aiotestking uk

300-207 Exam Questions - Online Test


300-207 Premium VCE File

Learn More 100% Pass Guarantee - Dumps Verified - Instant Download
150 Lectures, 20 Hours

Q1. During initial configuration, the Cisco ASA can be configured to drop all traffic if the ASA CX SSP fails by using which command in a policy-map? 

A. cxsc fail 

B. cxsc fail-close 

C. cxsc fail-open 

D. cxssp fail-close 

Answer:

Q2. Which two statements about Cisco Cloud Web Security functionality are true? (Choose two.) 

A. It integrates with Cisco Integrated Service Routers. 

B. It supports threat avoidance and threat remediation. 

C. It extends web security to the desktop, laptop, and PDA. 

D. It integrates with Cisco.ASA Firewalls. 

Answer: A,D 

Q3. Which is the default IP address and admin port setting for https in the Cisco Web Security Appliance? 

A. http://192.168.42.42:8080 

B. http://192.168.42.42:80 

C. https://192.168.42.42:443 

D. https://192.168.42.42:8443 

Answer:

Q4. Which centralized reporting function of the Cisco Content Security Management Appliance 

aggregates data from multiple Cisco ESA devices? 

A. message tracking 

B. web tracking 

C. system tracking 

D. logging 

Answer:

Q5. Connections are being denied because of SenderBase Reputation Scores. Which two features must be enabled in order to record those connections in the mail log on the Cisco ESA? (Choose two.) 

A. Rejected Connection Handling 

B. Domain Debug Logs 

C. Injection Debug Logs 

D. Message Tracking 

Answer: A,D 

Q6. What can Cisco Prime Security Manager (PRSM) be used to achieve? 

A. Configure and Monitor Cisco CX Application Visibility and Control, web filtering, access and decryption policies 

B. Configure Cisco ASA connection limits 

C. Configure TCP state bypass in Cisco ASA and IOS 

D. Configure Cisco IPS signature and monitor signature alerts 

E. Cisco Cloud Security on Cisco ASA 

Answer:

Q7. What action will the sensor take regarding IP addresses listed as known bad hosts in the Cisco SensorBase network? 

A. Global correlation is configured in Audit mode fortesting the feature without actually denying any hosts. 

B. Global correlation is configured in Aggressive mode, which has a very aggressive effect on deny actions. 

C. It will not adjust risk rating values based on the known bad hosts list. 

D. Reputation filtering is disabled. 

Answer:

Explanation: 

This can be seen on the Globabl Correlation – Inspection/Reputation tab show below: 

Q8. Which command disables SSH access for administrators on the Cisco ESA? 

A. interfaceconfig 

B. sshconfig 

C. sslconfig 

D. systemsetup 

Answer:

Q9. Which three features does Cisco CX provide? (Choose three.) 

A. HTTPS traffic decryption and inspection 

B. Application Visibility and Control 

C. Category or reputation-based URL filtering 

D. Email virus scanning 

E. Application optimization and acceleration 

F. VPN authentication 

Answer: A,B,C 

Q10. What is the access-list command on a Cisco IPS appliance used for? 

A. to permanently filter traffic coming to the Cisco.IPS.appliance via the sensing port 

B. to filter for traffic when the Cisco.IPS.appliance is in the inline mode 

C. to restrict management access to the sensor 

D. to create a filter that can be applied on the interface that is under attack 

Answer: