Refer to the exhibit.

What are two facts about the interface that you can determine from the given output? (Choose
two.)

What are the two policy types that can use a web reputation profile to perform reputation-based
processing? (Choose two.)

Which three pieces of information are required to implement transparent user identification using
Context Directory Agent? (Choose three.)

Which method does Cisco recommend for collecting streams of data on a sensor that has been
virtualized?

Which configuration mode enables a virtual sensor to monitor the session state for unidirectional
traffic?

Over the period of one day, several Atomic ARP engine alerts fired on the same IP address. You
observe that each time an alert fired, requests on the IP address exceeded replies by the same
number. Which configuration could cause this behavior?

Which type of signature is generated by copying a default signature and modifying its behavior?

Which two conditions must you configure in an event action override to implement a risk rating of
70 or higher and terminate the connection on the IPS? (Choose two.)

Which two conditions must you configure in an event action rule to match all IPv4 addresses in the
victim range and filter on the complete subsignature range? (Choose two.)

If learning accept mode is set to “auto” and the knowledge base is loaded only when explicitly
requested on the IPS, which statement about the knowledge base is true?