A network administrator is using the Cisco ESA with AMP to upload files to the cloud for analysis. The network is congested and is affecting communication. How will the Cisco ESA handle any files which need analysis?
Correct Answer: C
Explanation The appliance will try once to upload the file; if upload is not successful, for example because of connectivity problems, the file may not be uploaded. If the failure was because the file analysis server was overloaded, the upload will be attempted once more. Reference: https://www.cisco.com/c/en/us/support/docs/security/email-security-appliance/118796-technoteesa-00.html In this question, it stated "the network is congested" (not the file analysis server was overloaded) so the appliance will not try to upload the file again. The appliance will try once to upload the file; if upload is not successful, for example because of connectivity problems, the file may not be uploaded. If the failure was because the file analysis server was overloaded, the upload will be attempted once more. Reference: In this question, it stated "the network is congested" (not the file analysis server was overloaded) so the Explanation The appliance will try once to upload the file; if upload is not successful, for example because of connectivity problems, the file may not be uploaded. If the failure was because the file analysis server was overloaded, the upload will be attempted once more. Reference: https://www.cisco.com/c/en/us/support/docs/security/email-security-appliance/118796-technoteesa-00.html In this question, it stated "the network is congested" (not the file analysis server was overloaded) so the appliance will not try to upload the file again.
Question 452
Which two features are used to configure Cisco ESA with a multilayer approach to fight viruses and malware? (Choose two)
Correct Answer: A,D
Cisco ESA uses a multilayer approach to fight viruses and malware. The first layer of defense consists of outbreak filters, which the appliance downloads from Cisco SenderBase. Outbreak filters use global threat intelligence and behavioral analysis to identify and block emerging threats before they reach the network. The second layer of defense consists of antivirus engines, which scan the message body and attachments for known viruses and malware. Cisco ESA supports multiple antivirus engines, such as Sophos, McAfee, and Cisco AMP. The Sophos engine is one of the default engines that Cisco ESA uses, along with McAfee. The Sophos engine provides fast and accurate detection of viruses and malware, and updates its signatures frequently. The other options are not features that are used to configure Cisco ESA with a multilayer approach to fight viruses and malware. A white list is a list of trusted senders or recipients that are exempt from spam or virus filtering. RAT is the Recipient Access Table, which is used to determine whether the appliance accepts or rejects messages to a recipient address. DLP is Data Loss Prevention, which is used to prevent sensitive or confidential data from leaving the network. References := * Email Security Using Cisco ESA * Demystifying Cisco ESA HAT, RAT Tables and Deployment Types * Email Security Deployment Guide - Cisco
Question 453
Which functions of an SDN architecture require southbound APIs to enable communication?
Correct Answer: A
Explanation The Southbound API is used to communicate between Controllers and network devices
Question 454
In which two ways does Easy Connect help control network access when used with Cisco TrustSec? (Choose two)
Correct Answer: C,E
Explanation Easy Connect simplifies network access control and segmentation by allowing the assignment of Security Group Tags to endpoints without requiring 802.1X on those endpoints, whether using wired or wireless connectivity. Reference: easy-connect-configuration-guide.pdf
Question 455
When network telemetry is implemented, what is important to be enabled across all network infrastructure devices to correlate different sources?
