Exact 300-207 Dumps 2021

NEW QUESTION 1
Using the Cisco WSA GUI, where should an operator navigate to determine the running software image on the Cisco WSA?

• A. Systems Administration > System Upgrade
• B. Systems Administration > Feature Keys
• C. Systems Administration > General
• D. Admin > System Info

Answer: A

NEW QUESTION 2
An IPS is configured to fail-closed and you observe that all packets are dropped. What is a possible reason for this behavior?

• A. Mainapp is unresponsive.
• B. The global correlation update failed.
• C. The IPS span session failed.
• D. The attack drop file is misconfigured.

Answer: A

NEW QUESTION 3
Refer to the exhibit.


























The Cisco Email Security Appliance will reject messages from which domains?

• A. red.public
• B. red.public and orange.public
• C. red.public, orange.public and yellow.public
• D. orange.public
• E. violet.public
• F. violet.public and blue.public
• G. None of the listed domains

Answer: G

Explanation: The BLOCKED policy rejects messages as shown below:

Capture
The BLOCKED policy is assigned to the BLACKLIST sender group, and here we see that no senders have been applied to this group:

Capture

NEW QUESTION 4
Which two options are the correct URL and credentials used to access the Cisco Web Security Appliance for the first time? (Choose two.)

• A. admin/password
• B. http://192.168.1.1:8080
• C. ironport/ironport
• D. http://192.168.42.42:8080
• E. admin/ironport
• F. http://192.168.42.42:8443

Answer: DE

NEW QUESTION 5
Which statement about the Cisco ASA CX role in inspecting SSL traffic is true?

• A. To decrypt traffic, the Cisco ASA CX must accept the websites' certificates as Trusted Root Cas.
• B. If the administrator elects to decrypt traffic, the Cisco ASA CX acts as a man-in—me- middle.
• C. Either all traffic is decrypted, or no traffic is decrypted by the Cisco ASA CX.
• D. The traffic is encrypted, so the Cisco ASA CX cannot determine the content of the traffic.

Answer: B

NEW QUESTION 6
Elliptic curve cryptography is a stronger more efficient cryptography method meant to replace which current encryption technology?

• A. RSA
• B. DES
• C. AES

Answer: A

NEW QUESTION 7
Which Cisco IOS command uses the default class map to limit SNMP inspection to traffic from
10.1.1.0 to 192.168.1.0?

• A. hostname(config)# access-list inspect extended permit ip 10.1.1.0.0.0.0.255 192.168.1.0.0.0.0.255hostname(config)# class-map inspection_default hostname(config-cmap)# match access-list inspect
• B. hostname(config)# access-list inspect extended permit ip 10.1.1.0 255.255.255.0 192.168.1.0255.255.255.0hostname(config-cmap)# match access-list inspect
• C. hostname(config)# access-list inspect extended permit ip 10.1.1.0 255.255.255.0 192.168.1.0255.255.255.0hostname(config)# class-map inspection_default hostname(config-cmap)# match access-list inspect
• D. hostname(config)# access-list inspect extended permit ip 10.1.1.0.0.0.255 192.168.1.0.0.0.255hostname(config)# class-map inspection_default

Answer: C

Explanation: Reference: http://www.cisco.com/c/en/us/td/docs/security/asa/asa82/configuration/guide/config/inspect_overvi ew.html

NEW QUESTION 8
Which method does Cisco recommend for collecting streams of data on a sensor that has been virtualized?

• A. VACL capture
• B. SPAN
• C. the Wireshark utility
• D. packet capture

Answer: D

NEW QUESTION 9
Which two benefits are provided by the dynamic dashboard in Cisco ASDM Version 5.2? (Choose two.)

• A. It configures system polices for NAC devices.
• B. It forwards traffic to destination devices.
• C. It provides statistics for device health.
• D. It replaces syslog, RADIUS, and TACACS+ servers.
• E. It automatically detects Cisco security appliances to configure.

Answer: CE

NEW QUESTION 10
Which two commands are used to verify that CWS redirection is working on a Cisco ASA appliance? (Choose two.)

• A. show scansafe statistics
• B. show webvpn statistics
• C. show service-policy inspect scansafe
• D. show running-config scansafe
• E. show running-config webvpn
• F. show url-server statistics

Answer: AC

NEW QUESTION 11
Which three administrator actions are used to configure IP logging in Cisco IME? (Choose three.)

• A. Select a virtual sensor.
• B. Enable IP logging.
• C. Specify the host IP address.
• D. Set the logging duration.
• E. Set the number of packets to capture.
• F. Set the number of bytes to capture.

Answer: ACD

NEW QUESTION 12
Which two options are characteristics of router-based IPS? (Choose two.)

• A. It supports custom signatures
• B. It supports virtual sensors.
• C. It supports multiple VRFs.
• D. It uses configurable anomaly detection.
• E. Signature definition files have been deprecated.

Answer: CE

NEW QUESTION 13
Which signature engine is responsible for ICMP inspection on Cisco IPS?

• A. AIC Engine
• B. Fixed Engine
• C. Service Engine
• D. Atomic IP Engine

Answer: D

NEW QUESTION 14
Which two practices are recommended for implementing NIPS at enterprise Internet edges? (Choose two.)

• A. Integrate sensors primarily on the more trusted side of the firewall (inside or DMZ interfaces).
• B. Integrate sensors primarily on the less trusted side of the firewall (outside interfaces).
• C. Implement redundant IPS and make data paths symmetrical.
• D. Implement redundant IPS and make data paths asymmetrical.
• E. Use NIPS only for small implementations.

Answer: AC

NEW QUESTION 15
What is a difference between a Cisco Content Security Management virtual appliance and a physical appliance?

• A. The virtual appliance requires an additional license to run on a host.
• B. The physical appliance requires an additional license to activate its adapters.
• C. Migration between virtual appliances of varying sizes is possible, but physical appliances must be of equal size.
• D. The physical appliance is configured with a DHCP-enabled management port to receive an IP address automatically, but you must assign the virtual appliance an IP address manually in your management subnet.

Answer: A

NEW QUESTION 16
Which Cisco technology provides spam filtering and email protection?

• A. IPS
• B. ESA
• C. WSA
• D. CX

Answer: B

NEW QUESTION 17
DRAG DROP
Drag and drop the terms on the left onto the correct definition for the promiscuous IPS risk rating calculation on the right.

Answer:

Explanation:

NEW QUESTION 18
Which three zones are used for anomaly detection in a Cisco IPS? (Choose three.)

• A. internal zone
• B. external zone
• C. illegal zone
• D. inside zone
• E. outside zone
• F. DMZ zone

Answer: ABC

NEW QUESTION 19
In order to set up HTTPS decryption on the Cisco Web Security Appliance, which two steps must be performed? (Choose two.)

• A. Enable and accept the EULA under Security Services > HTTPS Proxy.
• B. Upload a publicly signed server certificate.
• C. Configure or upload a certificate authority certificate.
• D. Enable HTTPS decryption in Web Security Manager > Access Policies.

Answer: AC