Question 201
A network administrator is using the Cisco ESA with AMP to upload files to the cloud for analysis. The network is congested and is affecting communication. How will the Cisco ESA handle any files which need analysis?
A. The ESA immediately makes another attempt to upload the file.
B. The file upload is abandoned.
C. AMP calculates the SHA-256 fingerprint, caches it, and periodically attempts the upload.
D. The file is queued for upload when connectivity is restored
Question 202
An engineer is configuring a Cisco ESA and wants to control whether to accept or reject email messages to a recipient address.Which list contains the allowed recipient addresses?
A. SAT
B. BAT
C. HAT
D. RAT
Question 203
Why would a user choose an on-premises ESA versus the CES solution?
A. Sensitive data must remain onsite.
B. Demand is unpredictable.
C. The server team wants to outsource this service.
D. ESA is deployed inline.
Question 204
Which two features are used to configure Cisco ESA with a multilayer approach to fight viruses and malware? (Choose two.)
A. Sophos engine
B. white list
C. RAT
D. outbreak filters
E. DLP
Question 205
After a recent breach, an organization determined that phishing was used to gain initial access to the network before regaining persistence. The information gained from the phishing attack was a result of users visiting known malicious websites. What must be done in order to prevent this from happening in the future?
A. Modify web proxy settings.
B. Modify outbound malware scanning policies.
C. Modify identification profiles.
D. Modify an access policy.
Question 206
An engineer has enabled LDAP accept queries on a listener. Malicious actors must be prevented from quickly identifying all valid recipients. What must be done on the Cisco ESA to accomplish this goal?
A. Configure Directory Harvest Attack Prevention
B. Bypass LDAP access queries in the recipient access table.
C. Use Bounce Verification.
D. Configure incoming content filters.
Question 207
In which two ways does a system administrator send web traffic transparently to the Cisco WSA? (Choose two.)
A. use Web Cache Communication Protocol
B. configure AD Group Policies to push proxy settings
C. configure the proxy IP address in the web-browser settings
D. configure policy-based routing on the network infrastructure
E. reference a Proxy Auto Config file
Question 208
What is the function of the Context Directory Agent?
A. reads the AD logs to map IP addresses to usernames
B. relays user authentication requests from Cisco WSA to AD
C. maintains users' group memberships
D. accepts user authentication requests on behalf of Cisco WSA for user identification
Question 209
A network administrator is configuring a rule in an access control policy to block certain URLs and selects the `Chat and Instant Messaging` category. Which reputation score should be selected to accomplish this goal?
A. 5
B. 10
C. 3
D. 1
Question 210
A Cisco ESA network administrator has been tasked to use a newly installed service to help create policy based on the reputation verdict. During testing, it is discovered that the Cisco ESA is not dropping files that have an undetermined verdict. What is causing this issue?
A. The policy was created to send a message to quarantine instead of drop.
B. The file has a reputation score that is below the threshold.
C. The file has a reputation score that is above the threshold.
D. The policy was created to disable file analysis.
