Q1. On Cisco Firepower Management Center, which policy is used to collect health modules alerts from managed devices?
A. health policy
B. system policy
C. correlation policy
D. access control policy
E. health awareness policy
Answer: A
Q2. Which Cisco AMP for Endpoints, what, is meant by simple custom detection?
A. It is a rule for identifying a file that should be whitelisted by Cisco AMP.
B. It is a method for identifying and quarantining a specific file by its SHA-256 hash.
C. It is a feature for configuring a personal firewall.
D. It is a method for identifying and quarantining a set of files by regular expression language.
Answer: A
Q3. When you create a new server profile on the Cisco ESA, which subcommand of the ldapconfig command configures spam quarantine end-user authentication?
A. server
B. test
C. isqalias
D. isqauth
Answer: D
Q4. In which two places can thresholding settings be configured? (Choose two.)
A. globally, per intrusion policy
B. globally, within the network analysis policy
C. on each access control rule
D. on each IPS rule
E. per preprocessor, within the network analysis policy
Answer: C D
Q5. What is the maximum message size that the Cisco Email Security Appliance will accept from the violet.public domain?
A. 1 KB
B. 100 KB
C. 1 MB
D. 10 MB
E. 100 MB
F. Unlimited
Answer: D
Q6. The Web Cache Communication Protocol (WCCP) is a content-routing protocol that can facilitate the redirection of traffic flows in real time. Your organization has deployed WCCP to redirect web traffic that traverses their Cisco Adaptive Security Appliances (ASAs) to their Cisco Web Security Appliances (WSAs).
The simulator will provide access to the graphical user interfaces of one Cisco ASA and one Cisco WSA that are participating in a WCCP service. Not all aspects of the GUIs are implemented in the simulator. The options that have been implemented are sufficient to determine the best answer to each of the questions that are presented.
Your task is to examine the details available in the simulated graphical user interfaces and select the best answer.
Between the Cisco ASA configuration and the Cisco WSA configuration, what is true with respect to redirected ports?
A. Both are configured for port 80 only.
B. Both are configured for port 443 only.
C. Both are configured for both port 80 and 443.
D. Both are configured for ports 80, 443 and 3128.
E. There is a configuration mismatch on redirected ports.
Answer: C
Explanation
This can be seen from the WSA Network tab shown below:
Q7. The Web Cache Communication Protocol (WCCP) is a content-routing protocol that can facilitate the redirection of traffic flows in real time. Your organization has deployed WCCP to redirect web traffic that traverses their Cisco Adaptive Security Appliances (ASAs) to their Cisco Web Security Appliances (WSAs).
The simulator will provide access to the graphical user interfaces of one Cisco ASA and one Cisco WSA that are participating in a WCCP service. Not all aspects of the GUIs are implemented in the simulator. The options that have been implemented are sufficient to determine the best answer to each of the questions that are presented.
Your task is to examine the details available in the simulated graphical user interfaces and select the best answer.
Between the Cisco ASA configuration and the Cisco WSA configuration, what is true with respect to redirected ports?
A. Both are configured for port 80 only.
B. Both are configured for port 443 only.
C. Both are configured for both port 80 and 443.
D. Both are configured for ports 80, 443 and 3128.
E. There is a configuration mismatch on redirected ports.
Answer: C
Explanation
This can be seen from the WSA Network tab shown below:
Q8. Access the configuration of the Cisco Email Security Appliance using the MailFlowPolicies tab. Within the GUI, you can navigate between the Host Access Table Overview and Mail Flow Policies tables. You can also navigate to the individual Mail Flow Policies and Sender Groups that are configured on the appliance.
Consider the configuration and the SenderBase Reputation Scores of the following fictitious domains when answering the four multiple choice questions.
A. red.public, -6
B. orange.public, -4
C. yellow.public, -2
D. green. .public, 2
E. blue.public, 6
F. violet.public, 8
Answer: D
Q9. Which three operating systems are supported with Cisco AMP for Endpoints? (Choose three.)
A. Windows
B. AWS
C. Android
D. Cisco IOS
E. OS X
F. ChromeOS
Answer: A C E
Explanation
http://www.cisco.com/c/en/us/products/security/fireamp-endpoints/index.html
Q10. Which two TCP ports can allow the Cisco Firepower Management Center to communication with FireAMP cloud for file disposition information? (Choose two.)
A. 8080
B. 22
C. 8305
D. 32137
E. 443
Answer: D E
Explanation
http://www.cisco.com/c/en/us/support/docs/security/sourcefire-fireamp-private-cloud-virtual-appliance/118336-
&pos=2&
page=http://www.cisco.com/c/en/us/support/docs/security/sourcefire-amp-appliances/118121-technote-sourcefir