Q11. Which command verifies that the correct CWS license key information was entered on the Cisco ASA? 

A. sh run scansafe server 

B. sh run scansafe 

C. sh run server 

D. sh run server scansafe 


Q12. What is a value that Cisco ESA can use for tracing mail flow? 

A. the FQDN of the source IP address 

B. the FQDN of the destination IP address 

C. the destination IP address 

D. the source IP address 


Q13. Which Cisco Security IntelliShield Alert Manager Service component mitigates new botnet, phishing, and web-based threats? 

A. the IntelliShield Threat Outbreak Alert 

B. IntelliShield Alert Manager vulnerability alerts 

C. the IntelliShield Alert Manager historical database 

D. the IntelliShield Alert Manager web portal 

E. the IntelliShield Alert Manager back-end intelligence engine 


Q14. Which port is used for CLI Secure shell access? 

A. Port 23 

B. Port 25 

C. Port 22 

D. Port 443 


Q15. If inline-TCP-evasion-protection-mode on a Cisco IPS is set to asymmetric mode, what is a side effect? 

A. Packet flow is normal. 

B. TCP requests are throttled. 

C. Embryonic connections are ignored. 

D. Evasion may become possible. 


Q16. What are the initial actions that can be performed on an incoming SMTP session by the workqueue of a Cisco Email Security Appliance? 

A. Accept, Reject, Relay, TCPRefuse 

B. LDAP Verification, Envelope Sender Verification, Bounce Verification, Alias Table Verification 

C. Recipient Access Table Verification, Host DNS Verification, Masquerading, Spam Payload Check 

D. SMTP Authentication, SBRS Verification, Sendergroup matching, DNS host verification 


Q17. What are two benefits of using SPAN with promiscuous mode deployment? (Choose two.) 

A. SPAN does not introduce latency to network traffic. 

B. SPAN can perform granular scanning on captures of per-IP-address or per-port monitoring. 

C. Promiscuous Mode can silently block traffic flows on the IDS. 

D. SPAN can analyze network traffic from multiple points. 

Answer: A,D 

Q18. What is the function of the Cisco Context Adaptive Scanning Engine in Cisco Hybrid Email Security services? 

A. It uses real-time traffic threat assessment to identify suspicious email senders and messages. 

B. It provides a preventive defense against viruses by scanning messages before they enter the network. 

C. It analyzes message content and attachments to protect an organization's intellectual property. 

D. It protects against blended threats by using human-like logic to review and evaluate traffic. 


Q19. What are three best practices for a Cisco Intrusion Prevention System? (Choose three.) 

A. Checking for new signatures every 4 hours 

B. Checking for new signatures on a staggered schedule 

C. Automatically updating signature packs 

D. Manually updating signature packs 

E. Group tuning of signatures 

F. Single tuning of signatures 

Answer: B,C,E 

Q20. Which command verifies that CWS redirection is working on a Cisco IOS router? 

A. show content-scan session active 

B. show content-scan summary 

C. show interfaces stats 

D. show sessions