500-651 Exam - Security Architecture for Systems Engineer

NEW QUESTION 1
Which is a feature of E-mail Security?

• A. Layer-4 Monitoring
• B. UmbrellaC Outbreak Filters
• C. Investigate

Answer: C

NEW QUESTION 2
Which of AMP’s File capabilities deals with the problem of files passing through perimeter defenses that are later discovered to be a threat?

• A. Dynamic Analytics
• B. Trajectory
• C. Malware Security
• D. File Retrospection

Answer: D

Explanation: Tracks the spread of any file within your network and continuously monitors file reputation over time. If a file reputation changes to malicious or is found by file sandboxing to be malicious, AMP provides retrospective alerting in the after phase. AMP identifies every instance of the file within your network to address the problem of malicious files passing through perimeter defenses that are later deemed a threat.

NEW QUESTION 3
Which options describes how Cisco solutions enable customer's businesses?

• A. Enhancing remediation operations
• B. Having the fastest threat identification
• C. Automating the security intelligence updates
• D. Cisco platforms are open, agile and expandable

Answer: D

NEW QUESTION 4
Which is a key feature of Cisco Defense Orchestra?

• A. Profiles devices connected to customer s network
• B. Orchestrates security policy management form one place
• C. Consolidates configuration management
• D. Protects customers network against zero-day attacks

Answer: B

NEW QUESTION 5
Which is a security product that was covered in the Policy and access security module?

• A. Cisco NFGW
• B. Cisco Identity Services Engine
• C. Cisco NGIPS
• D. Cisco Defense Orchestrator

Answer: B

Explanation: ASAS Policy and Access SE Module 5

NEW QUESTION 6
Which feature discovers and controls malicious cloud apps connected to the corporate environ merit?

• A. Umbrella
• B. Cognitive Threat Analytics
• C. Cloudlock
• D. Investigate

Answer: C

Explanation: Cisco Cloudlock Apps Firewall discovers and controls malicious cloud apps connected to your corporate environment, and provides the world’s largest crowd-sourced security solution to identify individual app risk, using our Community Trust Rating.

NEW QUESTION 7
How does the Cisco AnyConnect AMP Module help to protect customer's networks?

• A. AMP is a unified agent that combines posture check and authentication across wired wireless, and VPN networks.
• B. AMP Module can profile devices before allowing them to connect
• C. AMP provides highly secure access for select enterprise mobile applications
• D. AnyConnect can deploy AMP for Endpoints for Windows or OSX

Answer: D

Explanation: ASAS Policy and Access SE Module 5

NEW QUESTION 8
Which is a key feature that Advanced Malware Protection provides?

• A. Dynamic Content Analysis
• B. Reputation Analytics
• C. Retrospective Security
• D. Dynamic URL Filtering

Answer: C

Explanation: ASAS Security Advanced Threats SE Module 6

NEW QUESTION 9
Which Stealthwatch component is a physical or virtual appliance that aggregates and normalizes NetFlow data?

• A. Investigate
• B. Stealthwatch Management Center
• C. Flow Collector
• D. UDP Director

Answer: C

NEW QUESTION 10
What is key feature of Cognitive Threat Analytics?

• A. It enables safe email usage with event Analytics
• B. It improves threat detection over time with machine learning
• C. It enhances anonymity with URL filtering
• D. It enables greater endpoint device profiling intelligence with entity modeling

Answer: B

Explanation: ASAS Security Advanced Threats SE Module

NEW QUESTION 11
Which three options are attack vectors protected by Email Security? (Choose three)

• A. Endpoints
• B. Offline Devices
• C. Mobile
• D. E-mail
• E. Voicemail
• F. Backups

Answer: ACD

Explanation: ASAS Security Web and Email SE Module 2

NEW QUESTION 12
Which Policy and Access solution technology combines posture checks and authentication across wired, wireless, and VPN networks?

• A. Cisco AnyConnect
• B. Next Generation Intrusion Prevention System
• C. Cisco Stealthwatch
• D. ASA 2100 series

Answer: A

Explanation: Cisco Cloud Security SE - Module 3

NEW QUESTION 13
Which product was covered in the Cisco Cloud App Security module?

• A. Cisco NGFW
• B. Cisco Defense Orchestrator
• C. Cisco AMP
• D. Cloud Cloudlock

Answer: D

NEW QUESTION 14
What feature of Anti-Spam Defense determines the reputation of an e-mail?

• A. IP addresses
• B. Threat analysis
• C. Context analysis
• D. Encryption score

Answer: C

NEW QUESTION 15
Which three Cisco solutions are covered in the Advanced Threat module? (Choose three.)

• A. Cognitive Threat Analytics
• B. Intrusion Analytics
• C. AMP
• D. Cisco Defense Orchestrator
• E. NGIPS
• F. Cisco ThreatGrid

Answer: ACF

Explanation: ASAS Security Advanced Threats SE Module 6

NEW QUESTION 16
How does AMP’s file reputation feature help customers?

• A. It automatically detects polymorphic variants of known malware
• B. It increases time to detection with exact data analytics
• C. It increases the protection to systems with exact fingerprinting
• D. It enables secure web browsing with cognitive threat analytics

Answer: A

NEW QUESTION 17
Which options Cisco solutions are coveredenable customer's businesses?

• A. Enhancing remediation operations
• B. Having the fastest threat identification
• C. Automating the security intelligence updates
• D. Their ability to keep customers networks more secure and make IT more productive

Answer: D

NEW QUESTION 18
Which Cisco Product is integrated with the AnyConnect Web Security Module?

• A. Cisco Stealthwatch
• B. Cisco Defense Orchestrator
• C. Cisco Cloud Web Security
• D. Cisco Email Security Appliance

Answer: C

Explanation: ASAS Policy and Access SE Module 5