Halloween Special - Limited Time 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: sntaclus

examout.co

In a Cisco AMP for Networks deployment, which disposition is returned if the cloud cannot be reached?

A.

unavailable

B.

unknown

C.

clean

D.

disconnected

Which connector is used to integrate Cisco ISE with Cisco FMC for Rapid Threat Containment?

A.

pxGrid

B.

FTD RTC

C.

FMC RTC

D.

ISEGrid

Which two remediation options are available when Cisco FMC is integrated with Cisco ISE? (Choose two.)

A.

dynamic null route configured

B.

DHCP pool disablement

C.

quarantine

D.

port shutdown

E.

host shutdown

Which action should you take when Cisco Threat Response notifies you that AMP has identified a file as malware?

A.

Add the malicious file to the block list.

B.

Send a snapshot to Cisco for technical support.

C.

Forward the result of the investigation to an external threat-analysis engine.

D.

Wait for Cisco Threat Response to automatically block the malware.

What is the maximum SHA level of filtering that Threat Intelligence Director supports?

A.

SHA-1024

B.

SHA-4096

C.

SHA-512

D.

SHA-256

Which two features of Cisco AMP for Endpoints allow for an uploaded file to be blocked? (Choose two.)

A.

application blocking

B.

simple custom detection

C.

file repository

D.

exclusions

E.

application whitelisting

Which Cisco Advanced Malware Protection for Endpoints policy is used only for monitoring endpoint actively?

A.

Windows domain controller

B.

audit

C.

triage

D.

protection

What is a valid Cisco AMP file disposition?

A.

non-malicious

B.

malware

C.

known-good

D.

pristine

A company is in the process of deploying intrusion prevention with Cisco FTDs managed by a Cisco FMC. An engineer must configure policies to detect potential intrusions but not block the suspicious traffic. Which action accomplishes this task?

A.

Configure IDS mode when creating or editing a policy rule under the Cisco FMC Intrusion tab in Access Policies section by unchecking the "Drop when inline" option.

B.

Configure IPS mode when creating or editing a policy rule under the Cisco FMC Intrusion tab in Access Policies section by checking the "Drop when inline" option.

C.

Configure IPS mode when creating or editing a policy rule under the Cisco FMC Intrusion tab in Access Policies section by unchecking the "Drop when inline" option.

D.

Configure IDS mode when creating or editing a policy rule under the Cisco FMC Intrusion tab in Access Policies section by checking the "Drop when inline" option.

A network administrator notices that remote access VPN users are not reachable from inside the network. It is determined that routing is configured correctly, however return traffic is entering the firewall but not leaving it What is the reason for this issue?

A.

A manual NAT exemption rule does not exist at the top of the NAT table.

B.

An external NAT IP address is not configured.

C.

An external NAT IP address is configured to match the wrong interface.

D.

An object NAT exemption rule does not exist at the top of the NAT table.