NGFW Express for Account Managers (NGFWEAM) v6.0

Page:    1 / 4   
Exam contains 60 questions

A customer wants to implement FirePOWER services with AVC and IPS on its Cisco ASA
5515-X. This device is currently deployed with a legacy IPS module. Which three steps may be required to upgrade? (Choose three.)

  • A. Discuss a Cisco ASA upgrade to maintain performance
  • B. Purchase a subscription license for IPS.
  • C. Remove the SSD drive.
  • D. Purchase a subscription license for AVC and IPS.
  • E. Remove the legacy IPS module
  • F. Purchase the SFR hardware module


Answer : A,D,E

Which method of discovery is used during impact assessment?

  • A. passive
  • B. statistical analysis
  • C. inline
  • D. heuristic analysis


Answer : C

Which activity leads to better network visibility?

  • A. adding time stamps to log events
  • B. enabling all IPS signatures
  • C. adding user context to events
  • D. forwarding all events to a syslog server


Answer : C

Which type of Cisco services offering is aimed at helping customers to plan and upgrade new FirePOWER deployments?

  • A. Cisco Advanced Services
  • B. Cisco Managed Services
  • C. Cisco SMARTnet
  • D. Cisco Migration Services


Answer : D

Which two options are objectives that are defined as part of the "before" stage of the attack continuum? {Choose two.)

  • A. harden
  • B. retrospection
  • C. enforce
  • D. detect
  • E. shun


Answer : A,C

Which management application can be deployed as a physical or virtual appliance to configure security policy for the FirePOWER services module?

  • A. FirePOWER services module CLI
  • B. Cisco Security Manager
  • C. Cisco ASDM
  • D. FireSIGHT Management Center


Answer : D

Which AMP feature provides continuous analysis capabilities?

  • A. retrospection
  • B. file reputation
  • C. file analysis
  • D. sandboxing


Answer : A

What are two benefits that are provided by file trajectory services? (Choose two)

  • A. identifies malware point of entry
  • B. highlights attack propagation paths
  • C. provides endpoint operating system patches
  • D. publishes malware gateways on a blacklist
  • E. pushes personal firewall updates to endpoints


Answer : A,B

Which two high-availability deployment modes support FirePOWER services? (Choose two.)

  • A. monitor mode
  • B. clustering
  • C. active/standby
  • D. multicontext
  • E. active/active


Answer : B,C

Which FirePOWER services capability supports seamless processing after an adaptive security appliance stateful failover event?

  • A. midsession pickup
  • B. TCP intercept
  • C. SFR stateful failover
  • D. FireSIGHT central policy distribution


Answer : A

Connections to known CnC sites are an example of which loC event category?

  • A. firewall
  • B. IPS
  • C. security intelligence
  • D. malware


Answer : B

Where are files that are awaiting a disposition check held during file analysis?

  • A. cloud-based, company-specific repository
  • B. cloud-based sandbox
  • C. Cisco ASA SSD drive
  • D. isolated VLAN


Answer : B

Which subscription license terms are available for FirePOWER services features?

  • A. 1 and 2 years
  • B. 1 and 3 years
  • C. 1 and 5 years
  • D. 1, 2, and 3 years


Answer : B

NGIPS rulesets are configured using which management application?

  • A. FireSIGHT Management Center
  • B. Cisco IDM
  • C. Cisco IME
  • D. Cisco ASDM


Answer : A

Cisco FirePOWER services has been extended to which SMB-focused product?

  • A. Cisco ASA 5506-X
  • B. Cisco ASA 5505-X
  • C. Cisco ASA 5510-X
  • D. Cisco ASA 5600-X


Answer : A

Page:    1 / 4   
Exam contains 60 questions

Talk to us!


Have any questions or issues ? Please dont hesitate to contact us