NGFWEAM 700-270

1.

1 point

What does the NSS Labs Next Generation Firewall Security Value Map measure?

Total cost of ownership vs advertised maximum throughput

Security effectiveness vs total system downtime

Security effectiveness vs total cost of ownership

Security effectiveness vs advertised maximum throughput

2.

1 point

Which option represents an indirect system-performance impact by location?

Physical device placement

Number of features that are enabled

Different average packet sizes

Different traffic types

3.

1 point

Which option best describes the role of IoC (Indications of Compromise)?

A flag that indicates that a host operating system needs patching

An impact flag of an infection event

Statically assigned target values on a host

Tags on a host that indicate that an infection event has occurred

4.

1 point

Which three FirePOWER services features require a subscription license? (Choose three)

IPS

High Availability

AVC

Identity Visibility

AMP

URL Filtering

5.

1 point

Where are files that are awaiting a disposition check held during file analysis?

Cisco ASA SSD drive

Cloud based company-specific repository

Isolated VLAN

Cloud based sandbox

6.

1 point

In stateful firewall application, inspection occurs at which layer of OSI model?

3

4

7

2

7.

1 point

Which FirePOWER services deployment mode is recommended for customer evaluations?

SPAN

Inline

IDS

Monitor-Only

8.

1 point

A customer wants to block instant messaging within Facebook Chat for its employees. Which feature licensing option provides this capability?

Default FirePOWER Services

AVC

URL

IPS

Botnet filtering

9.

1 point

What is the minimum Cisco ASA software version that is required to support FirePOWER services?

9.4

8.6

9.1.2

9.2.2

10.

1 point

Which management application can be deployed as a physical or virtual appliance to configure security policy for the FirePOWER services module?

Cisco Security Manager

Cisco ASDM

FirePOWER services module CLI

FireSIGHT Management Center

11.

1 point

Which FirePOWER services capability supports seamless processing after an adaptive security appliance stateful failover event?

TCP intercept

FireSIGHT central policy distribution

Midsession pickup

SFR stateful failover

12.

1 point

Which FirePOWER services feature is included by default?

IPS

URL

AVC

AMP

13.

1 point

NGIPS rule sets are configured using which management application?

FireSIGHT Management Center

Cisco IDM

Cisco IME

Cisco ASDM

14.

1 point

How is traffic forwarded from the Cisco ASA to the FirePOWER services module for analysis?

SFR has a dedicated data interface

SFR is a standalone appliance that is inserted inline in the data path

A service policy redirects traffic from the Cisco ASA packet-processing path to the SFR

SFR is transparent and automatically sees all traffic

15.

1 point

Which recommendation should be made to increase scalability, performance and resiliency?

Deploy Cisco ASA Clustering

Upgrade the current Cisco ASA

Upgrade from the FirePOWER software module to hardware module

Create a Cisco ASA failover pair

16.

1 point

Which FireSIGHT Management Center appliance is required to support up to 100 managed devices?

2000

4000

500

750

17.

1 point

What is the advantage of leveraging an external intelligence source for security policy?

Provision of real-time dynamic analytics

Provision of industry-best practices document

Provision of software upgrades and bug fixes

Provision of outsourced security personnel

18.

1 point

File trajectory services are configured using which management application?

Cisco Security Manager (CSM)

Cisco ASDM

Cisco Prime Infrastructure

FireSIGHT Management Center

19.

1 point

With which hardware option must Cisco ASA models below the 5585-X be sold to support FirePOWER services?

SSP module

FirePOWER service bundle

SSD

FireSIGHT Management Center

20.

1 point

When deploying the Cisco ASA with FirePOWER services module, which two functions are performed by the Cisco ASA?

NAT

File disposition checks

TCP interecept

File capturing

Application visibility and control

21.

1 point

Which three features are considered next-generation firewall capabilities?

Identity-based controls

External intelligence to enhance controls

VPN

NAT

Application visibility and control

RFC-based inspection

22.

1 point

A file-type embedded attack is an example of which IoC event category?

IPS

Malware

Firewall

Security Intelligenceq

23.

1 point

Which enhancement is added to URL filtering that is performed by the FirePOWER services module?

Regular expressions

Categories

IP address filters

Reputation scores

24.

1 point

Which FirePOWER services feature is associated with FireSIGHT recommendations that may be automatically applied as policy?

AMP

URL Filtering

AVC

IPS

25.

1 point

Which type of Cisco Services offering is aimed at helping customers to plan and upgrade new FirePOWER deployments?

Cisco SMARTnet

Cisco Managed Services

Cisco Migration Services

Cisco Advanced Services

26.

1 point

A file that was previously marked as “clean” has its disposition changed to “malware”. Which FirePOWER feature license is required to enable analysis of the file propagation path within the network?

AMP

AVC

IPS

URL

27.

1 point

Which AMP feature provides continuous analysis capabilities?

Retrospection

File Analysis

File Reputation

Sandboxing

28.

1 point

Which two guidelines are important when showing proof of value using Cisco dCloud?

Prepare primary customer takeaways

Install FireSIGHT Management Center on a demonstration workstation

Ensure the customer has Cisco SIO cloud access

Ensure that the correct software versions are installed on demonstration equipment

Have demonstration screens open and prepopulated with data

29.

1 point

What is the maximum number of Cisco ASA5585-X appliances that are supported in a cluster?

2

16

20

8

30.

1 point

Which subscription license terms are available for FirePOWER services features?

1, 2, and 3 years

1 and 5 years

1 and 2 years

1 and 3 years

31.

1 point

Connections to known CnC sites are examples of which IoC event category?

IPS

Firewall

Malware

Security Intelligence

32.

1 point

Which security technique should be implemented to remediate after a threat is discovered?

Application control

Web security deployment

NGIPS rule set

Retrospection

33.

1 point

Which two network visibility categories are supported by FirePOWER services beyond a typical next-generation firewall solution?

Operating systems

Users

File transfers

Mobile devices

Applications

34.

1 point

Which version of AMP is available on the Cisco ASA with FirePOWER services module?

Applications

Endpoint

Network

Content

35.

1 point

Which two high-availability deployment modes support FirePOWER services?

Multi Context

Active/Active

Active/Standby

Monitor Mode

Clustering

36.

1 point

Which mode of IPS deployment enforces blocking actions on malicious traffic?

Monitor

Inline

Out-of-band

Passive

37.

1 point

Which security features can be applied in the “after” stage of the attack continuum?

VPNs

Stateful firewall installation

Advanced malware protection

NGIPS

38.

1 point

Which Cisco ASA model provides integrated wireless access-point that are ideal for branch offices?

Cisco ASA5510W-X

Cisco ASA5505W-X

Cisco ASA5507W-X

Cisco ASA5506W-X

39.

1 point

Stateful firewalls are an example of which type of security method?

Mitigation

Remediation

Proactive

Reactive

40.

1 point

Which impact flag indicates that action is to be taken immediately?

0

3

1

4

41.

1 point

Which three options are important when positioning a next-generation firewall solution?

Non-proprietary

Interoperability

Current Install Base

Resistance to evasion

Performance

Stability

42.

1 point

What is the level of granularity that supported by application visibility and control?

Filtering of HTTP packets

Filtering by TCP/UDP ports

Filtering of instant messaging within an HTTP packet

Filtering by IP address

43.

1 point

What are two challenges that are faced by traditional defense-in-depth security solutions?

They require that all components be provided by a single vendor

Applying security policy is generally by manual and static methods

Security services must be outsourced

They mandate network change control

Large amounts of logged data lead to poor threat visibility

44.

1 point

What option is an attribute of a day-zero attack?

It consists of a set of known threat vectors

It can be mitigated through the external intelligence and contextual awareness

It can be mitigated with content inspection that is based on static rule sets

It can be prevented through RFC application-level compliance check

45.

1 point

Which two options are objectives that defined as part of the “before” stage of the attack continuum?

Retrospection

Enforce

Shun

Detect

Harden

46.

1 point

Which product supports the FirePOWER services hardware module?

Cisco ASA5555-X

Cisco ASA5585-X

Cisco ASA5525-X

Cisco ASA5800-X

47.

1 point

Which two deployment options are available for FireSIGHT Management Center?

Dedicated appliance

Module embedded in Cisco Prime Infrastructure

Window server

On-box application for Cisco ASA

Virtual machine

48.

1 point

Which application is required to support adding user information from MS Active Directory to FirePOWER events?

Cisco ASA Identity Firewall

Sourcefire User Agent

Cisco Discovery Agent

MS Active Directory Agent

49.

1 point

Which standout capabilities of FirePOWER Services are not available in other next-generation firewall?

File Trajectory & Retrospection

URL Filtering

Firewall HA

AVC

50.

1 point

Which method of discovery is used during impact assessment?

Inline

Passive

Heuristic analysis

Statistical analysis