- All Exams Instant Download
Which object can be used on a Cisco FirePOWER appliance, but not in an access control policy rule on Cisco FirePOWER services running on a Cisco ASA?
Which object can be used on a Cisco FirePOWER appliance, but not in an access control policy rule on Cisco FirePOWER services running on a Cisco ASA?A . URLB . security intelligenceC . VLAND . geolocationView AnswerAnswer: C
During initial configuration, the Cisco ASA can be configured to drop all traffic if the ASA CX SSP fails by using which command in a policy-map?
During initial configuration, the Cisco ASA can be configured to drop all traffic if the ASA CX SSP fails by using which command in a policy-map?A . cxsc failB . cxsc fail-closeC . cxsc fail-openD . cxssp fail-closeView AnswerAnswer: B
A customer is concerned with their employee’s internet usage and has asked for more web traffic control. Which two features of the cisco web security appliance help with issue? (choose two)
A customer is concerned with their employee’s internet usage and has asked for more web traffic control. Which two features of the cisco web security appliance help with issue? (choose two)A . Advanced Malware ProtectionB . Dynamic ARP InspectionC . DHCP spoofing ProtectionD . Network Address TranslationE . Application Visibility...
Which interface type allows packets to be dropped?
Which interface type allows packets to be dropped?A . passiveB . inlineC . TAPD . either passive or inline, provided that the intrusion policy has the Drop When Inline check box selected.View AnswerAnswer: D
Which two appliances support logical routed interfaces? (Choose two.)
Which two appliances support logical routed interfaces? (Choose two.)A . FirePOWER services for ASA-5500-XB . FP-4100-seriesC . FP-8000-seriesD . FP-7000-seriesE . FP-9300-seriesView AnswerAnswer: D
which two options are the basic parts of a Snort rule? (Choose two)
which two options are the basic parts of a Snort rule? (Choose two)A . rule policyB . rule headerC . Rule assignment and portsD . rule optionsE . Rule footerView AnswerAnswer: BD
A system administrator wants to know if the email traffic from a remote partner will active special treatment message filters that are created just for them. Which tool on the Cisco Email Security gateway can you use to debug and emulate the flow that a message takes through the work queue?
A system administrator wants to know if the email traffic from a remote partner will active special treatment message filters that are created just for them. Which tool on the Cisco Email Security gateway can you use to debug and emulate the flow that a message takes through the work...
With Cisco FirePOWER Threat Defense software, which interface mode do you configure for an IPS deployment, where traffic passes through the appliance but does not require VLAN rewriting?
With Cisco FirePOWER Threat Defense software, which interface mode do you configure for an IPS deployment, where traffic passes through the appliance but does not require VLAN rewriting?A . inline setB . passiveC . inline tapD . routedE . transparentView AnswerAnswer: E
Which SSL traffic decryption feature is used when decrypting traffic from an external host to a server on your network?
Which SSL traffic decryption feature is used when decrypting traffic from an external host to a server on your network?A . Decrypt by stripping the server certificate.B . Decrypt by resigning the server certificateC . Decrypt with a known private keyD . Decypt with a known public keyView AnswerAnswer: B
A network engineer may use which three types of certificates when implementing HTTPS decryption services on the ASA CX? (Choose three.)
A network engineer may use which three types of certificates when implementing HTTPS decryption services on the ASA CX? (Choose three.)A . Self Signed Server CertificateB . Self Signed Root CertificateC . Microsoft CA Server CertificateD . Microsoft CA Subordinate Root CertificateE . LDAP CA Server CertificateF . LDAP CA...
