EnsurepassQUESTION 121 Which method does Cisco recommend for collecting streams of data on a sensor that has been virtualized?   A. VACL capture B. SPAN C. the Wireshark utility D. packet capture   Correct Answer: D     QUESTION 122 Which configuration mode enables a virtual sensor to monitor the session state for unidirectional traffic?< /span>   A. asymmetric mode B. symmetric mode C. loose mode D. strict mode   Correct Answer: A   Read more [...]
EnsurepassQUESTION 111 Which two statements regarding the basic setup of the Cisco CX for services are correct? (Choose two.)   A. The Packet capture feature is available for either permitted or dropped packets by default. B. Public Certificates can be used for HTTPS Decryption policies. C. Public Certificates cannot be used for HTTPS Decryption policies. D. When adding a standard LDAP realm, the group attribute will be UniqueMember. E. The Packet capture features is available Read more [...]
EnsurepassQUESTION 101 A system administrator wants to know if the email traffic from a remote partner will activate special treatment message filters that are created just for them. Which tool on the Cisco Email Security gateway can you use to debug or emulate the flow that a message takes through the work queue?   A. the message tracker interface B. centralized or local message tracking C. the CLI findevent command D. the trace tool E. the CLI grep command   Correct Answer: Read more [...]
EnsurepassQUESTION 91 What command alters the SSL ciphers used by the Cisco Email Security Appliance for TLS sessions and HTTPS access?   A. sslconfig B. sslciphers C. tlsconifg D. certconfig   Correct Answer: A     QUESTION 92 Joe was asked to secure access to the Cisco Web Security Appliance to prevent unauthorized access. Which four steps should Joe implement to accomplish this goal? (Choose four.)   A. Implement IP access lists to limit access to the Read more [...]
EnsurepassQUESTION 71  To what extent will the Cisco IPS sensor contribute data to the Cisco SensorBase network?   A. It will not contribute to the SensorBase network. B. It will contribute to the SensorBase network, but will withhold some sensitive information C. It will contribute the victim IP address and port to the SensorBase network. D. It will not contribute to Risk Rating adjustments that use information from the SensorBase network.   Correct Answer: B Explanation: Read more [...]
EnsurepassQUESTION 81 What Event Action in an IPS signature is used to stop an attacker from communicating with a network using an access-list?   A. Request Block Host B. Deny Attacker Inline C. Deny Connection Inline D. Deny Packet Inline E. Request Block Connection   Correct Answer: A     QUESTION 82 Within Cisco IPS anomaly detection, what is the default IP range of the external zone?   A. B. - C. Read more [...]
EnsurepassQUESTION 61 The Web Security Appliance has identities defined for faculty and staff, students, and default access. The faculty and staff identity identifies users based on the source network and authenticated credentials. The identity for students identifies users based on the source network along with successful authentication credentials. The global identity is for guest users not authenticated against the domain. Recently, a change was made to the organization's security policy to allow Read more [...]
EnsurepassQUESTION 51 What are the initial actions that can be performed on an incoming SMTP session by the workqueue of a Cisco Email Security Appliance?   A. Accept, Reject, Relay, TCPRefuse B. LDAP Verification, Envelope Sender Verification, Bounce Verification, Alias Table Verification C. Recipient Access Table Verification, Host DNS Verification, Masquerading, Spam Payload Check D. SMTP Authentication, SBRS Verification, Sendergroup matching, DNS host verification   Correct Read more [...]
EnsurepassQUESTION 41 With Cisco IDM, which rate limit option specifies the maximum bandwidth for rate-limited traffic?   A. protocol B. rate C. bandwidth D. limit   Correct Answer: B     QUESTION 42 Which two benefits are provided by the dynamic dashboard in Cisco ASDM Version 5.2? (Choose two.)   A. It configures system polices for NAC devices. B. It forwards traffic to destination devices. C. It provides statistics for device health. D. It replaces Read more [...]
EnsurepassQUESTION 31 Which Cisco technology prevents targeted malware attacks, provides data loss prevention and spam protection, and encrypts email?   A. SBA B. secure mobile access C. IPv6 DMZ web service D. ESA   Correct Answer: D     QUESTION 32 Which Cisco technology combats viruses and malware with virus outbreak filters that are downloaded from Cisco SenderBase?   A. ASA B. WSA C. Secure mobile access D. IronPort ESA E. SBA   Correct Read more [...]
EnsurepassQUESTION 21 What are three best practices for a Cisco Intrusion Prevention System? (Choose three.)   A. Checking for new signatures every 4 hours B. Checking for new signatures on a staggered schedule C. Automatically updating signature packs D. Manually updating signature packs E. Group tuning of signatures F. Single tuning of signatures   Correct Answer: BCE       QUESTION 22 Who or what calculates the signature fidelity rating?   Read more [...]