300-207 by Cisco Actual Free Exam Questions And Answers

Question 1

Which option describes what occurs with asymmetric routing when an IPS normalization engine is enable?

A. It must see a valid ACK/ACK before it lets a flow pass.

B. It must see a valid SYN/ACK before it lets a flow pass, otherwise the IPS normalization engine assumes that it is in
encountering an evasion attack and drops the return packets.

C. It allows the return packets back to the source path.

D. It must see a valued SYN/ACK before it lets a flow pass, otherwise the IPS normalization engine assumes that is is
encountering a fragmentation attack, and it drops the return packets

Discussion 0

Correct Answer: B Vote an answer

Question 2

The Web Security Appliance has identities defined for faculty and staff, students, and default access. The faculty and
staff identity identifies users based on the source network and authenticated credentials. The identity for students
identifies users based on the source network along with successful authentication credentials. The global identity is
for guest users not authenticated against the domain.
Recently, a change was made to the organization's security policy to allow faculty and staff access to a social network
website, and the security group changed the access policy for faculty and staff to allow the social networking
category.
Which are the two most likely reasons that the category is still being blocked for a faculty and staff user? (Choose
two.)

A. The social networking URL was entered into a custom URL category that is blocked in the access policy.

B. The user is using an unsupported browser so the credentials are not working.

C. The user is connected to the wrong network and is being blocked by the student policy.

D. The social networking category is being allowed but the AVC policy is still blocking the website.

E. The user is being matched against the student policy because the user did not enter credentials.

Discussion 0

Correct Answer: A,D Vote an answer

Question 3

Which statement about the Cisco CWS web filtering policy behavior is true?

A. Rules are comprised of three criteria and an action.

B. By default, the schedule is set to office hours.

C. At least one rule applies to a web request.

D. In the evaluation of a rule set, the best match wins.

Discussion 0

Correct Answer: A Vote an answer

Question 4

A Cisco Email Security Appliance uses which message filter to drop all executable attachments entering and leaving
the Cisco Email Security Appliance?

A. drop-exE. if (recv-listener == "InboundMail" ) AND ( (attachment-filename == "\\.exe$") OR (attachment-filetype ==
"exe")) { drop(); }

B. drop-exe! if (recv-listener == "InboundMail" ) AND ( (attachment-filename == "\\.exe$") OR (attachment-filetype ==
"exe")) { drop(); }

C. drop-exe! if (attachment-filename == "\\.exe$") OR (attachment-filetype == "exe") { drop(); }

D. drop-exE. if (attachment-filename == "\\.exe$") OR (attachment-filetype == "exe") { drop(); }

Discussion 0

Correct Answer: D Vote an answer

Question 5

Which command sets the number of packets to log on a Cisco IPS sensor?

A. ip-log-packets number

B. ip-log-bytes number

C. ip-log-count number

D. ip-log number

Discussion 0

Correct Answer: A Vote an answer

Question 6

The Cisco Email Security Appliance will reject messages from which domains?

A. orange.public

B. None of the listed domains

C. violet.public

D. red.public, orange.public and yellow.public

E. red.public and orange.public

F. violet.public and blue.public

G. red.public

Discussion 0

Correct Answer: B Vote an answer

Explanation: Only visible for Fast2test members. You can sign-up / login (it's free).

Question 7

Which three options are IPS signature classifications? (Choose three.)

A. designated signatures

B. response signatures

C. preloaded signatures

D. default signatures

E. custom signatures

F. tuned signatures

Discussion 0

Correct Answer: D,E,F Vote an answer

Question 8

Which IPS signature engine inspects the IP protocol packets and the Layer TCP?

A. Atomic IP

B. Atomic TCP

C. Service HTTP

D. String TCP

Discussion 0

Correct Answer: A Vote an answer

Question 9

Which three pieces of information are required to implement transparent user identification using Context Directory
Agent? (Choose three.)

A. the server name of the global catalog domain controller

B. the backup Context Directory Agent

C. the server name where Context Directory Agent is installed

D. the syslog server IP address

E. the shared secret

F. the primary Context Directory Agent

Discussion 0

Correct Answer: C,E,F Vote an answer

Question 10

Which Cisco Cloud Web Security Connector feature allows access by all of an organization's users while applying
Active Directory group policies?

A. proxy forwarding

B. a user authentication key

C. a company authentication key

D. a PAC file

E. a group authentication key

Discussion 0

Correct Answer: C Vote an answer

Question 11

Which Cisco IPS CLI command shows the most fired signature?

A. show event alert

B. show version

C. show statistics virtual-sensor

D. show alert

Discussion 0

Correct Answer: C Vote an answer

Question 12

At which value do custom signatures begin?

A. 10000

B. 1

C. 1024

D. 60000

Discussion 0

Correct Answer: D Vote an answer

Question 13

Which three administrator actions are used to configure IP logging in Cisco IME? (Choose three.)

A. Set the logging duration.

B. Set the number of bytes to capture.

C. Select a virtual sensor.

D. Specify the host IP address.

E. Enable IP logging.

F. Set the number of packets to capture.

Discussion 0

Correct Answer: A,C,D Vote an answer

Question 14

What CLI command configures IP-based access to restrict GUI and CLI access to a Cisco Email Security appliance's
administrative interface?

A. ipaccessconfig

B. sshconfig

C. adminaccessconfig

D. sslconfig

Discussion 0

Correct Answer: C Vote an answer

Cisco Implementing Cisco Threat Control Solutions (SITCS) - 300-207 Exam Practice Test

Contact Us

Useful Links

Latest Updated