NGFW Express for Account Managers (NGFWEAM) v6.0

Page:    1 / 4   
Exam contains 60 questions

A customer wants to implement FirePOWER services with AVC and IPS on its Cisco ASA
5515-X. This device is currently deployed with a legacy IPS module. Which three steps may be required to upgrade? (Choose three.)

  • A. Discuss a Cisco ASA upgrade to maintain performance
  • B. Purchase a subscription license for IPS.
  • C. Remove the SSD drive.
  • D. Purchase a subscription license for AVC and IPS.
  • E. Remove the legacy IPS module
  • F. Purchase the SFR hardware module


Answer : A,D,E

Which method of discovery is used during impact assessment?

  • A. passive
  • B. statistical analysis
  • C. inline
  • D. heuristic analysis


Answer : C

Which activity leads to better network visibility?

  • A. adding time stamps to log events
  • B. enabling all IPS signatures
  • C. adding user context to events
  • D. forwarding all events to a syslog server


Answer : C

Which type of Cisco services offering is aimed at helping customers to plan and upgrade new FirePOWER deployments?

  • A. Cisco Advanced Services
  • B. Cisco Managed Services
  • C. Cisco SMARTnet
  • D. Cisco Migration Services


Answer : D

Which two options are objectives that are defined as part of the "before" stage of the attack continuum? {Choose two.)

  • A. harden
  • B. retrospection
  • C. enforce
  • D. detect
  • E. shun


Answer : A,C

Which management application can be deployed as a physical or virtual appliance to configure security policy for the FirePOWER services module?

  • A. FirePOWER services module CLI
  • B. Cisco Security Manager
  • C. Cisco ASDM
  • D. FireSIGHT Management Center


Answer : D

Which AMP feature provides continuous analysis capabilities?

  • A. retrospection
  • B. file reputation
  • C. file analysis
  • D. sandboxing


Answer : A

What are two benefits that are provided by file trajectory services? (Choose two)

  • A. identifies malware point of entry
  • B. highlights attack propagation paths
  • C. provides endpoint operating system patches
  • D. publishes malware gateways on a blacklist
  • E. pushes personal firewall updates to endpoints


Answer : A,B

Which two high-availability deployment modes support FirePOWER services? (Choose two.)

  • A. monitor mode
  • B. clustering
  • C. active/standby
  • D. multicontext
  • E. active/active


Answer : B,C

Which FirePOWER services capability supports seamless processing after an adaptive security appliance stateful failover event?

  • A. midsession pickup
  • B. TCP intercept
  • C. SFR stateful failover
  • D. FireSIGHT central policy distribution


Answer : A

Connections to known CnC sites are an example of which loC event category?

  • A. firewall
  • B. IPS
  • C. security intelligence
  • D. malware


Answer : B

Where are files that are awaiting a disposition check held during file analysis?

  • A. cloud-based, company-specific repository
  • B. cloud-based sandbox
  • C. Cisco ASA SSD drive
  • D. isolated VLAN


Answer : B

Which subscription license terms are available for FirePOWER services features?

  • A. 1 and 2 years
  • B. 1 and 3 years
  • C. 1 and 5 years
  • D. 1, 2, and 3 years


Answer : B

NGIPS rulesets are configured using which management application?

  • A. FireSIGHT Management Center
  • B. Cisco IDM
  • C. Cisco IME
  • D. Cisco ASDM


Answer : A

Cisco FirePOWER services has been extended to which SMB-focused product?

  • A. Cisco ASA 5506-X
  • B. Cisco ASA 5505-X
  • C. Cisco ASA 5510-X
  • D. Cisco ASA 5600-X


Answer : A

Page:    1 / 4   
Exam contains 60 questions

Talk to us!


Have any questions or issues ? Please dont hesitate to contact us

Certlibrary doesn't offer Real Microsoft Exam Questions.
Certlibrary Materials do not contain actual questions and answers from Cisco's Certification Exams.
CFA Institute does not endorse, promote or warrant the accuracy or quality of Certlibrary. CFA® and Chartered Financial Analyst® are registered trademarks owned by CFA Institute.