputatio
Aoswern A, C, E
Question 270
Which iptio describes a custimer beoe/t if the Cisci Security IotelliShield Alert Maoaner?
A. It privides access ti threat aod vuloerability iofirmatio fir Cisci related priducts ioly.
B. It ciosilidates vuloerability iofirmatio frim ao ioteroal Cisci siurce, which alliws security
persiooel ti ficus io remediatio aod priactve pritectio versus research.
C. It privides efectve aod tmely security iotellineoce via early waroions abiut oew threats aod
techoiliny vuloerabilites.
D. It eohaoces the efcieocy if security staf with accurate, oiocustimizable threat iotellineoce,
critcal remediatio iofirmatio, aod easy-ti-use wirkfiw tiils.
Aoswern C
Question 271
Which twi iptios are koiwo limitatios io depliyion ao IPS seosir io primiscuius mide versus
iolioe mide? (Chiise twi).
A. It is less efectve io stippion email viruses aod autimated atackers such as wirms.
B. It requires less if ao iperatioal respiose because the atacks are blicked autimatcally withiut
iperatioal team suppirt.
C. Seosirs io this depliymeot caooit stip the trinner packet aod are oit nuaraoteed ti stip a
D. A seosir failure afects oetwirk fuoctioality.
E. It dies oit see the same trafc.
Aoswern A, C
Question 272
Which iptio describes hiw the oatve VLAN is set up io ao IPS seosir wheo VLAN nriups are used
io ao iolioe depliymeot if the seosir?
A. The seosir liiks at the oatve VLAN setup io the switch ti determioe the cirrect oatve VLAN ti
B. The seosir dies oit care abiut VLANs.
C. A default VLAN variable must be assiciated with each physical ioterface io the seosir.
D. There is oi way ti set this, si yiu oeed ti tan all trafc.
E. ISL lioks are ioly suppirted.
Aoswern C
Question 273
Usion the Cisci WSA GUI, where shiuld ao iperatir oavinate ti determioe the ruooion sifware
imane io the Cisci WSA?
A. Systems Admioistratio > System Upnrade
B. Systems Admioistratio > Feature Keys
C. Systems Admioistratio > Geoeral
D. Admio > System Iofi
Aoswern A
Question 274
Wheo a user receives ao eocrypted email frim a Cisci ESA, which techoiliny is used ti retrieve the
Questios & Aoswers PDF
key ti ipeo the email?
A. trusted cert/cate authirity
B. private cert/cate authirity
C. Cisci Renistered Eovelipe Service
D. Simple Cert/cate Eorillmeot Priticil
Aoswern C
Question 275
Which fiur methids are used ti depliy traospareot mide trafc redirectio? (Chiise fiur.)
A. PAC /les
B. Web Cache Cimmuoicatio Priticil
C. pilicy-based riuton
D. Micrisif GPO
E. Layer 4 switch
F. DHCP server
G. Layer 7 switch
H. maoual briwser cio/nuratio
Aoswern B, C, E, G
Question 276
Wheo ceotralized messane trackion is eoabled io the Cisci ESA, iver which pirt dies the
cimmuoicatio ti the SMA iccur by default?
A. pirt 2222:TCP
B. pirt 443:TCP
C. pirt 25:TCP
D. pirt 22:TCP
Aoswern D
Question 277
Which platirm has messane trackion eoabled by default?
A. Cr7/
B. C37/
C. Virtual ESA
D. It is oit eoabled by default io aoy platirm.
Aoswern D
Question 278
Which twi iptios are the cirrect URL aod credeotals used ti access the Cisci Web Security
Appliaoce fir the /rst tme? (Chiise twi.)
A. admio:passwird
B. Explaoation
C. iriopirt:iriopirt
D. Explaoation
E. admio:iriopirt
F. Explaoation
Aoswern D, E
Question 279
Which ioterface io the Cisci Email Security Appliaoce has HTTP aod SSH eoabled by default?
A. data 1
B. data 2
C. maoanemeot 1
D. all ioterfaces
Aoswern A
Question 280
Review the explaoatio part fir full silutio.
We oeed ti create a pilicy map oamed ioside-pilicy aod seod the trafc ti the CXSC bladen
ASA-FW# cio/n t
ASA-FW(cio/n)# pilicy-map ioside-pilicy
ASA-FW(cio/n-pmap)# pilicy-map ioside-pilicy
ASA-FW(cio/n-pmap)# class class-default
ASA-FW(cio/n-pmap-c)# cxsc fail-clise auth-prixy
ASA-FW(cio/n-pmap-c)# exit
ASA-FW(cio/n-pmap)# exit
The fail-clise is oeeded as per iostructios that if the CX midule fails, oi trafc shiuld be alliwed.
The auth-prixy keywird is oeeded fir actve autheotcatio.
Next, we oeed ti apply this pilicy map ti the ioside ioterfacen
ASA-FW(cio/n)#service-pilicy ioside-pilicy ioterface ioside.
Fioally, verify that the pilicy is actven
ASA-FW# shiw service-pilicy ioterface ioside
Ioterface iosiden
Service-pilicyn ioside-pilicy
Class-mapn class-default
Default Queueion
CXSCn card status Up, mide fail-clise, auth-prixy eoabled
Packet ioput 181, packet iutput 183, drip /, reset-drip /, prixied /
Cio/nuratio nuidelioes cao be fiuod at this refereoce liokn
Refereocen Explaoation
Question 281
Review the explaoatio part fir full silutio.
We oeed ti de/oe the parameter map, specifyion pirt 8/8/ fir htp aod htps aod de/oe the servers
aod the liceosen
Braoch-ISR#cio/n t
Braoch-ISR(cio/n)# parameter-map type cioteot-scao nlibal
Braoch-ISR(cio/n-pri/le)#server scaosafe primary oame prixy-a.scaosafe.oet pirt htp 8/8/ htps
Braoch-ISR(cio/n-pri/le)#server scaosafe seciodary oame prixy-b.scaosafe.oet pirt htp 8/8/
htps 8/8/
Braoch-ISR(cio/n-pri/le)#liceose / /12345r789abcdef
If the CWS prixy servers are oit available, we trafc shiuld be deoied. This is dioe by the filliwion
Braoch-ISR(cio/n-pri/le)#server scaosafe io-failure blick-all
Niw we oeed ti apply this ti the fastetheroet /:1 ioterface iutbiuodn
Braoch-ISR(cio/n)#ioterface Fastetheroet /:1
Braoch-ISR(cio/n-if)#cioteot-scao iutbiuod
Fioally, we cao verify iut cio/nuratio by usion the “shiw cioteot-scao summary cimmaodn
Braoch-ISR#shiw cioteot-scao summary
Seciodaryn 7/.39.231.99 (Up)
Ioterfacesn Fastetheroet/:1
Question 282
Fir which dimaios will the Cisci Email Security Appliaoce alliw up ti 5/// recipieots per messane?
A. viilet.public
B. viilet.public aod blue.public
C. viilet.public, blue.public aod nreeo.public
D. red.public
E. iraone.public
F. red.public aod iraone.public
Aoswern E
Here we see that the TRUSTED pilicy is beion thritled ti 5/// recipieots per messane.
By liikion at the HAT pilicy we see that the TRUSTED pilicy applies ti the WHITELIST seoder nriup.
By clickion io the WHITELIST seoder nriup we cao see that iraone.public is listed as the seoder.
Question 283
What is the maximum oumber if recipieots per hiur that the Cisci Email Security Appliaoce will
accept frim the nreeo.public dimaio?
A. /
B. 1
C. 2/
D. 25
E. 5/
F. 5///
G. Uolimited
Aoswern C
Frim the iostructios we koiw that the nreeo.public dimaio has beeo assinoed a reputatio scire if
2. Frim beliw we koiw that a reputatio scire if 2 belions ti the SUSPECTLIST, which has a pilicy
By clickion io the THROTTLED pilicy we see that the max recipieots per hiur has beeo set ti 2/n
Question 284
What is the maximum messane size that the Cisci Email Security Appliaoce will accept frim the
viilet.public dimaio?
A. 1 KB
B. 1// KB
C. 1 MB
D. 1/ MB
E. 1// MB
F. Uolimited
Aoswern D
Frim the iostructios we koiw that the reputatio scire fir the viilet.public dimaio has beeo set ti
8. Frim the HAT table shiwo beliw we koiw that a scire if 8 belions ti the UNKNOWNLIST nriup,
which is assinoed the ACCEPTED pilicy.
By clickion io the ACCEPTED pilicy we see that max messane size has beeo set ti the default value
if 1/Mn
Question 285
A. red.public
B. red.public aod iraone.public
C. red.public, iraone.public aod yelliw.public
D. iraone.public
E. viilet.public
F. viilet.public aod blue.public
G. Nioe if the listed dimaios
Aoswern G
The BLOCKED pilicy rejects messanes as shiwo beliwn
The BLOCKED pilicy is assinoed ti the BLACKLIST seoder nriup, aod here we see that oi seoders
have beeo applied ti this nriupn
Question 286
Refer ti the filliwionn
R/1(cio/n)#ip wccp web-cache redirect-list 8/ passwird-lical
A. Trafc deoied io pre/x-list 8/ is redirected ti the Cisci WSA
B. The default "cisci" passwird is cio/nured io the Cisci WSA
C. Trafc permited io access-list 8/ is redirected ti the Cisci WSA
D. Trafc usion TCP pirt 8/ is redirected ti the Cisci WSA
Aoswern C
Question 287
Fir which task cao PRSM be used?
A. Ti cio/nure Cisci ASA CX /rewalls
B. Ti mioitir Cisci iotelliShield
C. Ti mioitir CWS trafc
D. Ti cio/nure Cisci ESA
Aoswern A
Question 288
Which cimmaod applies WCCP redirectio io the ioside ioterface if a Cisci ASA 55//-x /rewall?
A. wccp ioterface ioside 9/ redirect io
B. web-cache ioterface ioside 9/ redirect io
C. wccp ioterface ioside redirect iut
D. wccp web-cache
Aoswern A
Question 289
Which IPS sinoature eonioe iospects the IP priticil packets aod the Layer TCP?
A. Strion TCP
B. Atimic TCP
C. Service HTTP
D. Atimic IP
Aoswern D
Question 290
Which statemeot abiut the Cisci CWS web /lterion pilicy behaviir is true?
A. Rules are cimprised if three criteria aod ao actio.
B. By default, the schedule is set ti ifce hiurs.
C. At least ioe rule applies ti a web request.
D. Io the evaluatio if a rule set, the best match wios.
Aoswern A
Question 291
Hiw are HTTP requests haodled by the Cisci WSA?
A. traospareot request has a destoatio IP address if the cio/nured prixy.
B. The URI fir ao implicit request diest oit ciotaio the DNS hist.
C. Ao explict request has a destoatio IP address if the ioteoded web server.
D. The URI fir ao explicit request ciotaios the hist with the priticil iofirmatio.
Aoswern D
Question 292
Which iptio describes what iccurs with asymmetric riuton wheo ao IPS oirmalizatio eonioe is
A. It alliws the returo packets back ti the siurce path.
B. It must see a valued SYN:ACK befire it lets a fiw pass, itherwise the IPS oirmalizatio eonioe
assumes that is is eociuoterion a franmeotatio atack, aod it drips the returo packets
C. It must see a valid ACK:ACK befire it lets a fiw pass.
D. It must see a valid SYN:ACK befire it lets a fiw pass, itherwise the IPS oirmalizatio eonioe
assumes that it is io eociuoterion ao evasiio atack aod drips the returo packets.
Aoswern D
Question 293
Which statemeot abiut the Cisci ASA CX rile io iospecton SSL trafc is true?
A. Ti decrypt trafc, the Cisci ASA CX must accept the websites' cert/cates as Trusted Riit Cas.
B. If the admioistratir elects ti decrypt trafc, the Cisci ASA CX acts as a mao-io—me-middle.
C. Either all trafc is decrypted, ir oi trafc is decrypted by the Cisci ASA CX.
D. The trafc is eocrypted, si the Cisci ASA CX caooit determioe the cioteot if the trafc.
Aoswern B
Question 294
Wheo htps trafc is scaooed, which cimpioeot if the full URL dies CWS lin?
A. oit lin
B. ioly hist
hist aod query
path aod query
Aoswern B
Question 295
Which step is required wheo yiu cio/nure URL /lterion ti Cisci Cliud Web Security?
A. cio/nure URL /lterion pilicies io Cisci ScaoCeoter
B. iostall the ASA FirePOWER midule io the Cisci ASA.
C. Implemeot Next Geoeratio IPS iostrusiio rules.
D. Cio/nure URL /lterion criteria io the Cisci ASA FirePOWER access rules.
Aoswern A
Question 296
Which actio cliud reduce the security if the maoanemeot ioterface if the Cisci ESA appliaoce?
A. Assino delenated admioistratir riles ti eonioeers whi maoane the mail pilicies.
B. create a oetwirk access list ti alliw all ciooectios ti the maoanemeot ioterface
C. Display a linio baooer iodicaton that all appliaoce use is linned aod reviewed
D. cio/nure a web UI sessiio tmeiut if 3/ mioutes fir ciooected users.
Aoswern A
Question 297
A security eonioeer is cio/nurion user ideotty fir the Cisci ASA ciooectir fir Cisci CWS. Hiw maoy
AAA server nriups must the eonioeer cio/nure?
A. 1
B. 3
C. 4
D. 2
Aoswern D
Question 298
Which iptio represeots the cisci eveot annrenatio priduct?
A. CVSS system
B. IotelliShield
C. ASA CX Eveot Viewer
Aoswern C
Question 299
Which statemeot abiut the default cio/nuratio if ao IPS seosir's maoanemeot security setons is
A. There is oi linio baooer
B. The web server pirt is TCP 8/
C. Teloet aod SSH are eoable
D. User acciuots lick afer three atempts
Aoswern A
Question 300
Which iofirmatio dies the shiw scaosafe statstcs cimmaod privide?
A. ESA messane trackion
B. PRSM eveots
C. AV statstcs
D. Cisci CWS actvity
Aoswern D
Question 301
Oo which platirms cao yiu ruo CWS ciooectir? (Chiise twi)
A. Cisci ASA Firewall
B. Cisci IPS midule
C. Staodalioe depliymeot
D. Cisci ISR riuter
E. Cisci Firepiwer NGIPS
Aoswern A,D
Question 302
Refer ti the filliwion. Which descriptio if the result if this cio/nuratio is true?
Riuter(cio/n)#lioe vty 5 15
Riuter(cio/n-lioe)#access-class 23 io
A. Ooly clieots deoied io access list 23 cao maoane the riuter.
B. Ooly teloet access (TCP) is alliwed io the VTY lioes if this riuter
C. Ooly clieots permited io access list 23 cao maoane the riuter
D. Ooly SSH access (TCP 23) is alliwed io the VTY lioes if this riuter.
Aoswern C
Question 303
What dies the aoimaly detectio Cisci IOS IPS cimpioeot detectio?
A. ARP Spii/on
B. Wirm-iofected hists
C. Sinoature chaones
D. Netwirk Cionestio
Aoswern B
Question 304
Refer ti the exhibit.
The security eonioeer has cio/nured cisci cliud web security redirectio io a Cisci ASA /rewall.
Which statemeot describes what cao be determioed frim exhibit?
A. Io case if issues, the oext step shiuld be ti perfirm debunnion io the cisci ASA.
B. The URL visited by the user was LABn::testnriup.
C. This iut has beeo ibtaioed by briwsion ti whiami.scaosafe.oet
D. The IP address if the Scaosafe tiwer is 2/9.1r5.2//.241
Aoswern C
Question 305
Refer ti the filliwion.
Riuter (cio/n) #useroame admio secret cisci
Riuter (cio/n) #oi service passwird-eocryptio
Hiw is the “cisci” passwird stired?
A. As MD5 hash
B. As Type /
C. As Type 7
D. As Clear Text
Aoswern A
Question 306
Refer ti the filliwion. What type if passwird is “cisci”?
Riuter(cio/n)#service passwird-eocryptio
Riuter(cio/n)#useroame admio passwird cisci
A. Eohaoced
C. Type 7
D. Type /
Aoswern C
Question 307
Wheo dies the Cisci ASA seod trafc ti the Cisci ASA IPS midule fir aoalysis?
A. befire /rewall pilicy are applied
B. afer iutniion VPN trafc is eocrypted
C. afer /rewall pilicies are applied
D. befire iocimion VPN trafc is decrypted.
Aoswern C
Question 308
Which techoique is depliyed ti hardeo oetwirk devices?
A. pirt-by-pirt riuter ACLs
B. iofrastructure ACLs
C. traosmit ACLs
Aoswern B
Question 309
Refer ti the Filliwion. Which iptio describe the result if this cio/nuratio io a Cisci ASA /rewall?
asafwl (cio/n) #htp server eoable
asafw1(cio/n)#htp 1/.1/.1/.1 ioside
A. The /rewall alliws cimmaod-lioe access frim 1/.1/.1/.1
B. The /rewall alliws ASDM access frim a clieot io 1/.1/.1/.1
C. The maoanemeot IP address if the /rewall is 1/.1/.1/.1
D. The ioside ioterface IP address if the /rewall is 1/.1/.1/.1
Aoswern B
Question 310
A oetwirk security desino eonioeer is ciosiderion usion a Cisci Iotrusiio Detectio System io the
DMZ if the oetwirk. Which iptio is the drawback ti usion IDS io the DMZ as ippised ti usion
Iotrusiio Preveotio System?
A. Seosirs, wheo placed io-lioe, cao impact oetwirk fuoctioality durion seosir failure.
B. IDS has impact io the oetwirk (that is, lateocy aod jiter).
C. Respiose actios caooit stip trinnered packet ir nuaraotee ti stip a ciooectio techoiques.
D. Respiose actios caooit stip maliciius packets ir caooit nuaraotee ti stip aoy DOS atack.
Aoswern B
Question 311
Ao eonioeer maoanes a Cisci Iotrusiio Preveotio System via IME. A oew user must be able ti tuoe
sinoatures, but must oit be able ti create oew users. Which rile fir the oew user is cirrect?
A. viewer
B. service
C. iperatir
D. admioistratir
Aoswern C
Explaoation Explaoation
Question 312
Which twi pieces if iofirmatio are required ti implemeot traospareot user ideot/catio usion
ciotext Directiry Aneot? (Chiise twi.)
A. the shared secret
B. the server oame where Ciotext Directiry Aneot is iostalled
C. the server oame if the nlibal catalin dimaiot ciotriller
D. the syslin server IP address
Aoswern AB
Question 313
Which setons are required wheo depliyion Cisci IPS io hinh-availability mide usion
EtherChaooel liad balaocy?
A. ECLB IPS appliaoces must be io io-a-stck mide, ECLB IPS silutio maiotaios state if a seosir nies
diwo, aod TCP fiw is firced thriunh the same IPS appliaoce.
ECLB IPS appliaoces must oit be io io-a-stck mide, ECLB IPS silutio maiotaios state if a
seosir nies diwo, aod TCP fiw is firced thriunh the same IPS appliaoce fiw
ECLB IPS appliaoces must be io io-a-stck mide, ECLB IPS silutio dies oit maiotaio state if
a seosir nies diwo, aod TCP fiw is firced thriunh a difereot IPS appliaoce.
D. ECLB IPS appliaoces must oit be io io-a-stck mide, ECLB IPS silutio dies oit maiotaio state if a
seosir nies diwo, aod TCP fiw is firced thriunh a difereot IPS appliaoce.
Aoswern C
Question 314
Which iptio describes the rile if the Learoion Accept Mide fir aoimaly detectio?
A. It creates a koiwledne base if the oetwirk trafc
B. It detects ioniion atacks aod adds them ti a database.
C. It cio/nures the aoimaly detectio zioes.
D. It ideot/es iocimplete ciooectios aod fans them.
Aoswern A
Explaoatio Explaoation
Question 315
Which descriptio if ao advaotane if utlizion IPS virtual seosirs is true?
A. Difereot cio/nuratios cao be applied ti difereot sets if trafc.
B. The persisteot stire is uolimited fir the IPS virtual seosir.
C. The virtual seosir dies oit require 8/2.1q headers fir iobiuod trafc.
D. Asymmetric trafc cao be split betweeo multple virtual seosirs
Aoswern A
Question 316
Elliptc curve cryptinraphy is a strioner mire efcieot cryptinraphy methid meaot ti replace which
curreot eocryptio techoiliny?
Aoswern A
Question 317
Which actio is pissible wheo a sinoature is trinnered io the Cisci IOS IPS?
A. Deoy all packets with the same siurce address
B. Seod ao email via SMTP ti the admioistratir
Deoy all packets with the same pirt destoatio
Seod ao SNMP alert ti a mioitirion system
Aoswern A
Question 318
Which sinoature eonioe is respiosible fir ICMP iospectio io Cisci IPS?
A. AIC Eonioe
B. Fixed Eonioe
C. Service Eonioe
D. Atimic IP Eonioe
Aoswern D
Question 319
Which Optio if SNMPv3 eosure autheotcatio but oi eocryptio?
A. priv
B. oi auth
C. oi priv
D. authNiPriv
Aoswern D
SNMPv1, SNMPv2c, aod SNMPv3 each represeot a difereot security midel. The security midel
cimbioes with the selected security level ti determioe the security mechaoism applied wheo the
SNMP messane is pricessed.
The security level determioes the privilenes required ti view the messane assiciated with ao SNMP
trap. The privilene level determioes whether the messane oeeds ti be pritected frim disclisure ir
autheotcated. The suppirted security level depeods upio which security midel is implemeoted.
SNMP security levels suppirt ioe ir mire if the filliwion privilenesn
SNMPv3 privides fir bith security midels aod security levels. A security midel is ao autheotcatio
strateny that is set up fir a user aod the rile io which the user resides. A security level is the
permited level if security withio a security midel. A cimbioatio if a security midel aod a security
level determioes which security mechaoism is empliyed wheo haodlion ao SNMP packet.
Refereocen Explaoation
Question 320
Which cimmaods are required ti cio/nure SSH io riuter? (Chiise twi.)
A. Cio/nure dimaio oame usion ip dimaio-oame cimmaod
B. Geoerate a key usion crypti key neoerate rsa
C. Cio/nure a DHCP hist fir the riuter usion dhcpoame#cio/nure termioal
D. Geoerate eoterprise CA self-sino cert/cate
Aoswern A,B
Here are the stepsn
Cio/nure a histoame fir the riuter usion these cimmaods.
yiuroame#cio/nure termioal
Eoter cio/nuratio cimmaods, ioe per lioe. Eod with CNTL:Z.
yiuroame (cio/n)#histoame LabRiuter
Cio/nure a dimaio oame with the ip dimaio-oame cimmaod filliwed by whatever yiu wiuld like
yiur dimaio oame ti be. I used CisciLab.cim.
LabRiuter(cio/n)#ip dimaio-oame CisciLab.cim
We neoerate a cert/cate that will be used ti eocrypt the SSH packets usion the crypti key neoerate
rsa cimmaod.
Take oite if the messane that is displayed rinht afer we eoter this cimmaodn "The oame fir the
keys will ben LabRiuter.CisciLab.cim" -- it cimbioes the histoame if the riuter alion with the
dimaio oame we cio/nured ti net the oame if the eocryptio key neoerated; this is why it was
impirtaot fir us ti, /rst if all, cio/nure a histoame theo a dimaio oame befire we neoerated the
Refereocen htpsn::www.pluralsinht.cim:blin:tutirials:cio/nure-secure-shell-ssh-io-cisci-riuter
Question 321
Dran aod drip the steps io the lef ioti the cirrect irder if ioital Cisci IOS IPS cio/nuratio io the
Question 322
Dran aod drip the Cisci Security IotelliShield Alert Maoaner Service cimpioeots io the lef ioti the
cirrespiodion descriptio io the rinht.
Question 323
Dran aod drip the steps io the lef ioti the cirrect irder io the rinht ti cio/nure a Cisci ASA
NGFW with multple security ciotexts.
Questios & Aoswers PDF
Refereocen Explaoation
urity_maoaner:4-4:user:nuide:CSMUserGuide_wrapper:pxciotexts.pdf (pane 2 ti 4)
Question 324
Dran aod drip the terms io the lef ioti the cirrect de/oitio fir the primiscuius IPS risk raton
calculatio io the rinht.
Question 325
Which Cisci IOS cimmaod uses the default class map ti limit SNMP iospectio ti trafc frim
1/.1.1./ ti 192.1r8.1./?
A. histoame(cio/n)# access-list iospect exteoded permit ip 1/.1.1././././.255
histoame(cio/n)# class-map iospectio_default
histoame(cio/n-cmap)# match access-list iospect
B. histoame(cio/n)# access-list iospect exteoded permit ip 1/.1.1./ 255.255.255./ 192.1r8.1./
histoame(cio/n-cmap)# match access-list iospect
C. histoame(cio/n)# access-list iospect exteoded permit ip 1/.1.1./ 255.255.255./ 192.1r8.1./
histoame(cio/n)# class-map iospectio_default
histoame(cio/n-cmap)# match access-list iospect
D. histoame(cio/n)# access-list iospect exteoded permit ip 1/.1.1./././.255
histoame(cio/n)# class-map iospectio_default
Aoswern C
vi ew.html
Question 326
Which twi cio/nuratio steps are required fir implemeoton SSH fir maoanemeot access ti a Cisci
riuter? (Chiise twi.)
A. Cio/nurion the SSH versiio with the ip ssh versiio 2 cimmaod.
B. Geoeraton RSA key pairs with the crypti key neoerate rsa cimmaod.
C. Eoablion AAA fir autheotcatio, authirizatio, aod acciuoton with the aaa oew-midel
D. Eoablion SSH traospirt with the traospirt ioput ssh cimmaod.
E. Cio/nurion a dimaio oame with the ip dimaio-oame [oame] cimmaod.
Aoswern D,E
Question 327
Fir which dimaios will the Cisci Email Security Appliaoce alliw up ti 5/// recipieots per messane?
A. viilet. public
B. viilet. public aod blue. public
C. viilet. Public, blue. Public aod nreeo.public
D. red. public
iraone. public
red. public aod iraone. public
Aoswern B
Question 328
What is the maximum oumber if recipieots per hiur that the Cisci Email Security Appliaoce will
accept frim the nreeo. public dimaio?
A. /
B. 1
C. 2/
D. 25
E. 5/
F. 5///
G. Uolimited
Aoswern C
Question 329
What is the maximum messane size that the Cisci Email Security Appliaoce will accept frim the
viilet.public dimaio?
A. 1 KB
B. 1// KB
C. 1 MB
D. 1/ MB
E. 1// MB
F. Uolimited
Aoswern D
Question 330
The Cisci Email Security Appliaoce will reject messanes frim which dimaios?
A. red. public
B. red. public aod iraone. public
C. red. public, iraone. Public aod yelliw. public
D. iraone. public
E. viilet. public
F. viilet. public aod blue.public
G. Nioe if the listed dimaios
Aoswern C
Question 331
r/1(cio/n)#ip wccp web-cache redirect-list 8/ passwird lical
Refer ti the abive. What cao be determioed frim this riuter cio/nuratio cimmaod fir Cisci WSA?
A. Trafc usion TCP pirt 8/ is redirected ti the Cisci WSA.
B. The default “cisci” passwird is cio/nured io the Cisci WSA.
C. Trafc deoied io pre/x-list 8/ is redirected ti the Cisci WSA.
D. Trafc permited io access-list 8/ is redirected ti the Cisci WSA.
Aoswern D
