- (Exam Topic 3)
An engineer is deploying Cisco Advanced Malware Protection (AMP) for Endpoints and wants to create a policy that prevents users from executing file named abc424952615.exe without quarantining that file What type of Outbreak Control list must the SHA.-256 hash value for the file be added to in order to accomplish this?

1. A. Advanced Custom Detection
2. B. Blocked Application
3. C. Isolation
4. D. Simple Custom Detection

Correct Answer: B

- (Exam Topic 3)
With regard to RFC 5176 compliance, how many IETF attributes are supported by the RADIUS CoA feature?

1. A. 3
2. B. 5
3. C. 10
4. D. 12

Correct Answer: D

- (Exam Topic 3)
An engineer must modify a policy to block specific addresses using Cisco Umbrella. The policy is created already and is actively u: of the default policy elements. What else must be done to accomplish this task?

1. A. Add the specified addresses to the identities list and create a block action.
2. B. Create a destination list for addresses to be allowed or blocked.
3. C. Use content categories to block or allow specific addresses.
4. D. Modify the application settings to allow only applications to connect to required addresses.

Correct Answer: B

- (Exam Topic 3)
A network security engineer must export packet captures from the Cisco FMC web browser while troubleshooting an issue. When navigating to the address https:///capure/CAPI/pcap/test.pcap, an error 403: Forbidden is given instead of the PCAP file. Which action must the engineer take to resolve this issue?

1. A. Disable the proxy setting on the browser
2. B. Disable the HTTPS server and use HTTP instead
3. C. Use the Cisco FTD IP address as the proxy server setting on the browser
4. D. Enable the HTTPS server for the device platform policy

Correct Answer: D

- (Exam Topic 3)
An organization wants to use Cisco FTD or Cisco ASA devices. Specific URLs must be blocked from being accessed via the firewall which requires that the administrator input the bad URL categories that the organization wants blocked into the access policy. Which solution should be used to meet this requirement?

1. A. Cisco ASA because it enables URL filtering and blocks malicious URLs by default, whereas Cisco FTD does not
2. B. Cisco ASA because it includes URL filtering in the access control policy capabilities, whereas Cisco FTD does not
3. C. Cisco FTD because it includes URL filtering in the access control policy capabilities, whereas Cisco ASA does not
4. D. Cisco FTD because it enables URL filtering and blocks malicious URLs by default, whereas Cisco ASAdoes not

Correct Answer: C