500-265 Advanced Security Architecture System Engineer

Page 1   
Question 1

On average, how many pieces of new malware are created every second?

  • A. one
  • B. four
  • C. 20
  • D. 100

Answer : B

Question 2

Which component of Cisco network security is updated after an attack to help prevent
threats before they encounter the network again?

  • A. Cisco site-to-site VPN
  • B. Cisco Identity and Access Control
  • C. Cisco Email Security
  • D. Cisco Web Security Appliance
  • E. Sourcefire Next-Generation Intrusion Prevention System
  • F. Cisco ASA Next-Generation Firewall
  • G. Cisco Security Intelligence Operations

Answer : G

Question 3

Which component of Cisco network security builds on basic firewall capabilities by adding
web filtering, web email controls, and Cisco Application Visibility and Control?

  • A. Cisco Advanced Malware Protection for Networks
  • B. Cisco ASA Next-Generation Firewall
  • C. Sourcefire Next-Generation Intrusion Prevention System
  • D. Cisco Web Security Appliance

Answer : B

Question 4

Which VPN offering removes the need for point-to-point GRE tunnels?

  • A. standard IPsec VPN
  • B. Cisco Easy VPN
  • C. Cisco GRE-based VPN
  • D. Cisco DMVPN
  • E. Cisco GET VPN

Answer : E

Question 5

Which feature of the Cisco security appliance provides "who-what-where-when-how"
information about any requests for network access?

  • A. basic management
  • B. web application controls
  • C. authorized access
  • D. Cisco Application Visibility and Control
  • E. context awareness

Answer : E

Question 6

Which Cisco ASA Next-Generation Firewall service restricts websites and web application
usage based on the reputation of the site?

  • A. Cisco Web Security Appliance
  • B. Cisco Web Security Essentials
  • C. Intelligent Detection
  • D. Authorized Access
  • E. SSL Decryption

Answer : B

Question 7

Which two options are benefits of Cisco Application Visibility and Control for
administrators? (Choose two.)

  • A. It ensures device compliance.
  • B. It restricts only entire applications.
  • C. It limits individual or group-based access to certain application components.
  • D. You can gain greater visibility into devices that are accessing the network.
  • E. You can access the contents of each device remotely.

Answer : A,C

Question 8

Which Cisco IPS feature adapts in real time to detect and block intrusions that range from
never-before-seen worms to the most sophisticated and subtle criminal attacks?

  • A. file-type detection
  • B. intelligent detection
  • C. user identity tracking
  • D. SSL decryption
  • E. impact assessment
  • F. automated policy tuning

Answer : B

Question 9

Which two features of AMP are available in Cisco AMP for Networks that are not available
in Cisco AMP for Content alone? (Choose two.)

  • A. trajectory
  • B. retrospective security
  • C. dynamic analytics
  • D. behavioral indications of compromise
  • E. fuzzy fingerprinting
  • F. one-to-one signature

Answer : A,D

Question 10

Which solution is the most effective for virus cleanup?

  • A. Cisco Firewall with Authorized Access
  • B. Cisco DMVPN with GRE Tunnels
  • C. Cisco Easy VPN with Remote-Site Device Management
  • D. Cisco AMP for Networks with File Trajectory
  • E. Cisco SIO with Increased Visibility
  • F. Cisco ISE with Automated Policy Tuning

Answer : D

Question 11

What is the primary reason that customers need content security today?

  • A. Companies are more spread out than ever before.
  • B. Organizations need to block high-risk websites.
  • C. Network traffic is growing at an exponential rate.
  • D. Storage is moving from on-premises to cloud-based.
  • E. More business is done using the web and email than ever before.

Answer : E

Question 12

Which feature of content security enables administrators to block Facebook videos while
allowing posts and messages?

  • A. dynamic content analysis
  • B. Cisco Application Visibility and Control
  • C. centralized management and reporting
  • D. encryption

Answer : B

Question 13

Reputation filtering performs which two functions? (Choose two.)

  • A. rates each site based on a reputation score
  • B. automatically updates devices based on threats
  • C. tunes itself according to relevance to the network
  • D. communicates with Cisco SenderBase, which is a common security database
  • E. analyzes in-depth parameters for anything that requests network access

Answer : A,D

Question 14

Which two advanced malware protection features are available on Cisco AMP for Content?
(Choose two.)

  • A. URL filtering
  • B. retrospective security
  • C. attack chain weaving
  • D. breach hunting
  • E. trajectory
  • F. behavioral indications of compromise

Answer : A,B

Question 15

Which option best describes granular app control using application visibility and control?

  • A. blocking harmful sites based on content, such as pokerstars.com
  • B. blocking World of Warcraft but allowing Google+
  • C. blocking Facebook games but allowing Facebook posts
  • D. blocking Twitter to increase employee productivity

Answer : C

Page 1