Q1. Which three functions can Cisco Application Visibility and Control perform within Cisco Cloud Web Security? (Choose three.)
A. validation of malicious traffic
B. traffic control
C. extending Web Security to all computing devices
D. application-level classification
E. monitoring
F. signature tuning
Answer: B,D,E
Q2. What is the default IP range of the external zone?
A. 0.0.0.0 0.0.0.0
B. 0.0.0.0 - 255.255.255.255
C. 0.0.0.0/8
D. The network of the management interface
Answer: B
Q3. Which Cisco ASA configuration command drops traffic if the Cisco ASA CX module fails?
A. no fail-open
B. fail-close
C. fail-close auth-proxy
D. auth-proxy
Answer: B
Q4. Which command can change the HTTPS SSL method on the Cisco ESA?
A. sslconfig
B. strictssl
C. sshconfig
D. adminaccessconfig
Answer: A
Q5. Over the period of one day, several Atomic ARP engine alerts fired on the same IP address. You observe that each time an alert fired, requests on the IP address exceeded replies by the same number. Which configuration could cause this behavior?
A. The reply-ratio parameter is enabled.
B. MAC flip is enabled.
C. The inspection condition is disabled.
D. The IPS is misconfigured.
Answer: A
Q6. Which two statements about Signature 1104 are true? (Choose two.)
A. This is a custom signature.
B. The severity level is High.
C. This signature has triggered as indicated by the red severity icon.
D. Produce Alert is the only action defined.
E. This signature is enabled, but inactive, as indicated bythe/0 to that follows the signature number.
Answer: B,D
Explanation:
This can be seen here where signature 1004 is the 5th one down:
Q7. With Cisco IDM, which rate limit option specifies the maximum bandwidth for rate-limited traffic?
A. protocol
B. rate
C. bandwidth
D. limit
Answer: B
Q8. When learning accept mode is set to auto, and the action is set to rotate, when is the KB created and used?
A. It is created every 24 hours and used for 24 hours.
B. It is created every 24 hours, but the current KB is used.
C. It is created every 1 hour and used for 24 hours.
D. A KB is created only in manual mode.
Answer: A
Q9. Which Cisco WSA is intended for deployment in organizations of more than 6000 users?
A. WSA S370
B. WSA S670
C. WSA S370-2RU
D. WSA S170
Answer: B
Q10. If learning accept mode is set to "auto" and the knowledge base is loaded only when explicitly requested on the IPS, which statement about the knowledge base is true?
A. The knowledge base is set to load dynamically.
B. The knowledge base is set to "save only."
C. The knowledge base is set to "discarded."
D. The knowledge base is set to load statically.
Answer: B