Q1. What three alert notification options are available in Cisco IntelliShield Alert Manager? (Choose three.)
A. Alert Summary as Text
B. Complete Alert as an HTML Attachment
C. Complete Alert as HTML
D. Complete Alert as RSS
E. Alert Summary as Plain Text
F. Alert Summary as MMS
Answer: A,B,C
Q2. Refer to the exhibit.
The system administrator of mydomain.com received complaints that some messages that were sent from sender user@somedomain.com were delayed. Message tracking data on the sender shows that an email sample that was received was clean and properly delivered. What is the likely cause of the intermittent delays?
A. The remote MTA has a.SenderBase Reputation Score of -1.0.
B. The remote MTA is sending emails from RFC 1918 IP addresses.
C. The remote MTA has activated the SUSPECTLIST sender group.
D. The remote MTA has activated the default inbound mail policy.
Answer: C
Q3. Which Cisco ESA component receives connections from external mail servers?
A. MTA
B. public listener
C. private listener
D. recipient access table
E. SMTP incoming relay agent
Answer: B
Q4. Which Cisco ESA predefined sender group uses parameter-matching to reject senders?
A. BLACKLIST
B. WHITELIST
C. SUSPECTLIST
D. UNKNOWNLIST
Answer: A
Q5. Which three options are characteristics of router-based IPS? (Choose three.)
A. It is used for large networks.
B. It is used for small networks.
C. It supports virtual sensors.
D. It supports multiple VRFs.
E. It uses configurable anomaly detection.
F. Signature definition files have been deprecated.
Answer: B,D,F
Q6. Which is the default IP address and admin port setting for https in the Cisco Web Security Appliance?
A. http://192.168.42.42:8080
B. http://192.168.42.42:80
C. https://192.168.42.42:443
D. https://192.168.42.42:8443
Answer: D
Q7. The helpdesk was asked to provide a record of delivery for an important email message that a customer claims it did not receive. Which feature of the Cisco Email Security Appliance provides this record?
A. Outgoing Mail Reports
B. SMTP Routes
C. Message Tracking
D. Scheduled Reports
E. System Administration
Answer: C
Q8. What are two benefits of using SPAN with promiscuous mode deployment? (Choose two.)
A. SPAN does not introduce latency to network traffic.
B. SPAN can perform granular scanning on captures of per-IP-address or per-port monitoring.
C. Promiscuous Mode can silently block traffic flows on the IDS.
D. SPAN can analyze network traffic from multiple points.
Answer: A,D
Q9. Which antispam technology assumes that email from server A, which has a history of distributing spam, is more likely to be spam than email from server B, which does not have a history of distributing spam?
A. Reputation-based filtering
B. Context-based filtering
C. Cisco ESA multilayer approach
D. Policy-based filtering
Answer: A
Q10. Which three statements about Cisco CWS are true? (Choose three.)
A. It provides protection against zero-day threats.
B. Cisco SIO provides it with threat updates in near real time.
C. It supports granular application policies.
D. Its Roaming User Protection feature protects the VPN from malware and data breaches.
E. It supports local content caching.
F. Its Cognitive Threat Analytics feature uses cloud-based analysis and detection to block threats outside the network.
Answer: A,B,C