최신 300-207 무료덤프 - Cisco Implementing Cisco Threat Control Solutions (SITCS)

문제1

What is the authentication method for an encryption envelope that is set to medium security?

A. A password is required, but cached credentials are permitted.

B. The recipient must always enter a password, even if credentials are cached.

C. The recipient must acknowledge the sensitivity of the message before it opens.

D. The recipient can open the message without authentication.

정답: A

문제2

What are the initial actions that can be performed on an incoming SMTP session by the workqueue of a Cisco Email
Security Appliance?

A. Recipient Access Table Verification, Host DNS Verification, Masquerading, Spam Payload Check

B. LDAP Verification, Envelope Sender Verification, Bounce Verification, Alias Table Verification

C. Accept, Reject, Relay, TCPRefuse

D. SMTP Authentication, SBRS Verification, Sendergroup matching, DNS host verification

정답: C

문제3

DRAG DROP
Drag and drop the steps on the left into the correct order of initial Cisco IOS IPS configuration on the right.

정답:

문제4

Which settings are required when deploying Cisco IPS in high-availability mode using
EtherChannel load balancy?

A. ECLB IPS appliances must be in on-a-stick mode, ECLB IPS solution does not maintain state ifa sensor goes down,
and TCP flow is forced through a different IPS appliance.

B. ECLB IPS appliances must not be in on-a-stick mode, ECLB IPS solution maintains state if asensor goes down, and
TCP flow is forced through the same IPS appliance flow

C. ECLB IPS appliances must not be in on-a-stick mode, ECLB IPS solution does not maintainstate if a sensor goes
down, and TCP flow is forced through a different IPS appliance.

정답: A

설명: (DumpTOP 회원만 볼 수 있음)

문제5

Refer to the exhibit.

The system administrator of mydomain.com was informed that one of the users in his environment received spam
from an Internet sender. Message tracking shows that the emails for this user were not scanned by antispam. Why did
the Cisco Email Security gateway fail to do a spam scan on emails for [email protected]?

A. The user [email protected] matched an inbound rule with antispam disabled.

B. The remote MTA activated the SUSPECTLIST sender group.

C. The Cisco Email Security gateway created duplicates of the message.

D. The user [email protected] matched an inbound rule with antispam disabled.

정답: A

문제6

What are the two policy types that can use a web reputation profile to perform reputation-based processing? (Choose
two.)

A. access policies

B. decryption policies

C. encryption policies

D. profile policies

정답: A,B

문제7

When you deploy a sensor to send connection termination requests, which additional traffic-monitoring function can
you configure the sensor to perform?

A. Monitor traffic from both the Internet and the intranet.

B. Monitor traffic from the Internet only.

C. Monitor traffic as it flows to the sensor.

D. Monitor traffic as it flows through the sensor.

정답: D

문제8

Refer to the exhibit.

When designing the network to redirect web traffic utilizing the Catalyst 6500 to the Cisco Web Security Appliance,
impact on the switch platform needs consideration. Which four rows identify the switch behavior in correlation to the
redirect method? (Choose four.)

A. Row 6

B. Row 1

C. Row 8

D. Row 3

E. Row 5

F. Row 4

G. Row 2

H. Row 7

정답: A,D,G,H

문제9

A network security design engineer is considering using a Cisco Intrusion Detection System in the DMZ of the
network. Which option is the drawback to using IDS in the DMZ as opposed to using
Intrusion Prevention System?

A. Response actions cannot stop triggered packet or guarantee to stop a connection techniques.

B. IDS has impact on the network (thatis, latency and jitter).

C. Response actions cannot stop malicious packets or cannot guarantee to stop any DOS attack

정답: A

문제10

Which two options are known limitations in deploying an IPS sensor in promiscuous mode versus inline mode?
(Choose two).

A. It does not see the same traffic.

B. A sensor failure affects network functionality.

C. Sensors in this deployment cannot stop the trigger packet and are not guaranteed to stop a connection.

D. It is less effective in stopping email viruses and automated attackers such as worms.

E. It requires less of an operational response because the attacks are blocked automatically without operational team
support.

정답: C,D

문제11

Which step is required when you configure URL filtering to Cisco Cloud Web Security?

A. Configure URL filtering criteria in the Cisco ASA FirePOWER access rules.

B. Implement Next Generation IPS instrusion rules.

C. install the ASA FirePOWER module on the Cisco AS

정답: C

문제12

What are two features of the Cisco ASA NGFW? (Choose two.)

A. It can restrict access based on qualitative analysis.

B. It can proactively protect against Internet threats.

C. It can restrict access based on reputation.

D. It can reactively protect against Internet threats.

정답: B,C

문제13

Which Cisco Web Security Appliance feature enables the appliance to block suspicious traffic on all of its ports and IP
addresses?

A. transparent mode

B. Layer 4 Traffic Monitor

C. Secure Web Proxy

D. explicit forward mode

정답: B

문제14

Which two options are the correct URL and credentials used to access the Cisco Web Security Appliance for the first
time? (Choose two.)

A. http://192.168.42.42:8443

B. admin/ironport

C. ironport/ironport

D. http://192.168.1.1:8080

E. http://192.168.42.42:8080

F. admin/password

정답: B,E

문제15

What is a difference between a Cisco Content Security Management virtual appliance and a physical appliance?

A. The virtual appliance requires an additional license to run on a host.

B. Migration between virtual appliances of varying sizes is possible, but physical appliances must be of equal size.

C. The physical appliance is configured with a DHCP-enabled management port to receive an IP address automatically,
but you must assign the virtual appliance an IP address manually in your management subnet.

D. The physical appliance requires an additional license to activate its adapters.

정답: A

문제16

Which technique is deployed to harden network devices?

A. transmit ACLs

B. infrastructure ACLs

C. port-by-port router ACLs

D. VLAN ACLs

정답: B

최신 300-207 무료덤프 - Cisco Implementing Cisco Threat Control Solutions (SITCS)

우리와 연락하기

유용한 링크

최신 업데이트