Q1. What is the default CX Management 0/0 IP address on a Cisco ASA 5512-X appliance? 

A. 192.168.1.1 

B. 192.168.1.2 

C. 192.168.1.3 

D. 192.168.1.4 

E. 192.168.1.5 

F. 192.168.8.8 

View Answer

Q2. Which Cisco technology provides spam filtering and email protection? 

A. IPS 

B. ESA 

C. WSA 

D. CX 

View Answer

Q3. Which Cisco technology prevents targeted malware attacks, provides data loss prevention and spam protection, and encrypts email? 

A. SBA 

B. secure mobile access 

C. IPv6 DMZ web service 

D. ESA 

View Answer

Q4. Which two options are characteristics of router-based IPS? (Choose two.) 

A. It supports custom signatures 

B. It supports virtual sensors. 

C. It supports multiple VRFs. 

D. It uses configurable anomaly detection. 

E. Signature definition files have been deprecated. 

View Answer

Q5. What are three best practices for a Cisco Intrusion Prevention System? (Choose three.) 

A. Checking for new signatures every 4 hours 

B. Checking for new signatures on a staggered schedule 

C. Automatically updating signature packs 

D. Manually updating signature packs 

E. Group tuning of signatures 

F. Single tuning of signatures 

View Answer

Q6. In order to set up HTTPS decryption on the Cisco Web Security Appliance, which two steps must be performed? (Choose two.) 

A. Enable and accept the EULA under Security Services > HTTPS Proxy. 

B. Upload a publicly signed server certificate. 

C. Configure or upload a certificate authority certificate. 

D. Enable HTTPS decryption in Web Security Manager > Access Policies. 

View Answer

Q7. Which Cisco technology secures the network through malware filtering, category-based control, and reputation-based control? 

A. Cisco ASA 5500 Series appliances 

B. Cisco remote-access VPNs 

C. Cisco IronPort WSA 

D. Cisco IPS 

View Answer

Q8. A new Cisco IPS device has been placed on the network without prior analysis. Which CLI command shows the most fired signature? 

A. Show statistics virtual-sensor 

B. Show event alert 

C. Show alert 

D. Show version 

View Answer

Q9. Which two design considerations are required to add the Cisco Email Security Appliance to an existing mail delivery chain? (Choose two.) 

A. Existing MX records should be maintained and policy routing should be used to redirect traffic to the ESA. 

B. Update the MX records to point to the inbound listener interfaces on the ESA. 

C. Update the MX records to point to the outbound listener interfaces on the ESA. 

D. Different Listeners must be used to handle inbound and outbound mail handling. 

E. The ESA should be connected to the same subnet as the Email Server because it maintains only a single routing table. 

F. The ESA can be connected to a DMZ external to the Email Server because it maintains multiple routing tables. 

G. The ESA can be connected to a DMZ external to the Email Server but it maintains only a single routing table. 

H. Mail Listeners by default can share the same IP interface by defining the routes for sending and receiving. 

View Answer

Q10. Which three user roles are partially defined by default in Prime Security Manager? (Choose three.) 

A. networkoperator 

B. admin 

C. helpdesk 

D. securityoperator 

E. monitoringadmin 

F. systemadmin 

View Answer