최신 300-207 무료덤프 - Cisco Implementing Cisco Threat Control Solutions (SITCS)

문제1

Refer to the following:
R01(config)#ip wccp web-cache redirect-list 80 password-local

A. Traffic using TCP port 80 is redirected to the Cisco WSA

B. The default "cisco" password is configured on the Cisco WSA

C. Traffic permitted in access-list 80 is redirected to the Cisco WSA

D. Traffic denied in prefix-list 80 is redirected to the Cisco WSA

정답: C

문제2

Which two configuration steps are required for implementing SSH for management access to a
Cisco router? (Choose two.)

A. Enabling SSH transport with the transport input ssh command.

B. Enabling AAA for authentication, authorization, and accounting with the aaa new-model command.

C. Configuring a domain name with the ip domain-name [name] command.

D. Generating RSA key pairs with the crypto key generate rsa command.

E. Configuring the SSH version with the ip ssh version 2 command.

정답: A,C

설명: (DumpTOP 회원만 볼 수 있음)

문제3

How are HTTP requests handled by the Cisco WSA?

A. transparent request has a destination IP address of the configured proxy.

B. The URI for an explicit request contains the host with the protocol information.

C. An explict request has a destination IP address of the intended web server.

D. The URI for an implicit request doest not contain the DNS host.

정답: B

문제4

Which feature of the Cisco Hybrid Email Security services enables you to create multiple email senders on a single
Cisco ESA?

A. Virtual Routing and Forwarding

B. Virtual Gateway

C. Sender Groups

D. Mail Flow Policy Connector

E. Email Marketing Connector

정답: B

문제5

What action will the sensor take regarding IP addresses listed as known bad hosts in the Cisco SensorBase network?

A. Global correlation is configured in Aggressive mode, which has a very aggressive effect on deny actions.

B. Global correlation is configured in Audit mode fortesting the feature without actually denying any hosts.

C. Reputation filtering is disabled.

D. It will not adjust risk rating values based on the known bad hosts list.

정답: C

설명: (DumpTOP 회원만 볼 수 있음)

문제6

Which four statements are correct regarding management access to a Cisco Intrusion Prevention System? (Choose
four.)

A. SSH is disabled by default

B. HTTP is disabled by default

C. SSH is enabled by default

D. The Telnet protocol is disabled by default

E. HTTPS is disabled by default

F. HTTPS is enabled by default

G. HTTP is enabled by default

H. The Telnet protocol is enabled by default

정답: B,C,D,F

문제7

What is a value that Cisco ESA can use for tracing mail flow?

A. the destination IP address

B. the source IP address

C. the FQDN of the destination IP address

D. the FQDN of the source IP address

정답: D

문제8

Which statement about the Cisco CWS web filtering policy behavior is true?

A. In the evaluation of a rule set, the best match wins.

B. Rules are comprised of three criteria and an action.

C. By default, the schedule is set to office hours.

D. At least one rule applies to a web request.

정답: B

문제9

A network security design engineer is considering using a Cisco Intrusion Detection System in the DMZ of the
network. Which option is the drawback to using IDS in the DMZ as opposed to using
Intrusion Prevention System?

A. Response actions cannot stop triggered packet or guarantee to stop a connection techniques.

B. IDS has impact on the network (thatis, latency and jitter).

C. Response actions cannot stop malicious packets or cannot guarantee to stop any DOS attack

정답: A

문제10

What are two benefits of using SPAN with promiscuous mode deployment? (Choose two.)

A. SPAN can perform granular scanning on captures of per-IP-address or per-port monitoring.

B. SPAN does not introduce latency to network traffic.

C. SPAN can analyze network traffic from multiple points.

D. Promiscuous Mode can silently block traffic flows on the IDS.

정답: B,C

문제11

Which five system management protocols are supported by the Intrusion Prevention System? (Choose five.)

A. SNMPv2c

B. SNMPv2

C. SDEE

D. syslog

E. SNMPv1

F. SMTP

G. SNMPv3

정답: A,B,C,E,F

문제12

When a Cisco IPS is deployed in fail-closed mode, what are two conditions that can result in traffic being dropped?
(Choose two.)

A. The signature engine is undergoing the build process.

B. The SDF failed to load.

C. The built-in signatures are unavailable.

D. An ACL is configured.

정답: A,B

문제13

Which configuration option causes an ASA with IPS module to drop traffic matching IPS signatures and to block all
traffic if the module fails?

A. Promiscuous Mode, Close Traffic

B. Inline Mode, Permit Traffic

C. Promiscuous Mode, Permit Traffic

D. Inline Mode, Close Traffic

정답: D

문제14

Which sensor deployment mode does Cisco recommend when interface capacity is limited and you need to increase
sensor functionality?

A. inline VLAN group mode

B. inline VLAN pair mode

C. VLAN group mode

D. inline interface pair mode

정답: A

문제15

Which solution must a customer deploy to prioritize traffic to a cloud-based contact management application while
still allowing employees access to the Internet for business and personal use?

A. Cisco NetFlow

B. Cisco Intrusion Prevention Services

C. policy-based routing

D. Cisco Application Visibility and Control

정답: D

문제16

An ASA with an IPS module must be configured to drop traffic matching IPS signatures and block all traffic if the
module fails. Which describes the correct configuration?

A. Promiscuous Mode, Close Traffic

B. Inline Mode, Permit Traffic

C. Promiscuous Mode, Permit Traffic

D. Inline Mode, Close Traffic

정답: D

문제17

Refer to the exhibit.

When designing the network to redirect web traffic utilizing the Catalyst 6500 to the Cisco Web Security Appliance,
impact on the switch platform needs consideration. Which four rows identify the switch behavior in correlation to the
redirect method? (Choose four.)

A. Row 6

B. Row 1

C. Row 8

D. Row 3

E. Row 5

F. Row 4

G. Row 2

H. Row 7

정답: A,D,G,H

최신 300-207 무료덤프 - Cisco Implementing Cisco Threat Control Solutions (SITCS)

우리와 연락하기

유용한 링크

최신 업데이트