500-258 - Cisco ASA Express Security
Go back to Cisco
To maintain employee productivity, employee access is restricted based on application, user, device, and location. Which two licenses are needed to allow administrators to enforce company policy? (Choose two.)
Which statement about the on-box version of PRSM is true?
Cisco ASA NGFW comes preinstalled with a version of PRSM.
Which statement describes how users create their own (custom) application signatures with the Cisco ASA NGFW?
Define applications based on URL, FQDN, user agents, IP addresses, or ports.
When preconfiguring a Cisco AnyConnect profile for the user group, which file is output by the Cisco AnyConnect profile editor?
A security administrator suspects that an internal system has been infected by malware and communicates with an external server. Which Cisco ASA NGFW license must the administrator have to detect and monitor the unauthorized command and control network traffic?
Which three features does the Cisco Meraki Security Appliance offer? (Choose three.)
multisite cloud management
Which Cisco ASA CLI command is used to enable HTTPS (Cisco ASDM) access from any inside host on the 10.1.16.0/20 subnet?
http 10.1.16.0 255.255.240.0 inside
The "HTTPS decryption" feature is enabled with the default settings and decryption and IPS policies have been applied to the traffic. Which statement describes what happens when a client connects to a server with an untrusted certificate?
The HTTPS traffic is dropped and is not decrypted or inspected by the IPS.
On the Cisco ASA, tcp-map can be applied to a traffic class using which MPF CLI configuration command?
set connection advanced-options
Which option is the typical web reputation range for sites that tend to be well managed, responsible content syndication networks, and user-generated content sites?
-3 to 3
In which two ways is the Cisco ASA CWS subscription licensed? (Choose two.)
term and seat
Which component determines the number of required PRMS licenses?
Which two Cisco ASA licensing features are correct with Cisco ASA Software Version 8.3 and later? (Choose two.)
Identical licenses are not required on the primary and secondary Cisco ASA appliance.
Time-based licenses are stackable in duration but not in capacity.
In which two form factors is PRSM available? (Choose two.)
VMware Virtual Appliance
Which Cisco ASA NGFW license is needed to allow a high-school security administration to implement policy to allow student access to high-reputation sites only?
Which three statements about the FirePOWER appliance are true? (Choose three.)
supports NGIPS with contextual aware
supports advanced malware protection
supports application control/URL filtering
The Cisco ASA software image has been erased from flash memory. Which two statements about the process to recover the Cisco ASA software image are true? (Choose two.)
Access to the ROM monitor mode is required.
The server command is necessary to set the TFTP server IP address.
Which NGFW component collects user details so that access policies can match traffic based on this information?
Which license is required on the Cisco ASA NGFW for an administrator to manage it securely from a remote laptop?
How is the NGFW AVC subscription licensed?
Which statement best describes application recognition on the Cisco ASA NGFW?
Application recognition is based on signatures, heuristics, and content scanning, which removes the need to tie applications to ports.
You are an NGFW administrator at a local school and want to take appropriate steps to limit exposure to explicit content for students. Which access policy action is the most effective with the least impact?
Enforce Safe Search.
Which option describes what client-based access control enables?
access based on the HTTP user agent being used to initiate a traffic flow