Cisco 300-207 ExamSITCS Implementing Cisco Threat Control Solutions (SITCS)

Total Question: 242 Last Updated: Jun 13,2019
  • Updated 300-207 Dumps
  • Based on Real 300-207 Exams Scenarios
  • Free 300-207 pdf Demo Available
  • Check out our 300-207 Dumps in a new PDF format
  • Instant 300-207 download
  • Guarantee 300-207 success in first attempt
Package Select:

Questions & Answers PDF

Practice Test Software

Practice Test + PDF 30% Discount

Price: $65.95 $29.99

Buy Now Free Trial

[Avant-garde] 300-207 sitcs study guide

Best Quality of 300-207 free exam materials and questions pool for Cisco certification for IT examinee, Real Success Guaranteed with Updated 300-207 pdf dumps vce Materials. 100% PASS Implementing Cisco Threat Control Solutions (SITCS) exam Today!

2016 May 300-207 Study Guide Questions:

Q17. Which signature definition is virtual sensor 0 assigned to use? 




A. rules0 

B. vs0 

C. sig0 

D. ad0 

E. ad1 

F. sigl 

Answer: C 

Explanation: 

This is the default signature. You can create multiple security policies and apply them to individual virtual sensors. A security policy is made up of a signature definition policy, an event action rules policy, and an anomaly detection policy. Cisco IPS contains a default signature definition policy called sig0, a default event action rules policy called rules0, and a default anomaly detection policy called ad0. You can assign the default policies to a virtual sensor or you can create new policies. 


Q18. Which three administrator actions are used to configure IP logging in Cisco IME? (Choose three.) 

A. Select a virtual sensor. 

B. Enable IP logging. 

C. Specify the host IP address. 

D. Set the logging duration. 

E. Set the number of packets to capture. 

F. Set the number of bytes to capture. 

Answer: A,C,D 


Q19. Which three sender reputation ranges identify the default behavior of the Cisco Email Security Appliance? (Choose three.) 

A. If it is between -1 and +10, the email is accepted 

B. If it is between +1 and +10, the email is accepted 

C. If it is between -3 and -1, the email is accepted and additional emails from the sender are throttled 

D. If it is between -3 and +1, the email is accepted and additional emails from the sender are throttled 

E. If it is between -4 and +1, the email is accepted and additional emails from the sender are throttled 

F. If it is between -10 and -3, the email is blocked 

G. If it is between -10 and -3, the email is sent to the virus and spam engines for additional scanning 

H. If it is between -10 and -4, the email is blocked 

Answer: A,C,F 


Q20. What are the two policy types that can use a web reputation profile to perform reputation-based processing? (Choose two.) 

A. profile policies 

B. encryption policies 

C. decryption policies 

D. access policies 

Answer: C,D 


Q21. Which two statements about Signature 1104 are true? (Choose two.) 




A. This is a custom signature. 

B. The severity level is High. 

C. This signature has triggered as indicated by the red severity icon. 

D. Produce Alert is the only action defined. 

E. This signature is enabled, but inactive, as indicated bythe/0 to that follows the signature number. 

Answer: B,D 

Explanation: 

This can be seen here where signature 1004 is the 5th one down: 



300-207 latest exam

Rebirth cisco 300-207 book:

Q22. What are three features of the Cisco Security Intellishield Alert Manager Service? (Choose three.) 

A. validation of alerts by security analysts 

B. custom notifications 

C. complete threat and vulnerability remediation 

D. vendor-specific threat analysis 

E. workflow-management tools 

F. real-time threat and vulnerability mitigation 

Answer: A,B,E 


Q23. Within Cisco IPS anomaly detection, what is the default IP range of the external zone? 

A. 0.0.0.0 0.0.0.0 

B. 0.0.0.0 - 255.255.255.255 

C. 0.0.0.0/8 

D. the network of the management interface 

Answer: B 


Q24. The Web Cache Communication Protocol (WCCP) is a content-routing protocol that can facilitate the redirection of traffic flows in real time. Your organization has deployed WCCP to redirect web traffic that traverses their Cisco Adaptive Security Appliances (ASAs) to their Cisco Web Security Appliances (WSAs). 

The simulator will provide access to the graphical user interfaces of one Cisco ASA and one Cisco WSA that are participating in a WCCP service. Not all aspects of the GUIs are implemented in the simulator. The options that have been implemented are sufficient to determine the best answer to each of the questions that are presented. 

Your task is to examine the details available in the simulated graphical user interfaces and select the best answer. 





Which of the following is true with respect to the version of WCCP configured on the Cisco ASA and the Cisco WSA? 

A. Both are configured for WCCP v1. 

B. Both are configured for WCCP v2. 

C. Both are configured for WCCP v3. 

D. There is a WCCP version mismatch between the Cisco WSA and the Cisco ASA. 

Answer: B 

Explanation: 

ASA version shows as version 2.0: 


\\psf\Home\Desktop\Screen Shot 2015-01-27 at 9.45.57 AM.png 

WSA also shows version 2 is being used: 


\\psf\Home\.Trash\Screen Shot 2015-01-27 at 9.47.53 AM.png 


Q25. An IPS is configured to fail-closed and you observe that all packets are dropped. What is a possible reason for this behavior? 

A. Mainapp is unresponsive. 

B. The global correlation update failed. 

C. The IPS span session failed. 

D. The attack drop file is misconfigured. 

Answer: A 


Q26. When a Cisco Email Security Appliance joins a cluster, which four settings are inherited? (Choose four.) 

A. IP address 

B. DNS settings 

C. SMTP routes 

D. HAT 

E. RAT 

F. hostname 

G. certificates 

Answer: B,C,D,E 


300-207 brain dumps

High quality cisco 300-207 book:

Q27. What is the access-list command on a Cisco IPS appliance used for? 

A. to permanently filter traffic coming to the Cisco.IPS.appliance via the sensing port 

B. to filter for traffic when the Cisco.IPS.appliance is in the inline mode 

C. to restrict management access to the sensor 

D. to create a filter that can be applied on the interface that is under attack 

Answer: C 


Q28. Which type of signature is generated by copying a default signature and modifying its behavior? 

A. meta 

B. custom 

C. atomic 

D. normalized 

Answer: B 


Q29. Who or what calculates the signature fidelity rating in a Cisco IPS? 

A. the signature author 

B. Cisco Professional Services 

C. the administrator 

D. the security policy 

Answer: A 


Q30. What step is required to enable HTTPS Proxy on the Cisco Web Security Appliance? 

A. Web Security Manager HTTPS Proxy click Enable 

B. Security Services HTTPS Proxy click Enable 

C. HTTPS Proxy is enabled by default 

D. System Administration HTTPS Proxy click Enable 

Answer: B 


Q31. Which three features does Cisco CX provide? (Choose three.) 

A. HTTPS traffic decryption and inspection 

B. Application Visibility and Control 

C. Category or reputation-based URL filtering 

D. Email virus scanning 

E. Application optimization and acceleration 

F. VPN authentication 

Answer: A,B,C 


Q32. The security team needs to limit the number of e-mails they receive from the Intellishield Alert Service. Which three parameters can they adjust to restrict alerts to specific product sets? (Choose three.) 

A. Vendor 

B. Chassis/Module 

C. Device ID 

D. Service Contract 

E. Version/Release 

F. Service Pack/Platform 

Answer: A,E,F 


Related 300-207 Articles