500-265

Question 1

What is the single best set of benefits form a Cisco switched campus solution? Select exactly 1 answer(s) from the following:
A. Streamlined communications, customer responsiveness, and operational efficiency
B. Software-based routing capabilities and enhanced QoS
C. Network intelligence, enhanced QaS, borderless security, availability, resiliency
D. Intelligent network devices combined with integrated application modules

Answer 1

C

Question 2

Which Cisco Secure Access solution provides centralized policy management to give administrators more granular control over access authorization?
A. Cisco Identity Services Engine
B. Cisco TrustSec
C. Cisco Advanced Malware Protection for Endpoints
D. Cisco AnyConnect
E. Cisco ASA Next-Generation Firewall

Answer 2

A

Question 3

What is the main reason that customers need Cisco Secure Access?
A. Companies use more social media than ever before.
B. Organizations need to block high-risk websites.
C. Network traffic is growing at an exponential rate.
D. Storage is moving from on-premises to cloud-based.
E. More devices are connecting on and off campus.
F. More business is done using the web and email than ever before.

Answer 3

E

Question 4

If a customer complains that employees access websites for work but then waste time with games and videos, which solution should you suggest, and why?
A. Cisco AMP, for protection before, during, and after attacks
B. Cisco WSA, for its URL filtering ability
C. Cisco RSA, for its data loss prevention
D. Cisco WSA, for its application visibility and control
E. Cisco ESA, for its global threat operations
F. Cisco ESA, for its antivirus capabilities

Answer 4

D

Question 5

Cisco Email Security is ideal for which type of customer?
A. customers who need sensitive data to remain onsite
B. customers whose expectations are set
C. customers who do not need cloud services
D. customers who want to move services to the cloud

Answer 5

A

Question 6

After a user prepares and sends an encrypted message to a recipient, what is the next step?
A. The decrypted message is displayed to the recipient.
B. The encrypted message is displayed to the recipient.
C. The email is forwarded to new users to be authenticated.
D. The encryption key is stored in the Cisco ESA servers.
E. The customer receives an encrypted message that requires a decryption

Answer 6

E

Question 7

On average, email security Outbreak Filters identify and stop threats how many hours sooner than the next major AV vendor?
A. 24 hours sooner
B. 13 hours sooner
C. one hour sooner
D. no sooner, because Outbreak Filters do not identify and stop threats

Answer 7

B

Question 8

The first phase of email security analyzes “who-what-where-when-how” information and context-based policies during which component of threatdetection?
A. antivirus defense
B. advanced malware protection for email
C. outbreak filters
D. data loss prevention
E. encryption
F. antispam defense

Answer 8

F

Question 9

Which option best describes granular app control using application visibility and control?
A. blocking harmful sites based on content, such as pokerstars.com
B. blocking World of Warcraft but allowing Google+
C. blocking Facebook games but allowing Facebook posts
D. blocking Twitter to increase employee productivity

Answer 9

C

Question 10

Which two advanced malware protection features are available on Cisco AMP for Content? (Choose two.)
A. URL filtering
B. retrospective security
C. attack chain weaving
D. breach hunting
E. trajectory
F. Behavioral indication of compromise

Answer 10

A B

Question 11

Reputation filtering performs which two functions? (Choose two.)
A. rates each site based on a reputation score
B. automatically updates devices based on threats
C. tunes itself according to relevance to the network
D. communicates with Cisco SenderBase, which is a common security database
E. analyzes in-depth parameters for anything that requests network access

Answer 11

A D

Question 12

Which feature of content security enables administrators to block Facebook videos while allowing posts and messages?
A. dynamic content analysis
B. Cisco Application Visibility and Control
C. centralized management and reporting
D. encryption

Answer 12

B

Question 13

Which Cisco technology solution can resolve a customer’s inability to properly restrict and authorize access to protected resources, while still introducingnew applications, devices, and business partnerships?
A. Cisco TrustSec
B. Cisco Data Center Management Policy Implementation
C. Cisco Data Center Virtualization and Cloud
D. Cisco Cyber Threat Defense
E. Cisco Application Centric Infrastructure
F. Cisco Secure Data Center
G. Cisco Security Intelligence Operations

Answer 13

A

Question 14

Why do companies need the quickly scalable Cisco Secure Data Center virtualization and cloud technology solution?
A. Fifty-six percent of employees who leave a company take private information with them.
B. Competitors are gaining a 33 percent market share.
C. Administrators are allowing a growing number of BYOD devices.
D. Staff is unable to keep up with newer data center technology.
E. Provisioning time for data centers has decreased from eight weeks to 15 minutes.
F. Management is expected to decrease IT budgets by 25 percent.

Answer 14

E

Question 15

Why do companies need Cisco Cyber Threat Defense?
A. They have a lack of segmented or differentiated access.
B. They are inundated with advanced persistent threats.
C. They need to add and provision servers faster than ever.
D. They have increased bandwidth needs, and they allow BYOD.
E. They have an infrastructure of overlapping rule sets, complex inheritance, and oversubscription.
F. They need cost-effective security management outsourcing.

Answer 15

B

Question 16

Which integrated technology solution deals with application-centric infrastructures?
A. Cisco Unified Access
B. Cisco Security as a Service
C. Cisco Cyber Threat Defense
D. Cisco Secure Data Center
E. Cisco TrustSec

Answer 16

D

Question 17

Which Cisco Secure Access solution should you recommend to a customer who is experiencing access complications due to too many policies and toomany user groups?
A. Cisco AnyConnect
B. Cisco TrustSec
C. Cisco ISE
D. Cisco AMP for Endpoints
E. Cisco site-to-site VPN
F. Cisco SIO

Answer 17

B

Question 18

How does the Device Trajectory feature work?
A. It searches for potential threats based on identified activities.
B. It tracks file behavior across the network to see which devices it enters and exits.
C. It analyzes the data from file and process retrospection to provide a new level of threat intelligence.
D. It isolates suspicious files and runs tests to determine their authenticity.
E. It tracks file behavior on a device to pinpoint the root cause of a compromise.

Answer 18

E

Question 19

Consider the process that begins with file retrospection, continues to interrogate the file and update its disposition over time, then records the pathwaythat the software and files take from device to device. This process is an example of which Cisco AMP feature?
A. file reputation
B. attack chain weaving
C. breach hunting
D. file sandboxing
E. machine learning

Answer 19

B

Question 20

In the Cisco TrustSec “User to Data Center Access Control” use case, which users typically have access to the company data center?
A. suppliers
B. employees
C. noncompliant users
D. guests

Answer 20

B

Question 21

Which two features of Cisco ISE contribute to guest access management? (Choose two.)
A. employee-sponsored network access
B. faster device onboarding
C. guest access and activity tracking
D. accelerated security options
E. site-to-site VPNs
F. clientless network access

Answer 21

A C

Question 22

Which Cisco Identity Services Engine feature controls access and policies for campuses and branches, wired and wireless devices, and guests, from a single location?
A. centralized policy management
B. compliance
C. URL filtering
D. SSL decryption
E. extensive BYOD support

Answer 22

A

Question 23

Which two add-ons are available for the AnyConnect Premium license? (Choose two.)
A. mobile license
B. basic license
C. management license
D. essentials license
E. advanced endpoint assessment
F. BYOD license

Answer 23

A E

Question 24

Which two features of Cisco AnyConnect contribute to secure remote access? (Choose two.)
A. guest access management
B. superior clientless network access
C. accelerated security options
D. compliance and tracking
E. context-aware access
F. extensive BYOD support
G. centralized management

Answer 24

B F

Question 25

What is the primary reason that customers need content security today?
A. Companies are more spread out than ever before.
B. Organizations need to block high-risk websites.
C. Network traffic is growing at an exponential rate.
D. Storage is moving from on-premises to cloud-based.
E. More business is done using the web and email than ever before.

Answer 25

E

Question 26

Which solution is the most effective for virus cleanup?
A. Cisco Firewall with Authorized Access
B. Cisco DMVPN with GRE Tunnels
C. Cisco Easy VPN with Remote-Site Device Management
D. Cisco AMP for Networks with File Trajectory
E. Cisco SIO with Increased Visibility
F. Cisco ISE with Automated Policy Tuning

Answer 26

D

Question 27

Which two features of AMP are available in Cisco AMP for Networks that are not available in Cisco AMP for Content alone? (Choose two.)
A. trajectory
B. retrospective security
C. dynamic analytics
D. behavioral indications of compromise
E. fuzzy fingerprinting
F. one-to-one signature

Answer 27

A D

Question 28

Which Cisco IPS feature adapts in real time to detect and block intrusions that range from never- before-seen worms to the most sophisticated andsubtle criminal attacks?
A. file-type detection
B. intelligent detection
C. user identity tracking
D. SSL decryption
E. impact assessment
F. automated policy tuning

Answer 28

B

Question 29

Which two options are benefits of Cisco Application Visibility and Control for administrators? (Choose two.)
A. It ensures device compliance.
B. It restricts only entire applications.
C. It limits individual or group-based access to certain application components.
D. You can gain greater visibility into devices that are accessing the network.
E. You can access the contents of each device remotely.

Answer 29

A C

Question 30

Which component of Cisco network security builds on basic firewall capabilities by adding web filtering, web email controls, and Cisco ApplicationVisibility and Control?
A. Cisco Advanced Malware Protection for Networks
B. Cisco ASA Next-Generation Firewall
C. Sourcefire Next-Generation Intrusion Prevention System
D. Cisco Web Security Appliance

Answer 30

B

Question 31

Which component of Cisco network security is updated after an attack to help prevent threats before they encounter the network again?
A. Cisco site-to-site VPN
B. Cisco Identity and Access Control
C. Cisco Email Security
D. Cisco Web Security Appliance
E. Sourcefire Next-Generation Intrusion Prevention System
F. Cisco ASA Next-Generation Firewall
G. Cisco Security Intelligence Operations

Answer 31

G

Question 32

On average, how many pieces of new malware are created every second?
A. one
B. four
C. 20
D. 100

Answer 32

B

Question 33

Which feature is a primary feature of Cisco AnyConnect?
A. role-based policy management
B. context-aware access
C. secure and flexible remote access
D. SSL decryption

Answer 33

C

Question 34

Cisco Secure Access Solutions delivers a secure connection to a continually growing number of endpoints. This statement is an example of which Cisco value?
A. time-to-value
B. protection
C. control
D. scalability
E. flexibility
F. agility

Answer 34

E

Question 35

Which three solutions are Cisco Secure Access solutions? (Choose three.)
A. Cisco Remote-Access VPN
B. Cisco Identity and Access Control
C. Cisco Email Security
D. Cisco Web Security Appliance
E. Sourcefire Next-Generation Intrusion Prevention System
F. Cisco Advanced Malware Protection for Endpoints
G. Cisco security appliance
H. Cisco Security Manager

Answer 35

A B G

Question 36

Which two features are part of site-to-site VPN? (Choose two.)
A. web email controls
B. user identity traction
C. SSL decryption
D. Snort technology
E. remote access
F. seamless connection with Cisco ASA

Answer 36

E F

Question 37

Cisco network security offers unmatched visibility and control of network and application traffic.
This statement describes which Cisco value?
A. time-to-value
B. protection
C. control
D. scalability
E. flexibility
F. agility

Answer 37

C

Question 38

Which Cisco ASA Next-Generation Firewall service restricts websites and web application usage based on the reputation of the site?
A. Cisco Web Security Appliance
B. Cisco Web Security Essentials
C. Intelligent Detection
D. Authorized Access
E. SSL Decryption

Answer 38

B

Question 39

Which four solutions are Cisco network security solutions? (Choose four.)
A. Cisco site-to-site VPN technologies
B. Cisco Identity and Access Control
C. Cisco Email Security
D. Cisco Web Security Appliance
E. Sourcefire Next-Generation Intrusion Prevention System
F. Cisco ASA Next-Generation Firewall
G. Cisco security appliance
H. Cisco Remote-Access VPN

Answer 39

A E F G

Question 40

Which two features are components of the Cisco Web Security Appliance? (Choose two.)
A. encryption
B. URL filtering
C. user identity tracking
D. antispam defense
E. impact assessment
F. Cisco Application Visibility and Control
G. context awareness
H. device profiling and onboarding

Answer 40

B F

Question 41

Cisco Content Security integrates seamlessly with existing security and network infrastructures.
This statement describes which Cisco value?
A. time-to-value
B. protection
C. control
D. scalability
E. flexibility
F. agility

Answer 41

E

Question 42

Which two solutions are main components of Cisco Content Security? (Choose two.)
A. Cisco ASA Next-Generation Firewall
B. Cisco Web Security
C. Cisco Remote-Access VPN
D. Sourcefire Next-Generation Intrusion Prevention System
E. Cisco Email Security
F. Cisco Advanced Malware Protection

Answer 42

B E

Question 43

Which Cisco security technology delivers the best real-time threat intelligence?
A. Cisco ASA Next-Generation Firewall
B. Cisco Identity Services Engine
C. Cisco Security Manager
D. Cisco Security Intelligence Operations
E. Cisco TrustSec

Answer 43

D

Question 44

Which three values should you use to position Cisco security solutions? (Choose three.)
A. time-to-value
B. protection
C. control
D. integration
E. flexibility
F. agility
G. scalability

Answer 44

B C E

Question 45

In the Cisco future solutions architecture framework, the security solutions are directly built upon which component?
A. management and intelligence capabilities
B. Cisco security platforms
C. third-party applications
D. security intelligence operations

Answer 45

B

Question 46

The current Cisco comprehensive framework solutions are divided into which three categories? (Choose three.)
A. Content Security
B. Cloud Security
C. Network Security
D. Access Security
E. Data Center Security
F. Internet Security
G. Advanced Malware Protection

Answer 46

A C D

Question 47

Which three options describe the main problems with traditional security solutions? (Choose three.)
A. fragmented solutions
B. the lack of management solutions
C. missing components
D. solutions being pieced together
E. the lack of a cloud solution
F. the lack of a firewall
G. security gaps

Answer 47

A D G

Question 48

Which two business use trends have surfaced in the last five years and require nontraditional security? (Choose two.)
A. BYOD
B. Wi-Fi connections
C. partial URL and application blocking
D. third-party applications
E. web and email attacks
F. a large number of remote employees

Answer 48

A F

Question 49

Which feature of the Cisco security appliance provides “who-what-where-when-how” information about any requests for network access?
A. basic management
B. web application controls
C. authorized access
D. Cisco Application Visibility and Control
E. context awareness

Answer 49

E

Question 50

Which VPN offering removes the need for point-to-point GRE tunnels?
A. standard IPsec VPN
B. Cisco Easy VPN
C. Cisco GRE-based VPN
D. Cisco DMVPN
E. Cisco GET VPN

Answer 50

E

Question 51

ISE

Answer 51

Before:
Centralized Policy Management
Guest Management
Context Aware access
Device Profiling and Onboarding
After:
Rapid Threat Containment

Question 52

AMP for Network

Answer 52

Before:
File reputation
During:
File sandboxing
File reputation

Question 53

AMP for Endpoints

Answer 53

Behavioral indication of compromise
retrospective security
attack chain weaving
breach hunting
trajectory

Question 54

Web Security

Answer 54

Before:
Web Filtering
Web reputation
Application Visibility and Control
During:
Web Page
Anti-Malware
File Reputation-AMP
Outbreak Intelligence
DLP Integration
After:
File Sandboxing
File Retrospection
Cognitive Threat Analytics

Question 55

Email Security

Answer 55

1. Anti Spam Defense
2. Outbreak Filters
3. Antivirus Engines/Defense
4. AMP
5. DLP
6. Encryption

Question 56

Which Feature has Cisco partnered with Sophos and McAfee to provide as part of email security solution?
A. advanced malware prtection
B.encryption
C. Outbreak filters
D. antivirus defense

Answer 56

D

Question 57

Which feature of Cisco cyber threat Defense use mote than 40 detectors to process every HTTP or Https request in the network?
A. event classification
B.anomaly detection
C.relationship modeling
D. trust modeling

Answer 57

B

Question 58

Which feature of web Security breaks a webpage into it core components such as HTML,scripts and Flash and then analyzes how each component net behaves before allowing access?
A. Security intelligence opertions
B. core webpage analyzer
C. real-time snadboxing
D. outbreak intelligence engine

Answer 58

D

Question 59

Which management solution is ideal for customers who require a cloud-based policy management solution?
A. Cisco Firepower management Center
B. Cisco Defense Orchestrator
C. FireSight
D. Cisco ASDM
E. Cisco Talos

Answer 59

B

Question 60

Which two options are standard functions of stateful firewall? Choose two
A. IP fragmentation
B. NGIPS
C.access control list
D. NGFW
E. File trajectory

Answer 60

A C

Question 61

Which feature of Cisco Stealthwatch leverages deep network visibility to get a full picture of network activity and identity suspicious behaviors?
A. Cisco AMP
B. threat-based anomaly detection
C. forensic investigation
D. Netflow monitoring.

Answer 61

B

Question 62

Which two options are features of the threat analysis capability of NGIPS? Choose two
A. Network Behavior 
B. User identity tracking
C. file reputation
D. impact analysis
E. Behavior assessment

Answer 62

A B

Question 63

Which two actions does reputation filtering take which are an important part web security threat defense?
A. communicates with Cisco Sender Base
B. rates each site based on a reputation score
C. auto updates devices based on threats
D. tunes itself according to relevance to the network
E. analyzes in-depth parameters for anything requestiong network access.

Answer 63

A B

Question 64

Which two statements about the Cisco IronPort WSA and Cisco ASA CX Context-Aware
Security are true? (Choose two.)
A. The Cisco WSA operates on all TCP-based ports, while Cisco ASA CX inspects TCP port 80 only.
B. The Cisco WSA is a secure web proxy, while Cisco ASA CX is an inline device.
C. The Cisco WSA offers comprehensive web security, while Cisco ASA CX offers next- generation firewall features.
D. The Cisco WSA is available as a cloud service, while Cisco ASA CX performs on-site security services.
E. Cisco ASA CX provides better anti-malware scanning performance than the Cisco WSA.
question_answerVIEW ANSWER

Answer 64

B C

Question 65

Which statement best describes Cisco ISE?
A. Cisco ISE provides AAA features, guest provisioning, and device profiling features in the
base feature set; link encryption policies, host posture, and security group access require the advanced feature set.

B. Cisco ISE combines the capabilities of Cisco Secure ACS and Cisco Virtual Security
Gateway into one product.

C. Cisco ISE consolidates user authentication with NAC components into one solution.

D. Cisco ISE consolidates user AAA, Security Group Access features, and ScanSafe
functionality into one product.

Answer 65

C

Question 66

What policy and Access solution technology combines posture checks and authentication across wired,wireless and Vpn networks to provide consistent connection to the corporate network anywhere
A.Cisco NGIPS
B. Cisco Trust Sec
C. Cisco ISE
D. Cisco Anyconnect

Answer 66

D