★ Pass on Your First TRY ★ 100% Money Back Guarantee ★ Realistic Practice Exam Questions
Free Instant Download NEW 300-207 Exam Dumps (PDF & VCE):
Available on:
https://www.certleader.com/300-207-dumps.html
Want to know Actualtests 300-207 Exam practice test features? Want to lear more about Cisco Implementing Cisco Threat Control Solutions (SITCS) certification experience? Study Downloadable Cisco 300-207 answers to Far out 300-207 questions at Actualtests. Gat a success with an absolute guarantee to pass Cisco 300-207 (Implementing Cisco Threat Control Solutions (SITCS)) test on your first attempt.
Q11. What can you use to access the Cisco IPS secure command and control channel to make configuration changes?
A. SDEE
B. the management interface
C. an HTTP server
D. Telnet
Answer: B
Q12. During initial configuration, the Cisco ASA can be configured to drop all traffic if the ASA CX SSP fails by using which command in a policy-map?
A. cxsc fail
B. cxsc fail-close
C. cxsc fail-open
D. cxssp fail-close
Answer: B
Q13. Which two Cisco IPS events will generate an IP log? (Choose two.)
A. A signature had an event action that was configured with log packets.
B. A statically configured IP or IP network criterion was matched.
C. A dynamically configured IP address or IP network was matched.
D. An attack produced a response action.
Answer: A,B
Q14. A Cisco Web Security Appliance's policy can provide visibility and control of which two elements? (Choose two.)
A. Voice and Video Applications
B. Websites with a reputation between -100 and -60
C. Secure websites with certificates signed under an unknown CA
D. High bandwidth websites during business hours
Answer: C,D
Q15. Which three sender reputation ranges identify the default behavior of the Cisco Email Security Appliance? (Choose three.)
A. If it is between -1 and +10, the email is accepted
B. If it is between +1 and +10, the email is accepted
C. If it is between -3 and -1, the email is accepted and additional emails from the sender are throttled
D. If it is between -3 and +1, the email is accepted and additional emails from the sender are throttled
E. If it is between -4 and +1, the email is accepted and additional emails from the sender are throttled
F. If it is between -10 and -3, the email is blocked
G. If it is between -10 and -3, the email is sent to the virus and spam engines for additional scanning
H. If it is between -10 and -4, the email is blocked
Answer: A,C,F
Q16. Which four statements are correct regarding management access to a Cisco Intrusion Prevention System? (Choose four.)
A. The Telnet protocol is enabled by default
B. The Telnet protocol is disabled by default
C. HTTP is enabled by default
D. HTTP is disabled by default
E. SSH is enabled by default
F. SSH is disabled by default
G. HTTPS is enabled by default
H. HTTPS is disabled by default
Answer: B,D,E,G
Q17. Which sensor deployment mode does Cisco recommend when interface capacity is limited and you need to increase sensor functionality?
A. inline interface pair mode
B. inline VLAN pair mode
C. inline VLAN group mode
D. VLAN group mode
Answer: C
Q18. Who or what calculates the signature fidelity rating?
A. the signature author
B. Cisco Professional Services
C. the administrator
D. the security policy
Answer: A
Q19. Which Cisco ESA predefined sender group uses parameter-matching to reject senders?
A. BLACKLIST
B. WHITELIST
C. SUSPECTLIST
D. UNKNOWNLIST
Answer: A
Q20. What is a primary difference between the web security features of the Cisco WSA and the Cisco ASA NGFW?
A. Cisco WSA provides URL filtering, while Cisco ASA NGFW does not.
B. Cisco ASA NGFW provides caching services, while Cisco WSA does not.
C. Cisco WSA provides web reputation filtering, while Cisco ASA NGFW does not.
D. Cisco ASA NGFW provides application visibility and control on all ports, while Cisco WSA does not.
Answer: D