16 October, 2019

Implementing Cisco Threat Control Solutions (SITCS) 300-207 Discount Pack

Your success in Cisco 300-207 is our sole target and we develop all our 300-207 braindumps in a way that facilitates the attainment of this target. Not only is our 300-207 study material the best you can find, it is also the most detailed and the most updated. 300-207 Practice Exams for Cisco {category} 300-207 are written to the highest standards of technical accuracy.

Page: 1 / 20

Total 242 questions Full Exam Access

Question 1

Which two conditions must you configure in an event action rule to match all IPv4 addresses in the victim range and filter on the complete subsignature range? (Choose two.)

Disable event action override.

Leave the victim address range unspecified.

Set the subsignature ID-range to the default.

Set the deny action percentage to 100.

Set the deny action percentage to 0.

Question 2

What are two benefits of using SPAN with promiscuous mode deployment? (Choose two.)

SPAN does not introduce latency to network traffic.

SPAN can perform granular scanning on captures of per-IP-address or per-port monitoring.

Promiscuous Mode can silently block traffic flows on the IDS.

SPAN can analyze network traffic from multiple points.

Question 3

Which two GUI options display users' activity in Cisco Web Security Appliance? (Choose two.)

Web Security Manager Identity Identity Name

Security Services Reporting

Reporting Users

Reporting Reports by User Location

Question 4

Which command allows the administrator to access the Cisco WSA on a secure channel on port 8443?

strictssl

adminaccessconfig

ssl

ssh

Question 5

Which Cisco technology prevents targeted malware attacks, provides data loss prevention and spam protection, and encrypts email?

SBA

secure mobile access

IPv6 DMZ web service

ESA

Question 6

What is a primary difference between the web security features of the Cisco WSA and the Cisco ASA NGFW?

Cisco WSA provides URL filtering, while Cisco ASA NGFW does not.

Cisco ASA NGFW provides caching services, while Cisco WSA does not.

Cisco WSA provides web reputation filtering, while Cisco ASA NGFW does not.

Cisco ASA NGFW provides application visibility and control on all ports, while Cisco WSA does not.

Question 7

Which three options are valid event actions for a Cisco IPS? (Choose three.)

deny-packet-inline

deny-attack-reset

produce-verbose-alert

log-attacker-packets

deny-packet-internal

request-block-drop-connection

Question 8

An engineer manages a Cisco Intrusion Prevention System via IME. A new user must be able to tune signatures, but must not be able to create new users. Which role for the new user is correct?

service

operator

administrator

Question 9

In addition to the CLI, what is another option to manage a Cisco IPS?

SDEE

Cisco SDM

Cisco IDM

Cisco ISE

Question 10

Which Cisco ESA predefined sender group uses parameter-matching to reject senders?

BLACKLIST

WHITELIST

SUSPECTLIST

UNKNOWNLIST

Question 11

Which two options are characteristics of router-based IPS? (Choose two.)

It supports custom signatures

It supports virtual sensors.

It supports multiple VRFs.

It uses configurable anomaly detection.

Signature definition files have been deprecated.

Question 12

What can Cisco Prime Security Manager (PRSM) be used to achieve?

Configure and Monitor Cisco CX Application Visibility and Control, web filtering, access and decryption policies

Configure Cisco ASA connection limits

Configure TCP state bypass in Cisco ASA and IOS

Configure Cisco IPS signature and monitor signature alerts

Cisco Cloud Security on Cisco ASA

Question 13

When https traffic is scanned, which component of the full URL does CWS log?

not log

only host host and query path and query

Question 14

Which command is used to enable strong ciphers on the Cisco Web Security Appliance?

interfaceconfig

strictssl

etherconfig

adminaccessconfig

Question 15

Which set of commands changes the FTP client timeout when the sensor is communicating with an FTP server?

sensor# configure terminal sensor(config)# service sensor sensor(config-hos)# network-settings sensor(config-hos-net)# ftp-timeout 500

sensor# configure terminal sensor(config)# service hostsensor(config-hos)# network-settings parameter ftp sensor(config-hos-net)# ftp-timeout 500

sensor# configure terminal sensor(config)# service host sensor(config-hos)# network-settings sensor(config-hos-net)# ftp-timeout 500

sensor# configure terminal sensor(config)# service network sensor(config-hos)# network-settings sensor(config-hos-net)# ftp-timeout 500

Question 16

The helpdesk was asked to provide a record of delivery for an important email message that a customer claims it did not receive. Which feature of the Cisco Email Security Appliance provides this record?

Outgoing Mail Reports

SMTP Routes

Message Tracking

Scheduled Reports

System Administration

Question 17

Which three search parameters are supported by the Email Security Monitor? (Choose three.)

Destination domain

Network owner

MAC address

Policy requirements

Internal sender IP address

Originating domain

Question 18

Using the Cisco WSA GUI, where should an operator navigate to determine the running software image on the Cisco WSA?

Systems Administration > System Upgrade

Systems Administration > Feature Keys

Systems Administration > General

Admin > System Info

Question 19

Which two conditions must you configure in an event action override to implement a risk rating of 70 or higher and terminate the connection on the IPS? (Choose two.)

Configure the event action override to send a TCP reset.

Set the risk rating range to 70 to 100.

Configure the event action override to send a block-connection request.

Set the risk rating range to 0 to 100.

Configure the event action override to send a block-host request.

Question 20

What is a valid search parameter for the Cisco ESA find event tool?

Envelope Origination

Envelope Type

Message ID

Download Type

Question 21

A user is deploying a Cisco IPS appliance in a data center to mitigate most attacks, including atomic attacks. Which two modes does Cisco recommend using to configure for this? (Choose two.)

VLAN pair

interface pair

transparent mode

EtherChannel load balancing

promiscuous mode

Question 22

Refer to the Following. Which option describe the result of this configuration on a Cisco ASA firewall?
asafwl (config) #http server enable asafw1(config)#http 10.10.10.1 255.255.255.255 inside

The firewall allows ASDM access from a client on 10.10.10.1

The management IP address of the firewall is 10.10.10.1

The inside interface IP address of the firewall is 10.10.10.1

Question 23

Connections are being denied because of SenderBase Reputation Scores. Which two features must be enabled in order to record those connections in the mail log on the Cisco ESA? (Choose two.)

Rejected Connection Handling

Domain Debug Logs

Injection Debug Logs

Message Tracking

Question 24

Which two statements regarding the basic setup of the Cisco CX for services are correct? (Choose two.)

The Packet capture feature is available for either permitted or dropped packets by default.

Public Certificates can be used for HTTPS Decryption policies.

Public Certificates cannot be used for HTTPS Decryption policies.

When adding a standard LDAP realm, the group attribute will be UniqueMember.

The Packet capture features is available for permitted packets by default.

Question 25

Which Cisco Web Security Appliance feature enables the appliance to block suspicious traffic on all of its ports and IP addresses?

Layer 4 Traffic Monitor

Secure Web Proxy

explicit forward mode

transparent mode

Question 26

Refer to the exhibit.
300-207 dumps exhibit

What is the maximum message size that the Cisco Email Security Appliance will accept from the violet.public domain?

1 KB

100 KB

1 MB

10 MB

100 MB

Unlimited

Question 27

Refer to the exhibit.
300-207 dumps exhibit

The system administrator of mydomain.com was informed that one of the users in his environment received spam from an Internet sender. Message tracking shows that the emails for this user were not scanned by antispam. Why did the Cisco Email Security gateway fail to do a spam scan on emails for user@mydomain.com?

The remote MTA activated the SUSPECTLIST sender group.

The Cisco Email Security gateway created duplicates of the message.

The user user@mydomain.com matched an inbound rule with antispam disabled.

The user bob@mydomain.com matched an inbound rule with antispam disabled.

Question 28

The security team needs to limit the number of e-mails they receive from the Intellishield Alert Service. Which three parameters can they adjust to restrict alerts to specific product sets? (Choose three.)

Vendor

Chassis/Module

Device ID

Service Contract

Version/Release

Service Pack/Platform

Question 29

Which three functions can Cisco Application Visibility and Control perform within Cisco Cloud Web Security? (Choose three.)

validation of malicious traffic

traffic control

extending Web Security to all computing devices

application-level classification

monitoring

signature tuning

Page: 1 / 20

Total 242 questions Full Exam Access