NEW QUESTION 1
In a Cisco AMP for Networks deployment, which disposition is returned if the cloud cannot be reached?

• A. clean
• B. disconnected
• C. unavailable
• D. unknown

Answer: C

NEW QUESTION 2




The Cisco Email Security Appliance will reject messages from which domains?

• A. re
• B. public
• C. re
• D. public and orang
• E. public
• F. re
• G. public, orang
• H. Public and yello
• I. public
• J. orang
• K. public
• L. viole
• M. public
• N. viole
• O. public and blue.public
• P. None of the listed domains

Answer: C

NEW QUESTION 3
Which type of server is required to communicate with a third-party DLP solution?

• A. an ICAP-capable proxy server
• B. a PKI certificate server
• C. an HTTP server
• D. an HTTPS server

Answer: A

NEW QUESTION 4
Which Cisco Web Security Appliance feature enables the appliance to block suspicious traffic on all of its ports and IP addresses?

• A. explicit forward mode
• B. Layer 4 Traffic Monitor
• C. transparent mode
• D. Secure Web Proxy

Answer: B

NEW QUESTION 5
Which statement about the Cisco CWS web filtering policy behavior is true?

• A. Rules are comprised of three criteria and an action.
• B. By default, the schedule is set to office hours.
• C. At least one rule applies to a web request.
• D. In the evaluation of a rule set, the best match wins.

Answer: A

NEW QUESTION 6
Which tools are used to analyze Endpoints for AMP file activity performed on endpoints?

• A. File Trajectory
• B. Device Trajectory
• C. File Analysis
• D. Prevalence

Answer: C

Explanation: Explanation
Cisco AMP for Endpoints File Analysis (Figure 4), backed by the Talos Security Intelligence and Research Group and powered by AMP’s built-in sandboxing technology (Threat Grid), provides a safe, highly secure sandbox environment for you to analyze the behavior of malware and suspect files. File analysis produces detailed information on file behavior, including the severity of behaviors, the original filename, screenshots of the malware executing, and sample packet captures.Armed with this information, you’ll have a better understanding of what is necessary to contain the outbreak and block future attacks.

NEW QUESTION 7
Which CLI command is used to register a Cisco FirePOWER sensor to Firepower Management Center?

• A. configure system add <host><key>
• B. configure manager <key> add host
• C. configure manager delete
• D. configure manger add <host><key>

Answer: A

Explanation: http://www.cisco.com/c/en/us/td/docs/security/firepower/60/configuration/guide
/fpmc-config-guide-v60/fpmc-config-guide-v60_appendix_01011110.html#ID-2201-00000005

NEW QUESTION 8
Which Cisco technology secures the network through malware filtering, category-based control, and reputation-based control?

• A. Cisco ASA 5500 Series appliances
• B. Cisco IPS
• C. Cisco remote-access VPNs
• D. Cisco WSA

Answer: D

NEW QUESTION 9
What three alert notification options are available in Cisco IntelliShield Alert Manager? (Choose three.)

• A. Alert Summary as Text
• B. Complete Alert as an HTML Attachment
• C. Complete Alert as HTML
• D. Complete Alert as RSS
• E. Alert Summary as Plain Text
• F. Alert Summary as MMS

Answer: ABC

NEW QUESTION 10
What are 2 types or forms of suppression on a FirePower policy (or FTD)?

• A. source
• B. port
• C. rule
• D. protocol
• E. application

Answer: AC

NEW QUESTION 11
Which object can be used on a Cisco FirePOWER appliance, but not in an access control policy rule on Cisco FirePOWER services running on a Cisco ASA?

• A. URL
• B. security intelligence
• C. VLAN
• D. geolocation

Answer: C

NEW QUESTION 12
What is the authentication method for an encryption envelope that is set to medium security?

• A. The recipient must always enter a password, even if credentials are cached.
• B. A password is required, but cached credentials are permitted.
• C. The recipient must acknowledge the sensitivity of the message before it opens.
• D. The recipient can open the message without authentication.

Answer: B

NEW QUESTION 13
Which option is a benefit of Cisco hybrid email security?

• A. on-premises control of outbound data
• B. advanced malware protection
• C. email encryption
• D. message tracking

Answer: A

NEW QUESTION 14
Drag and drop the steps on the left into the correct order of initial Cisco IOS IPS configuration on the right.

Answer:

Explanation:

NEW QUESTION 15
When you create a new server profile on the Cisco ESA, which subcommand of the ldapconfig command configures spam quarantine end-user authentication?

• A. server
• B. test
• C. isqalias
• D. isqauth

Answer: D

NEW QUESTION 16
Which method does Cisco recommend for collecting streams of data on a sensor that has been virtualized?

• A. VACL capture
• B. SPAN
• C. the Wireshark utility
• D. packet capture

Answer: D

NEW QUESTION 17
When a user receives an encrypted email from a Cisco ESA, which technology is used to retrieve the key to open the email?

• A. trusted certificate authority
• B. private certificate authority
• C. Cisco Registered Envelope Service
• D. Simple Certificate Enrollment Protocol

Answer: C

NEW QUESTION 18
What type of interface is required to pass VLAN tagged traffic from one network to another on a Firepower 7125?

• A. logical switched
• B. logical routed
• C. physical switched
• D. hybrid
• E. physical routed

Answer: A