aiotestking uk

300-207 Exam Questions - Online Test


300-207 Premium VCE File

Learn More 100% Pass Guarantee - Dumps Verified - Instant Download
150 Lectures, 20 Hours

Q1. Which Cisco WSA is intended for deployment in organizations of more than 6000 users? 

A. WSA S370 

B. WSA S670 

C. WSA S370-2RU 

D. WSA S170 

Answer:

Q2. To what extent will the Cisco IPS sensor contribute data to the Cisco SensorBase network? 

A. It will not contribute to the SensorBase network. 

B. It will contribute to the SensorBase network, but will withhold some sensitive information 

C. It will contribute the victim IP address and port to the SensorBase network. 

D. It will not contribute to Risk Rating adjustments that use information from the SensorBase network. 

Answer:

Explanation: 

To configure network participation, follow these steps:.Step 1.Log in to IDM using an account with administrator privileges..Step 2.Choose Configuration > Policies > Global Correlation > Network Participation..Step 3.To turn on network participation, click the Partial or Full radio button:..Partial—Data is contributed to the SensorBase Network, but data considered potentially sensitive is filtered out and never sent...Full—All data is contributed to the SensorBase Network 

In this case, we can see that this has been turned off as shown below: 

Q3. Cisco AVC allows control of which three of the following? (Choose three.) 

A. Facebook 

B. LWAPP 

C. IPv6 

D. MySpace 

E. Twitter 

F. WCCP 

Answer: A,D,E 

Q4. What is a primary difference between the web security features of the Cisco WSA and the Cisco ASA NGFW? 

A. Cisco WSA provides URL filtering, while Cisco ASA NGFW does not. 

B. Cisco ASA NGFW provides caching services, while Cisco WSA does not. 

C. Cisco WSA provides web reputation filtering, while Cisco ASA NGFW does not. 

D. Cisco ASA NGFW provides application visibility and control on all ports, while Cisco WSA does not. 

Answer:

Q5. During initial configuration, the Cisco ASA can be configured to drop all traffic if the ASA CX SSP fails by using which command in a policy-map? 

A. cxsc fail 

B. cxsc fail-close 

C. cxsc fail-open 

D. cxssp fail-close 

Answer:

Q6. Which three zones are used for anomaly detection? (Choose three.) 

A. Internal zone 

B. External zone 

C. Illegal zone 

D. Inside zone 

E. Outside zone 

F. DMZ zone 

Answer: A,B,C 

Q7. Which Cisco technology is a customizable web-based alerting service designed to report threats and vulnerabilities? 

A. Cisco Security Intelligence Operations 

B. Cisco Security IntelliShield Alert Manager Service 

C. Cisco Security Optimization Service 

D. Cisco Software Application Support Service 

Answer:

Q8. A system administrator wants to know if the email traffic from a remote partner will activate special treatment message filters that are created just for them. Which tool on the Cisco Email Security gateway can you use to debug or emulate the flow that a message takes through the work queue? 

A. the message tracker interface 

B. centralized or local message tracking 

C. the CLI.findevent command 

D. the trace tool 

E. the CLI.grep command 

Answer:

Q9. What action will the sensor take regarding IP addresses listed as known bad hosts in the Cisco SensorBase network? 

A. Global correlation is configured in Audit mode fortesting the feature without actually denying any hosts. 

B. Global correlation is configured in Aggressive mode, which has a very aggressive effect on deny actions. 

C. It will not adjust risk rating values based on the known bad hosts list. 

D. Reputation filtering is disabled. 

Answer:

Explanation: 

This can be seen on the Globabl Correlation – Inspection/Reputation tab show below: 

Q10. What is a value that Cisco ESA can use for tracing mail flow? 

A. the FQDN of the source IP address 

B. the FQDN of the destination IP address 

C. the destination IP address 

D. the source IP address 

Answer: