Q31. Refer to the exhibit. 

Which four rows exhibit the correct WCCP service to protocol assignments? (Choose four.) 

A. Row 1 

B. Row 2 

C. Row 3 

D. Row 4 

E. Row 5 

F. Row 6 

G. Row 7 

H. Row 8 

Answer: B,D,F,H 

Q32. Which two GUI options display users' activity in Cisco Web Security Appliance?.(Choose two.) 

A. Web Security Manager Identity Identity Name 

B. Security Services Reporting 

C. Reporting Users 

D. Reporting Reports by User Location 

Answer: C,D 

Q33. You ran the ssh generate-key command on the Cisco IPS and now administrators are unable to connect. Which action can be taken to correct the problem? 

A. Replace the old key with a new key on the client. 

B. Run the ssh host-key command. 

C. Add the administrator IP addresses to the trusted TLS host list on the IPS. 

D. Run the ssh authorized-keys command. 


Q34. Which three search parameters are supported by the Email Security Monitor? (Choose three.) 

A. Destination domain 

B. Network owner 

C. MAC address 

D. Policy requirements 

E. Internal sender IP address 

F. Originating domain 

Answer: A,B,E 

Q35. Refer to the exhibit. 

What CLI command generated the output? 

A. smtproutes 

B. tophosts 

C. hoststatus 

D. workqueuestatus 


Q36. Which three options are characteristics of router-based IPS? (Choose three.) 

A. It is used for large networks. 

B. It is used for small networks. 

C. It supports virtual sensors. 

D. It supports multiple VRFs. 

E. It uses configurable anomaly detection. 

F. Signature definition files have been deprecated. 

Answer: B,D,F 

Q37. Which three zones are used for anomaly detection? (Choose three.) 

A. Internal zone 

B. External zone 

C. Illegal zone 

D. Inside zone 

E. Outside zone 

F. DMZ zone 

Answer: A,B,C 

Q38. Which two practices are recommended for implementing NIPS at enterprise Internet edges? (Choose two.) 

A. Integrate sensors primarily on the more trusted side of the firewall (inside or DMZ interfaces). 

B. Integrate sensors primarily on the less trusted side of the firewall (outside interfaces). 

C. Implement redundant IPS and make data paths symmetrical. 

D. Implement redundant IPS and make data paths asymmetrical. 

E. Use NIPS only for small implementations. 

Answer: A,C 

Q39. What Event Action in an IPS signature is used to stop an attacker from communicating with a network using an access-list? 

A. Request Block Host 

B. Deny Attacker Inline 

C. Deny Connection Inline 

D. Deny Packet Inline 

E. Request Block Connection 


Q40. Which Cisco Web Security Appliance design requires minimal change to endpoint devices? 

A. Transparent Mode 

B. Explicit Forward Mode 

C. Promiscuous Mode 

D. Inline Mode