Q1. Which three zones are used for anomaly detection in a Cisco IPS? (Choose three.) 

A. internal zone 

B. external zone 

C. illegal zone 

D. inside zone 

E. outside zone 

F. DMZ zone 

View Answer

Q2. Which three zones are used for anomaly detection? (Choose three.) 

A. Internal zone 

B. External zone 

C. Illegal zone 

D. Inside zone 

E. Outside zone 

F. DMZ zone 

View Answer

Q3. Which Cisco Web Security Appliance deployment mode requires minimal change to endpoint devices? 

A. Transparent Mode 

B. Explicit Forward Mode 

C. Promiscuous Mode 

D. Inline Mode 

View Answer

Q4. A network engineer may use which three types of certificates when implementing HTTPS decryption services on the ASA CX? (Choose three.) 

A. Self Signed Server Certificate 

B. Self Signed Root Certificate 

C. Microsoft CA Server Certificate 

D. Microsoft CA Subordinate Root Certificate 

E. LDAP CA Server Certificate 

F. LDAP CA Root Certificate 

G. Public Certificate Authority Server Certificate 

H. Public Certificate Authority Root Certificate 

View Answer

Q5. Which three administrator actions are used to configure IP logging in Cisco IME? (Choose three.) 

A. Select a virtual sensor. 

B. Enable IP logging. 

C. Specify the host IP address. 

D. Set the logging duration. 

E. Set the number of packets to capture. 

F. Set the number of bytes to capture. 

View Answer

Q6. Which type of signature is generated by copying a default signature and modifying its behavior? 

A. meta 

B. custom 

C. atomic 

D. normalized 

View Answer

Q7. Which three statements about threat ratings are true? (Choose three.) 

A. A threat rating is equivalent to a risk rating that has been lowered by an alert rating. 

B. The largest threat rating from all actioned events is added to the risk rating. 

C. The smallest threat rating from all actioned events is subtracted from the risk rating. 

D. The alert rating for deny-attacker-inline is 45. 

E. Unmitigated events do not cause a threat rating modification. 

F. The threat rating for deny-attacker-inline is 50. 

View Answer

Q8. Which Cisco technology combats viruses and malware with virus outbreak filters that are downloaded from Cisco SenderBase? 

A. ASA 

B. WSA 

C. Secure mobile access 

D. IronPort ESA 

E. SBA 

View Answer

Q9. Refer to the exhibit. 

When designing the network to redirect web traffic utilizing the Catalyst 6500 to the Cisco Web Security Appliance, impact on the switch platform needs consideration. Which four rows identify the switch behavior in correlation to the redirect method? (Choose four.) 

A. Row 1 

B. Row 2 

C. Row 3 

D. Row 4 

E. Row 5 

F. Row 6 

G. Row 7 

H. Row 8 

View Answer

Q10. Which configuration mode enables a virtual sensor to monitor the session state for unidirectional traffic? 

A. asymmetric mode 

B. symmetric mode 

C. loose mode 

D. strict mode 

View Answer