NGFW Express for Account Managers (NGFWEAM) v6.0

Page:    1 / 4   
Exam contains 66 questions

A customer wants to implement FirePOWER services with AVC and IPS on its Cisco ASA
5515-X. This device is currently deployed with a legacy IPS module. Which three steps may be required to upgrade? (Choose three.)

  • A. Discuss a Cisco ASA upgrade to maintain performance
  • B. Purchase a subscription license for IPS.
  • C. Remove the SSD drive.
  • D. Purchase a subscription license for AVC and IPS.
  • E. Remove the legacy IPS module
  • F. Purchase the SFR hardware module

Answer : A,D,E

Which method of discovery is used during impact assessment?

  • A. passive
  • B. statistical analysis
  • C. inline
  • D. heuristic analysis

Answer : C

Which activity leads to better network visibility?

  • A. adding time stamps to log events
  • B. enabling all IPS signatures
  • C. adding user context to events
  • D. forwarding all events to a syslog server

Answer : C

Which type of Cisco services offering is aimed at helping customers to plan and upgrade new FirePOWER deployments?

  • A. Cisco Advanced Services
  • B. Cisco Managed Services
  • C. Cisco SMARTnet
  • D. Cisco Migration Services

Answer : D

Which two options are objectives that are defined as part of the "before" stage of the attack continuum? {Choose two.)

  • A. harden
  • B. retrospection
  • C. enforce
  • D. detect
  • E. shun

Answer : A,C

Which management application can be deployed as a physical or virtual appliance to configure security policy for the FirePOWER services module?

  • A. FirePOWER services module CLI
  • B. Cisco Security Manager
  • C. Cisco ASDM
  • D. FireSIGHT Management Center

Answer : D

Which AMP feature provides continuous analysis capabilities?

  • A. retrospection
  • B. file reputation
  • C. file analysis
  • D. sandboxing

Answer : A

What are two benefits that are provided by file trajectory services? (Choose two)

  • A. identifies malware point of entry
  • B. highlights attack propagation paths
  • C. provides endpoint operating system patches
  • D. publishes malware gateways on a blacklist
  • E. pushes personal firewall updates to endpoints

Answer : A,B

Which two high-availability deployment modes support FirePOWER services? (Choose two.)

  • A. monitor mode
  • B. clustering
  • C. active/standby
  • D. multicontext
  • E. active/active

Answer : B,C

Which FirePOWER services capability supports seamless processing after an adaptive security appliance stateful failover event?

  • A. midsession pickup
  • B. TCP intercept
  • C. SFR stateful failover
  • D. FireSIGHT central policy distribution

Answer : A

Connections to known CnC sites are an example of which loC event category?

  • A. firewall
  • B. IPS
  • C. security intelligence
  • D. malware

Answer : B

Where are files that are awaiting a disposition check held during file analysis?

  • A. cloud-based, company-specific repository
  • B. cloud-based sandbox
  • C. Cisco ASA SSD drive
  • D. isolated VLAN

Answer : B

Which subscription license terms are available for FirePOWER services features?

  • A. 1 and 2 years
  • B. 1 and 3 years
  • C. 1 and 5 years
  • D. 1, 2, and 3 years

Answer : B

NGIPS rulesets are configured using which management application?

  • A. FireSIGHT Management Center
  • B. Cisco IDM
  • C. Cisco IME
  • D. Cisco ASDM

Answer : A

Cisco FirePOWER services has been extended to which SMB-focused product?

  • A. Cisco ASA 5506-X
  • B. Cisco ASA 5505-X
  • C. Cisco ASA 5510-X
  • D. Cisco ASA 5600-X

Answer : A

Page:    1 / 4   
Exam contains 66 questions

Talk to us!

Have any questions or issues ? Please dont hesitate to contact us

Certlibrary doesn't offer Real Microsoft Exam Questions.
Certlibrary Materials do not contain actual questions and answers from Cisco's Certification Exams.
CFA Institute does not endorse, promote or warrant the accuracy or quality of Certlibrary. CFA® and Chartered Financial Analyst® are registered trademarks owned by CFA Institute.