Q1. On Cisco Firepower Management Center, which policy is used to collect health modules alerts from managed devices?
A. health policy
B. system policy
C. correlation policy
D. access control policy
E. health awareness policy
Answer: A
Q2. What is the maximum message size that the Cisco Email Security Appliance will accept from the violet.public domain?
A. 1 KB
B. 100 KB
C. 1 MB
D. 10 MB
E. 100 MB
F. Unlimited
Answer: D
Q3. With Firepower Threat Defense, which two interface settings are required when configuring a routed interface? (Choose two.)
A. Speed
B. Duplex
C. Media Type
D. Redundant Interface
E. EtherChannel
Answer: A B
Q4. What is a value that Cisco ESA can use for tracing mail flow?
A. the source IP address
B. the FQDN of the destination IP address
C. the destination IP address
D. the FQDN of the source IP address
Answer: D
Q5. Which Cisco Web Security Appliance feature enables the appliance to block suspicious traffic on all of its ports and IP addresses?
A. explicit forward mode
B. Layer 4 Traffic Monitor
C. transparent mode
D. Secure Web Proxy
Answer: B
Q6. A system administrator wants to know if the email traffic from a remote partner will active special treatment message filters that are created just for them. Which tool on the Cisco Email Security gateway can you use to debug and emulate the flow that a message takes through the work queue?
A. the trace tool
B. centralized or local message tracking
C. the CLI findevent command
D. the CLI grep command
E. the message tracker interface
Answer: A
Q7. Which piece of information is required to perform a policy trace for the Cisco WSA?
A. the destination IP address of the trace
B. the source IP address of the trace
C. the URL to trace
D. authentication credentials to make the request
Answer: C
Q8. Which type of server is required to communicate with a third-party DLP solution?
A. an ICAP-capable proxy server
B. a PKI certificate server
C. an HTTP server
D. an HTTPS server
Answer: A
Q9. Which interface type allows packets to be dropped?
A. passive
B. inline
C. TAP
D. either passive or inline, provided that the intrusion policy has the Drop When Inline check box selected.
Answer: D
Q10. Which Cisco AMP for Endpoints, what, is meant by simple custom detection?
A. It is a rule for identifying a file that should be whitelisted by Cisco AMP.
B. It is a method for identifying and quarantining a specific file by its SHA-256 hash.
C. It is a feature for configuring a personal firewall.
D. It is a method for identifying and quarantining a set of files by regular expression language.
Answer: A