Q1. What command alters the SSL ciphers used by the Cisco Email Security Appliance for TLS 

sessions and HTTPS access? 

A. sslconfig 

B. sslciphers 

C. tlsconifg 

D. certconfig 

View Answer

Q2. What are two features of the Cisco ASA NGFW? (Choose two.) 

A. It can restrict access based on qualitative analysis. 

B. It can restrict access based on reputation. 

C. It can reactively protect against Internet threats. 

D. It can proactively protect against Internet threats. 

View Answer

Q3. Which three search parameters are supported by the Email Security Monitor? (Choose three.) 

A. Destination domain 

B. Network owner 

C. MAC address 

D. Policy requirements 

E. Internal sender IP address 

F. Originating domain 

View Answer

Q4. Refer to the exhibit. 

What CLI command generated the output? 

A. smtproutes 

B. tophosts 

C. hoststatus 

D. workqueuestatus 

View Answer

Q5. Which two conditions must you configure in an event action override to implement a risk rating of 70 or higher and terminate the connection on the IPS? (Choose two.) 

A. Configure the event action override to send a TCP reset. 

B. Set the risk rating range to 70 to 100. 

C. Configure the event action override to send a block-connection request. 

D. Set the risk rating range to 0 to 100. 

E. Configure the event action override to send a block-host request. 

View Answer

Q6. A Cisco Email Security Appliance uses which message filter to drop all executable attachments entering and leaving the Cisco Email Security Appliance? 

A. drop-exE. if (attachment-filename == "\\.exe$") OR (attachment-filetype == "exe") { drop(); } 

B. drop-exE. if (recv-listener == "InboundMail" ) AND ( (attachment-filename == "\\.exe$") OR (attachment-filetype == "exe")) { drop(); } 

C. drop-exe! if (attachment-filename == "\\.exe$") OR (attachment-filetype == "exe") { drop(); } 

D. drop-exe! if (recv-listener == "InboundMail" ) AND ( (attachment-filename == "\\.exe$") OR (attachment-filetype == "exe")) { drop(); } 

View Answer

Q7. Which command sets the number of packets to log on a Cisco IPS sensor? 

A. ip-log-count number 

B. ip-log-packets number 

C. ip-log-bytes number 

D. ip-log number 

View Answer

Q8. Joe was asked to secure access to the Cisco Web Security Appliance to prevent unauthorized access. Which four steps should Joe implement to accomplish this goal? (Choose four.) 

A. Implement IP access lists to limit access to the management IP address in the Cisco Web Security Appliance GUI. 

B. Add the Cisco Web Security Appliance IP address to the local access list. 

C. Enable HTTPS access via the GUI/CLI with redirection from HTTP. 

D. Replace the Cisco self-signed certificate with a publicly signed certificate. 

E. Put the Cisco WSA Management interface on a private management VLAN. 

F. Change the netmask on the Cisco WSA Management interface to a 32-bit mask. 

G. Create an MX record for the Cisco Web Security Appliance in DNS. 

View Answer

Q9. How does a user access a Cisco Web Security Appliance for initial setup? 

A. Connect the console cable and use the terminal at 9600 baud to run the setup wizard. 

B. Connect the console cable and use the terminal at 115200 baud to run the setup wizard. 

C. Open the web browser at 192.168.42.42:8443 for the setup wizard over https. 

D. Open the web browser at 192.168.42.42:443 for the setup wizard over https. 

View Answer

Q10. Refer to the exhibit. 

The system administrator of mydomain.com received complaints that some messages that were sent from sender user@somedomain.com were delayed. Message tracking data on the sender shows that an email sample that was received was clean and properly delivered. What is the likely cause of the intermittent delays? 

A. The remote MTA has a.SenderBase Reputation Score of -1.0. 

B. The remote MTA is sending emails from RFC 1918 IP addresses. 

C. The remote MTA has activated the SUSPECTLIST sender group. 

D. The remote MTA has activated the default inbound mail policy. 

View Answer