Q1. Which two practices are recommended for implementing NIPS at enterprise Internet edges? (Choose two.) 

A. Integrate sensors primarily on the more trusted side of the firewall (inside or DMZ interfaces). 

B. Integrate sensors primarily on the less trusted side of the firewall (outside interfaces). 

C. Implement redundant IPS and make data paths symmetrical. 

D. Implement redundant IPS and make data paths asymmetrical. 

E. Use NIPS only for small implementations. 

Answer: A,C 


Q2. Which statement about Cisco IPS Manager Express is true? 

A. It provides basic device management for large-scale deployments. 

B. It provides a GUI for configuring IPS sensors and security modules. 

C. It enables communication with Cisco ASA devices that have no administrative access. 

D. It provides greater security than simple ACLs. 

Answer:


Q3. Which Cisco Security IntelliShield Alert Manager Service component mitigates new botnet, phishing, and web-based threats? 

A. the IntelliShield Threat Outbreak Alert 

B. IntelliShield Alert Manager vulnerability alerts 

C. the IntelliShield Alert Manager historical database 

D. the IntelliShield Alert Manager web portal 

E. the IntelliShield Alert Manager back-end intelligence engine 

Answer:


Q4. Which type of signature is generated by copying a default signature and modifying its behavior? 

A. meta 

B. custom 

C. atomic 

D. normalized 

Answer:


Q5. Which Cisco IPS CLI command shows the most fired signature? 

A. show statistics virtual-sensor 

B. show event alert 

C. show alert 

D. show version 

Answer:


Q6. Which Cisco technology is a modular security service that combines a stateful inspection firewall with next-generation application awareness, providing near real-time threat protection? 

A. Cisco ASA 5500 series appliances 

B. Cisco ASA CX Context-Aware Security 

C. WSA 

D. Internet Edge Firewall / IPS 

Answer:


Q7. Who or what calculates the signature fidelity rating in a Cisco IPS? 

A. the signature author 

B. Cisco Professional Services 

C. the administrator 

D. the security policy 

Answer:


Q8. CCORRECT TEXT 

Answer: Steps are in Explanation below: 


Q9. Which Cisco ASA configuration command drops traffic if the Cisco ASA CX module fails? 

A. no fail-open 

B. fail-close 

C. fail-close auth-proxy 

D. auth-proxy 

Answer:


Q10. Which configuration mode enables a virtual sensor to monitor the session state for unidirectional traffic? 

A. asymmetric mode 

B. symmetric mode 

C. loose mode 

D. strict mode 

Answer: