Cisco 300-207 ExamSITCS Implementing Cisco Threat Control Solutions (SITCS)

Total Question: 242 Last Updated: Jun 13,2019
  • Updated 300-207 Dumps
  • Based on Real 300-207 Exams Scenarios
  • Free 300-207 pdf Demo Available
  • Check out our 300-207 Dumps in a new PDF format
  • Instant 300-207 download
  • Guarantee 300-207 success in first attempt
Package Select:

Questions & Answers PDF

Practice Test Software

Practice Test + PDF 30% Discount

Price: $65.95 $29.99

Buy Now Free Trial

ucr 207-300 : Apr 2016 Edition

Virtual of 300-207 testing engine materials and cram for Cisco certification for IT examinee, Real Success Guaranteed with Updated 300-207 pdf dumps vce Materials. 100% PASS Implementing Cisco Threat Control Solutions (SITCS) exam Today!

2016 Apr 300-207 Study Guide Questions:

Q113. What is a value that Cisco ESA can use for tracing mail flow? 

A. the FQDN of the source IP address 

B. the FQDN of the destination IP address 

C. the destination IP address 

D. the source IP address 

Answer: A 


Q114. What is the default antispam policy for positively identified messages? 

A. Drop 

B. Deliver and Append with [SPAM] 

C. Deliver and Prepend with [SPAM] 

D. Deliver and Alternate Mailbox 

Answer: C 


Q115. Which two statements about Cisco Cloud Web Security functionality are true? (Choose two.) 

A. It integrates with Cisco Integrated Service Routers. 

B. It supports threat avoidance and threat remediation. 

C. It extends web security to the desktop, laptop, and PDA. 

D. It integrates with Cisco.ASA Firewalls. 

Answer: A,D 


Q116. Which three search parameters are supported by the Email Security Monitor? (Choose three.) 

A. Destination domain 

B. Network owner 

C. MAC address 

D. Policy requirements 

E. Internal sender IP address 

F. Originating domain 

Answer: A,B,E 


Q117. What are the initial actions that can be performed on an incoming SMTP session by the workqueue of a Cisco Email Security Appliance? 

A. Accept, Reject, Relay, TCPRefuse 

B. LDAP Verification, Envelope Sender Verification, Bounce Verification, Alias Table Verification 

C. Recipient Access Table Verification, Host DNS Verification, Masquerading, Spam Payload Check 

D. SMTP Authentication, SBRS Verification, Sendergroup matching, DNS host verification 

Answer: A 


300-207 actual test

Down to date graco 207-300:

Q118. What CLI command configures IP-based access to restrict GUI and CLI access to a Cisco Email Security appliance's administrative interface? 

A. adminaccessconfig 

B. sshconfig 

C. sslconfig 

D. ipaccessconfig 

Answer: A 


Q119. The Web Cache Communication Protocol (WCCP) is a content-routing protocol that can facilitate the redirection of traffic flows in real time. Your organization has deployed WCCP to redirect web traffic that traverses their Cisco Adaptive Security Appliances (ASAs) to their Cisco Web Security Appliances (WSAs). 

The simulator will provide access to the graphical user interfaces of one Cisco ASA and one Cisco WSA that are participating in a WCCP service. Not all aspects of the GUIs are implemented in the simulator. The options that have been implemented are sufficient to determine the best answer to each of the questions that are presented. 

Your task is to examine the details available in the simulated graphical user interfaces and select the best answer. 





Between the Cisco ASA configuration and the Cisco WSA configuration, what is true with respect to redirected ports? 

A. Both are configured for port 80 only. 

B. Both are configured for port 443 only. 

C. Both are configured for both port 80 and 443. 

D. Both are configured for ports 80, 443 and 3128. 

E. There is a configuration mismatch on redirected ports. 

Answer: C 

Explanation: This can be seen from the WSA Network tab shown below: 


\\psf\Home\Desktop\Screen Shot 2015-01-27 at 9.42.49 AM.png 


Q120. Which three zones are used for anomaly detection in a Cisco IPS? (Choose three.) 

A. internal zone 

B. external zone 

C. illegal zone 

D. inside zone 

E. outside zone 

F. DMZ zone 

Answer: A,B,C 


Q121. What is the status of OS Identification? 




A. It is only enabled to identify "Cisco IOS" OS using statically mapped OS fingerprinting 

B. OS mapping information will not be used for Risk Rating calculations. 

C. It is configured to enable OS mapping and ARR only for the 10.0.0.0/24 network. 

D. It is enabled for passive OS fingerprinting for all networks. 

Answer: D 

Explanation: 

Understanding Passive OS Fingerprinting.Passive OS fingerprinting lets the sensor determine the OS that hosts are running. The sensor analyzes network traffic between hosts and stores the OS of these hosts with their IP addresses. The sensor inspects TCP SYN and SYNACK packets exchanged on the network to determine the OS type..The sensor then uses the OS of the target host OS to determine the relevance of the attack to the victim by computing the attack relevance rating component of the risk rating. Based on the relevance of the attack, the sensor may alter the risk rating of the alert for the attack and/or the sensor may filter the alert for the attack. You can then use the risk rating to reduce the number of false positive alerts (a benefit in IDS mode) or definitively drop suspicious packets (a benefit in IPS mode). Passive OS fingerprinting also enhances the alert output by reporting the victim OS, the source of the OS identification, and the relevance to the victim OS in the alert..Passive OS fingerprinting consists of three components: .Passive OS learning.Passive OS learning occurs as the sensor observes traffic on the network. Based on the characteristics of TCP SYN and SYNACK packets, the sensor makes a determination of the OS running on the host of the source IP address. 

.User-configurable OS identification.You can configure OS host mappings, which take precedence over learned OS mappings. .Computation of attack relevance rating and risk rating 


Q122. Which configuration option causes an ASA with IPS module to drop traffic matching IPS signatures and to block all traffic if the module fails? 

A. Inline Mode, Permit Traffic 

B. Inline Mode, Close Traffic 

C. Promiscuous Mode, Permit Traffic 

D. Promiscuous Mode, Close Traffic 

Answer: B 


300-207 exam question

Precise robertshaw 300-207 manual:

Q123. Which command sets the number of packets to log on a Cisco IPS sensor? 

A. ip-log-count number 

B. ip-log-packets number 

C. ip-log-bytes number 

D. ip-log number 

Answer: B 


Q124. The Web Cache Communication Protocol (WCCP) is a content-routing protocol that can facilitate the redirection of traffic flows in real time. Your organization has deployed WCCP to redirect web traffic that traverses their Cisco Adaptive Security Appliances (ASAs) to their Cisco Web Security Appliances (WSAs). 

The simulator will provide access to the graphical user interfaces of one Cisco ASA and one Cisco WSA that are participating in a WCCP service. Not all aspects of the GUIs are implemented in the simulator. The options that have been implemented are sufficient to determine the best answer to each of the questions that are presented. 

Your task is to examine the details available in the simulated graphical user interfaces and select the best answer. 





How many Cisco ASAs and how many Cisco WSAs are participating in the WCCP service? 

A. One Cisco ASA or two Cisco ASAs configured as an Active/Standby failover pair, and one Cisco WSA. 

B. One Cisco ASA or two Cisco ASAs configured as an Active/Active failover pair, and one Cisco WSA. 

C. One Cisco ASA or two Cisco ASAs configured as an Active/Standby failover pair, and two Cisco WSAs. 

D. One Cisco ASA or two Cisco ASAs configured as an Active/Active failover pair, and two Cisco WSAs. 

E. Two Cisco ASAs and one Cisco WSA. 

F. Two Cisco ASAs and two Cisco WSAs. 

Answer: A 

Explanation: 

We can see from the output that the number of routers (ASA’s) is 1, so there is a single ASA or an active/ standby pair being used, and 1 Cache Engine. If the ASA’s were in a active/active role it would show up as 2 routers. 


Q125. What are two benefits of using SPAN with promiscuous mode deployment? (Choose two.) 

A. SPAN does not introduce latency to network traffic. 

B. SPAN can perform granular scanning on captures of per-IP-address or per-port monitoring. 

C. Promiscuous Mode can silently block traffic flows on the IDS. 

D. SPAN can analyze network traffic from multiple points. 

Answer: A,D 


Q126. Which two options are features of the Cisco Email Security Appliance? (Choose two.) 

A. Cisco Anti-Replay Services 

B. Cisco Destination Routing 

C. Cisco Registered Envelope Service 

D. Cisco IronPort SenderBase Network 

Answer: C,D 


Q127. CCORRECT TEXT 



Answer: Steps are in Explanation below: 


Q128. Which Cisco Web Security Appliance deployment mode requires minimal change to endpoint devices? 

A. Transparent Mode 

B. Explicit Forward Mode 

C. Promiscuous Mode 

D. Inline Mode 

Answer: A 


Related 300-207 Articles