aiotestking uk

300-207 Exam Questions - Online Test


300-207 Premium VCE File

Learn More 100% Pass Guarantee - Dumps Verified - Instant Download
150 Lectures, 20 Hours

Q1. What is the default CX Management 0/0 IP address on a Cisco ASA 5512-X appliance? 

A. 192.168.1.1 

B. 192.168.1.2 

C. 192.168.1.3 

D. 192.168.1.4 

E. 192.168.1.5 

F. 192.168.8.8 

Answer:

Q2. Which Cisco technology provides spam filtering and email protection? 

A. IPS 

B. ESA 

C. WSA 

D. CX 

Answer:

Q3. Which Cisco technology prevents targeted malware attacks, provides data loss prevention and spam protection, and encrypts email? 

A. SBA 

B. secure mobile access 

C. IPv6 DMZ web service 

D. ESA 

Answer:

Q4. Which two options are characteristics of router-based IPS? (Choose two.) 

A. It supports custom signatures 

B. It supports virtual sensors. 

C. It supports multiple VRFs. 

D. It uses configurable anomaly detection. 

E. Signature definition files have been deprecated. 

Answer: C,E 

Q5. What are three best practices for a Cisco Intrusion Prevention System? (Choose three.) 

A. Checking for new signatures every 4 hours 

B. Checking for new signatures on a staggered schedule 

C. Automatically updating signature packs 

D. Manually updating signature packs 

E. Group tuning of signatures 

F. Single tuning of signatures 

Answer: B,C,E 

Q6. In order to set up HTTPS decryption on the Cisco Web Security Appliance, which two steps must be performed? (Choose two.) 

A. Enable and accept the EULA under Security Services > HTTPS Proxy. 

B. Upload a publicly signed server certificate. 

C. Configure or upload a certificate authority certificate. 

D. Enable HTTPS decryption in Web Security Manager > Access Policies. 

Answer: A,C 

Q7. Which Cisco technology secures the network through malware filtering, category-based control, and reputation-based control? 

A. Cisco ASA 5500 Series appliances 

B. Cisco remote-access VPNs 

C. Cisco IronPort WSA 

D. Cisco IPS 

Answer:

Q8. A new Cisco IPS device has been placed on the network without prior analysis. Which CLI command shows the most fired signature? 

A. Show statistics virtual-sensor 

B. Show event alert 

C. Show alert 

D. Show version 

Answer:

Q9. Which two design considerations are required to add the Cisco Email Security Appliance to an existing mail delivery chain? (Choose two.) 

A. Existing MX records should be maintained and policy routing should be used to redirect traffic to the ESA. 

B. Update the MX records to point to the inbound listener interfaces on the ESA. 

C. Update the MX records to point to the outbound listener interfaces on the ESA. 

D. Different Listeners must be used to handle inbound and outbound mail handling. 

E. The ESA should be connected to the same subnet as the Email Server because it maintains only a single routing table. 

F. The ESA can be connected to a DMZ external to the Email Server because it maintains multiple routing tables. 

G. The ESA can be connected to a DMZ external to the Email Server but it maintains only a single routing table. 

H. Mail Listeners by default can share the same IP interface by defining the routes for sending and receiving. 

Answer: B,G 

Q10. Which three user roles are partially defined by default in Prime Security Manager? (Choose three.) 

A. networkoperator 

B. admin 

C. helpdesk 

D. securityoperator 

E. monitoringadmin 

F. systemadmin 

Answer: B,C,F