Q1. Which Cisco WSA is intended for deployment in organizations of more than 6000 users? 

A. WSA S370 

B. WSA S670 

C. WSA S370-2RU 

D. WSA S170 

View Answer

Q2. To what extent will the Cisco IPS sensor contribute data to the Cisco SensorBase network? 

A. It will not contribute to the SensorBase network. 

B. It will contribute to the SensorBase network, but will withhold some sensitive information 

C. It will contribute the victim IP address and port to the SensorBase network. 

D. It will not contribute to Risk Rating adjustments that use information from the SensorBase network. 

View Answer

Q3. Cisco AVC allows control of which three of the following? (Choose three.) 

A. Facebook 

B. LWAPP 

C. IPv6 

D. MySpace 

E. Twitter 

F. WCCP 

View Answer

Q4. What is a primary difference between the web security features of the Cisco WSA and the Cisco ASA NGFW? 

A. Cisco WSA provides URL filtering, while Cisco ASA NGFW does not. 

B. Cisco ASA NGFW provides caching services, while Cisco WSA does not. 

C. Cisco WSA provides web reputation filtering, while Cisco ASA NGFW does not. 

D. Cisco ASA NGFW provides application visibility and control on all ports, while Cisco WSA does not. 

View Answer

Q5. During initial configuration, the Cisco ASA can be configured to drop all traffic if the ASA CX SSP fails by using which command in a policy-map? 

A. cxsc fail 

B. cxsc fail-close 

C. cxsc fail-open 

D. cxssp fail-close 

View Answer

Q6. Which three zones are used for anomaly detection? (Choose three.) 

A. Internal zone 

B. External zone 

C. Illegal zone 

D. Inside zone 

E. Outside zone 

F. DMZ zone 

View Answer

Q7. Which Cisco technology is a customizable web-based alerting service designed to report threats and vulnerabilities? 

A. Cisco Security Intelligence Operations 

B. Cisco Security IntelliShield Alert Manager Service 

C. Cisco Security Optimization Service 

D. Cisco Software Application Support Service 

View Answer

Q8. A system administrator wants to know if the email traffic from a remote partner will activate special treatment message filters that are created just for them. Which tool on the Cisco Email Security gateway can you use to debug or emulate the flow that a message takes through the work queue? 

A. the message tracker interface 

B. centralized or local message tracking 

C. the CLI.findevent command 

D. the trace tool 

E. the CLI.grep command 

View Answer

Q9. What action will the sensor take regarding IP addresses listed as known bad hosts in the Cisco SensorBase network? 

A. Global correlation is configured in Audit mode fortesting the feature without actually denying any hosts. 

B. Global correlation is configured in Aggressive mode, which has a very aggressive effect on deny actions. 

C. It will not adjust risk rating values based on the known bad hosts list. 

D. Reputation filtering is disabled. 

View Answer

Q10. What is a value that Cisco ESA can use for tracing mail flow? 

A. the FQDN of the source IP address 

B. the FQDN of the destination IP address 

C. the destination IP address 

D. the source IP address 

View Answer