700-270 Cisco Exam Questions and Answers

Question 1

A customer wants to implement FirePOWER services with AVC and IPS on its Cisco ASA
5515-X. This device is currently deployed with a legacy IPS module. Which three steps may be required to upgrade? (Choose three.)

A. Discuss a Cisco ASA upgrade to maintain performance
B. Purchase a subscription license for IPS.
C. Remove the SSD drive.
D. Purchase a subscription license for AVC and IPS.
E. Remove the legacy IPS module
F. Purchase the SFR hardware module

Answer : A,D,E

Question 2

Which method of discovery is used during impact assessment?

A. passive
B. statistical analysis
C. inline
D. heuristic analysis

Answer : C

Question 3

Which activity leads to better network visibility?

A. adding time stamps to log events
B. enabling all IPS signatures
C. adding user context to events
D. forwarding all events to a syslog server

Answer : C

Question 4

Which type of Cisco services offering is aimed at helping customers to plan and upgrade new FirePOWER deployments?

A. Cisco Advanced Services
B. Cisco Managed Services
C. Cisco SMARTnet
D. Cisco Migration Services

Answer : D

Question 5

Which two options are objectives that are defined as part of the "before" stage of the attack continuum? {Choose two.)

A. harden
B. retrospection
C. enforce
D. detect
E. shun

Answer : AC

Question 6

Which management application can be deployed as a physical or virtual appliance to configure security policy for the FirePOWER services module?

A. FirePOWER services module CLI
B. Cisco Security Manager
C. Cisco ASDM
D. FireSIGHT Management Center

Answer : D

Question 7

Which AMP feature provides continuous analysis capabilities?

A. retrospection
B. file reputation
C. file analysis
D. sandboxing

Answer : A

Question 8

What are two benefits that are provided by file trajectory services? (Choose two)

A. identifies malware point of entry
B. highlights attack propagation paths
C. provides endpoint operating system patches
D. publishes malware gateways on a blacklist
E. pushes personal firewall updates to endpoints

Answer : AB

Question 9

Which two high-availability deployment modes support FirePOWER services? (Choose two.)

A. monitor mode
B. clustering
C. active/standby
D. multicontext
E. active/active

Answer : BC

Question 10

Which FirePOWER services capability supports seamless processing after an adaptive security appliance stateful failover event?

A. midsession pickup
B. TCP intercept
C. SFR stateful failover
D. FireSIGHT central policy distribution

Answer : A

Question 11

Connections to known CnC sites are an example of which loC event category?

A. firewall
B. IPS
C. security intelligence
D. malware

Answer : B

Question 12

Where are files that are awaiting a disposition check held during file analysis?

A. cloud-based, company-specific repository
B. cloud-based sandbox
C. Cisco ASA SSD drive
D. isolated VLAN

Answer : B

Question 13

Which subscription license terms are available for FirePOWER services features?

A. 1 and 2 years
B. 1 and 3 years
C. 1 and 5 years
D. 1, 2, and 3 years

Answer : B

Question 14

NGIPS rulesets are configured using which management application?

A. FireSIGHT Management Center
B. Cisco IDM
C. Cisco IME
D. Cisco ASDM

Answer : A

Question 15

Cisco FirePOWER services has been extended to which SMB-focused product?

A. Cisco ASA 5506-X
B. Cisco ASA 5505-X
C. Cisco ASA 5510-X
D. Cisco ASA 5600-X

Answer : A

NGFW Express for Account Managers (NGFWEAM) v6.0

Question 1

Question 2

Question 3

Question 4

Question 5

Question 6

Question 7

Question 8

Question 9

Question 10

Question 11

Question 12

Question 13

Question 14

Question 15

Talk to us!