Which description of a correlation policy configuration in the Cisco Firepower Management Center is true?

Which description of a correlation policy configuration in the Cisco Firepower Management Center is true?Reference: https://www.cisco.com/c/en/us/td/docs/security/firepower/60/configuration/guide/fpmc-config-guide-v60/Correlation_Policies.pdf Question: Which description of a correlation policy configuration in the Cisco Firepower Management Center is true? Options: You cannot add a host profile qualification to a correlation rule that is triggered by a malware event. Deleting a response group … Read more

What is retrospective alerting in Cisco Advanced Malware Protection for Endpoints?

What is retrospective alerting in Cisco Advanced Malware Protection for Endpoints? Question: What is retrospective alerting in Cisco Advanced Malware Protection for Endpoints? Options: alerts when a file changes disposition alerts on events over a week old alerts showing previously installed malware alerts on previously blacklisted applications Correct Answer The Correct Answer for this Question … Read more

Which circumstance does the Cisco AMP assign a file disposition without submitting the file to the cloud for dynamic analysis?

Under which circumstance does the Cisco AMP assign a file disposition without submitting the file to the cloud for dynamic analysis?Reference: https://www.cisco.com/c/en/us/td/docs/security/firepower/610/configuration/guide/fpmc-config-guide-v61/ file_malware_events_and_network_file_trajectory.pdf Question: Which circumstance does the Cisco AMP assign a file disposition without submitting the file to the cloud for dynamic analysis? Options: when the file has previously been submitted for dynamic analysis … Read more

Which characteristic is unique to a Cisco Web Security Virtual Appliance as compared to a physical appliance?

Which characteristic is unique to a Cisco Web Security Virtual Appliance as compared to a physical appliance?Reference: https://www.cisco.com/c/dam/en/us/td/docs/security/content_security/virtual_appliances/Cisco_Content_Security_Virtual_Appliance_Install_Guide.pdf Question: Which characteristic is unique to a Cisco Web Security Virtual Appliance as compared to a physical appliance? Options: supports SSL decryption performs transparent redirection supports VMware vMotion on VMware ESXi requires an additional license Correct Answer … Read more

Which descriptions of an email solution that uses hybrid mode is true?

Which descriptions of an email solution that uses hybrid mode is true?Reference: https://www.cisco.com/c/dam/en/us/td/docs/security/ces/overview_guide/Cisco_Cloud_Hybrid_Email_Security_Overview_Guide.pdf Question: Which descriptions of an email solution that uses hybrid mode is true? Options: uses an on-premises Cisco ESA that scans inbound email by using encryption policies cleans outbound email by using a cloud-based Cisco ESA uses an on-premises Cisco ESA that … Read more

Which behavior is expected from the tool?

An engineer is using policy trace tool to debug how a message is processed by the ESA. Which behavior is expected from the tool?Reference: https://www.cisco.com/c/en/us/support/docs/security/email-security-appliance/118102-troubleshoot-esa-00.html Question: Which behavior is expected from the tool? Options: The sections of configuration tested by the tool are performed in a random order. A message body cannot be populated via … Read more

Which Cisco Advanced Matware Protection event is generated when a file disposition changes because more information is gathered and evaluated about the file?

Which Cisco Advanced Matware Protection event is generated when a file disposition changes because more information is gathered and evaluated about the file? Question: Which Cisco Advanced Matware Protection event is generated when a file disposition changes because more information is gathered and evaluated about the file? Options: quarantine event threat detected event policy update … Read more

Which deployment method is required for the Cisco AnyConnect Web Security Module?

A customer’s mobile clients now require content scanning, yet there is not an ASA on the network. Which deployment method is required for the Cisco AnyConnect Web Security Module? Question: Which deployment method is required for the Cisco AnyConnect Web Security Module? Options: enterprise connection enforcement roaming umbrella component standalone component APEX enforcement Correct Answer … Read more