NEW QUESTION 1
A security engineer is configuring user identity for the Cisco ASA connector for Cisco CWS. How many AAA server groups must the engineer configure?

• A. 1
• B. 3
• C. 4
• D. 2

Answer: D

NEW QUESTION 2
Which two benefits are provided by the dynamic dashboard in Cisco ASDM Version 5.2? (Choose two.)

• A. It configures system polices for NAC devices.
• B. It forwards traffic to destination devices.
• C. It provides statistics for device health.
• D. It replaces syslog, RADIUS, and TACACS+ servers.
• E. It automatically detects Cisco security appliances to configure.

Answer: CE

NEW QUESTION 3
During initial configuration, the Cisco ASA can be configured to drop all traffic if the ASA CX SSP fails by using which command in a policy-map?

• A. cxsc fail
• B. cxsc fail-close
• C. cxsc fail-open
• D. cxssp fail-close

Answer: B

NEW QUESTION 4
Which five system management protocols are supported by the Cisco Intrusion Prevention System? (Choose five.)

• A. SNMPv2c
• B. SNMPv1
• C. SNMPv2
• D. SNMPv3
• E. Syslog
• F. SDEE
• G. SMTP

Answer: ABCFG

NEW QUESTION 5
Which command verifies that CWS redirection is working on a Cisco IOS router?

• A. show content-scan session active
• B. show content-scan summary
• C. show interfaces stats
• D. show sessions

Answer: A

NEW QUESTION 6
Which commands are required to configure SSH on router? (Choose two.)

• A. Configure domain name using ip domain-name command
• B. Generate a key using crypto key generate rsa
• C. Configure a DHCP host for the router using dhcpname#configure terminal
• D. Generate enterprise CA self-sign certificate

Answer: AB

Explanation: Here are the steps:
✑ Configure a hostname for the router using these commands. yourname#configure terminal
Enter configuration commands, one per line. End with CNTL/Z. yourname (config)#hostname LabRouter
LabRouter(config)#
✑ Configure a domain name with the ip domain-name command followed by whatever you would like your domain name to be. I used CiscoLab.com.
LabRouter(config)#ip domain-name CiscoLab.com
✑ We generate a certificate that will be used to encrypt the SSH packets using the crypto key generate rsa command.
Take note of the message that is displayed right after we enter this command: "The name for the keys will be: LabRouter.CiscoLab.com" -- it combines the hostname of the router along with the domain name we configured to get the name of the encryption key generated; this is why it was important for us to, first of all, configure a hostname then a domain name before we generated the keys.
Reference: https://www.pluralsight.com/blog/tutorials/configure-secure-shell-ssh-on-cisco- router

NEW QUESTION 7
A new Cisco IPS device has been placed on the network without prior analysis. Which CLI command shows the most fired signature?

• A. Show statistics virtual-sensor
• B. Show event alert
• C. Show alert
• D. Show version

Answer: A

NEW QUESTION 8
Which command is used to enable strong ciphers on the Cisco Web Security Appliance?

• A. interfaceconfig
• B. strictssl
• C. etherconfig
• D. adminaccessconfig

Answer: B

NEW QUESTION 9
What are three arguments that can be used with the show content-scan command in Cisco IOS software? (Choose three)

• A. session
• B. data
• C. verbose
• D. buffer
• E. summary
• F. statistics

Answer: AEF

NEW QUESTION 10
Which option describes the role of the Learning Accept Mode for anomaly detection?

• A. It detects ongoing attacks and adds them to a database.
• B. It configures the anomaly detection zones.
• C. It identifies incomplete connections and flags them.

Answer: A

Explanation: Explanation http://www.cisco.com/c/en/us/td/docs/security/security_management/cisco_security_manag er/sec urity_manager/4-0/user/guide/CSMUserGuide_wrapper/ipsanom.html

NEW QUESTION 11
Which feature of the Cisco Hybrid Email Security services enables you to create multiple email senders on a single Cisco ESA?

• A. Virtual Gateway
• B. Sender Groups
• C. Mail Flow Policy Connector
• D. Virtual Routing and Forwarding
• E. Email Marketing Connector

Answer: A

NEW QUESTION 12
Which four methods are used to deploy transparent mode traffic redirection? (Choose four.)

• A. PAC files
• B. Web Cache Communication Protocol
• C. policy-based routing
• D. Microsoft GPO
• E. Layer 4 switch
• F. DHCP server
• G. Layer 7 switch
• H. manual browser configuration

Answer: BCEG

NEW QUESTION 13
When you configure the Cisco ESA to perform blacklisting, what are two items you can disable to enhance performance? (Choose two.)

• A. spam scanning
• B. antivirus scanning
• C. APT detection
• D. rootkit detection

Answer: AB

NEW QUESTION 14
Which command applies WCCP redirection on the inside interface of a Cisco ASA 5500-x firewall?

• A. wccp interface inside 90 redirect in
• B. web-cache interface inside 90 redirect in
• C. wccp interface inside redirect out
• D. wccp web-cache

Answer: A

NEW QUESTION 15
Which three protocols are required when considering firewall rules for email services using a Cisco Email Security Appliance? (Choose three.)

• A. SMTP
• B. HTTP
• C. DNS
• D. SNMP
• E. FTP

Answer: ABC

NEW QUESTION 16
What are three benefits of the Cisco AnyConnect Secure Mobility Solution? (Choose three.)

• A. It can protect against command-injection and directory-traversal attacks.
• B. It provides Internet transport while maintaining corporate security policies.
• C. It provides secure remote access to managed computers.
• D. It provides clientless remote access to multiple network-based systems.
• E. It enforces security policies, regardless of the user location.
• F. It uses ACLs to determine best-route connections for clients in a secure environment.

Answer: BCE

NEW QUESTION 17
Refer to the exhibit.



What is the status of OS Identification?

• A. It is only enabled to identify "Cisco IOS" OS using statically mapped OS fingerprinting
• B. OS mapping information will not be used for Risk Rating calculations.
• C. It is configured to enable OS mapping and ARR only for the 10.0.0.0/24 network.
• D. It is enabled for passive OS fingerprinting for all networks.

Answer: D

Explanation: Understanding Passive OS Fingerprinting
Passive OS fingerprinting lets the sensor determine the OS that hosts are running. The sensor analyzes network traffic between hosts and stores the OS of these hosts with their IP addresses. The sensor inspects TCP SYN and SYNACK packets exchanged on the network to determine the OS type.
The sensor then uses the OS of the target host OS to determine the relevance of the attack to the victim by computing the attack relevance rating component of the risk rating. Based on the relevance of the attack, the sensor may alter the risk rating of the alert for the attack and/or the sensor may filter the alert for the attack. You can then use the risk rating to reduce the number of false positive alerts (a benefit in IDS mode) or definitively drop suspicious packets (a benefit in IPS mode). Passive OS fingerprinting also enhances the alert output by reporting the victim OS, the source of the OS identification, and the relevance to the victim OS in the alert.
Passive OS fingerprinting consists of three components:
•Passive OS learning
Passive OS learning occurs as the sensor observes traffic on the network. Based on the characteristics of TCP SYN and SYNACK packets, the sensor makes a determination of the OS running on the host of the source IP address.
•User-configurable OS identification
You can configure OS host mappings, which take precedence over learned OS mappings.
•Computation of attack relevance rating and risk rating.