Validated 300-207 Exam Questions and Answers 2021

NEW QUESTION 1
Which command sets the number of packets to log on a Cisco IPS sensor?

• A. ip-log-count number
• B. ip-log-packets number
• C. ip-log-bytes number
• D. ip-log number

Answer: B

NEW QUESTION 2
Which statement about the default configuration of an IPS sensor's management security
settings is true?

• A. The web server port is TCP 80
• B. Telnet and SSH are enable
• C. User accounts lock after three attempts

Answer: A

NEW QUESTION 3
The Web Cache Communication Protocol (WCCP) is a content-routing protocol that can facilitate the redirection of traffic flows in real time. Your organization has deployed WCCP to redirect web traffic that traverses their Cisco Adaptive Security Appliances (ASAs) to their Cisco Web Security Appliances (WSAs).
The simulator will provide access to the graphical user interfaces of one Cisco ASA and one Cisco WSA that are participating in a WCCP service. Not all aspects of the GUIs are implemented in the simulator. The options that have been implemented are sufficient to determine the best answer to each of the questions that are presented.
Your task is to examine the details available in the simulated graphical user interfaces and select the best answer.




Which of the following is true with respect to the version of WCCP configured on the Cisco ASA and the Cisco WSA?

• A. Both are configured for WCCP v1.
• B. Both are configured for WCCP v2.
• C. Both are configured for WCCP v3.
• D. There is a WCCP version mismatch between the Cisco WSA and the Cisco ASA.

Answer: B

Explanation: ASA version shows as version 2.0:

WSA also shows version 2 is being used:

NEW QUESTION 4
Which command verifies that CWS redirection is working on a Cisco IOS router?

• A. show content-scan session active
• B. show content-scan summary
• C. show interfaces stats
• D. show sessions

Answer: A

NEW QUESTION 5
Which Cisco ESA component receives connections from external mail servers?

• A. MTA
• B. public listener
• C. private listener
• D. recipient access table
• E. SMTP incoming relay agent

Answer: B

NEW QUESTION 6
Which is the default IP address and admin port setting for https in the Cisco Web Security Appliance?

• A. http://192.168.42.42:8080
• B. http://192.168.42.42:80
• C. https://192.168.42.42:443
• D. https://192.168.42.42:8443

Answer: D

NEW QUESTION 7
Which Cisco technology secures the network through malware filtering, category-based control, and reputation-based control?

• A. Cisco ASA 5500 Series appliances
• B. Cisco remote-access VPNs
• C. Cisco IronPort WSA
• D. Cisco IPS

Answer: C

NEW QUESTION 8
Which platform has message tracking enabled by default?

• A. C670
• B. C370
• C. Virtual ESA
• D. It is not enabled by default on any platform.

Answer: D

NEW QUESTION 9
Which option is a benefit of Cisco hybrid email security?

• A. on-premises control of outbound data
• B. advanced malware protection
• C. email encryption
• D. message tracking

Answer: A

NEW QUESTION 10
DRAG DROP
Drag and drop the steps on the left into the correct order of initial Cisco IOS IPS configuration on the right.

Answer:

Explanation:

NEW QUESTION 11
Refer to the Following. Which option describe the result of this configuration on a Cisco ASA firewall?
asafwl (config) #http server enable asafw1(config)#http 10.10.10.1 255.255.255.255 inside

• A. The firewall allows ASDM access from a client on 10.10.10.1
• B. The management IP address of the firewall is 10.10.10.1
• C. The inside interface IP address of the firewall is 10.10.10.1

Answer: A

NEW QUESTION 12
Which four statements are correct regarding management access to a Cisco Intrusion Prevention System? (Choose four.)

• A. The Telnet protocol is enabled by default
• B. The Telnet protocol is disabled by default
• C. HTTP is enabled by default
• D. HTTP is disabled by default
• E. SSH is enabled by default
• F. SSH is disabled by default
• G. HTTPS is enabled by default
• H. HTTPS is disabled by default

Answer: BDEG

NEW QUESTION 13
What are three arguments that can be used with the show content-scan command in Cisco IOS software? (Choose three)

• A. session
• B. data
• C. verbose
• D. buffer
• E. summary
• F. statistics

Answer: AEF

NEW QUESTION 14
CORRECT TEXT

Answer:

Explanation: We need to define the parameter map, specifying port 8080 for http and https and define the servers and the license:
Branch-ISR#config t
Branch-ISR(config)# parameter-map type content-scan global
Branch-ISR(config-profile)#server scansafe primary name proxy-a.scansafe.net port http 8080 https 8080
Branch-ISR(config-profile)#server scansafe secondary name proxy-b.scansafe.net port http 8080 https 8080
Branch-ISR(config-profile)#license 0 0123456789abcdef
If the CWS proxy servers are not available, we traffic should be denied. This is done by the following configuration:
Branch-ISR(config-profile)#server scansafe on-failure block-all
Now we need to apply this to the fastethernet 0/1 interface outbound: Branch-ISR(config)#interface Fastethernet 0/1
Branch-ISR(config-if)#content-scan outbound
Branch-ISR(config-if)#exit Branch-ISR(config)#exit
Finally, we can verify out configuration by using the “show content-scan summary command:
Branch-ISR#show content-scan summary Primary: 72.37.244.203(Up)*
Secondary: 70.39.231.99 (Up) Interfaces: Fastethernet0/1

NEW QUESTION 15
Within Cisco IPS anomaly detection, what is the default IP range of the external zone?

• A. 0.0.0.0 0.0.0.0
• B. 0.0.0.0 - 255.255.255.255
• C. 0.0.0.0/8
• D. the network of the management interface

Answer: B

NEW QUESTION 16
Which two conditions must you configure in an event action override to implement a risk rating of 70 or higher and terminate the connection on the IPS? (Choose two.)

• A. Configure the event action override to send a TCP reset.
• B. Set the risk rating range to 70 to 100.
• C. Configure the event action override to send a block-connection request.
• D. Set the risk rating range to 0 to 100.
• E. Configure the event action override to send a block-host request.

Answer: AB

NEW QUESTION 17
Which three functions can Cisco Application Visibility and Control perform within Cisco Cloud Web Security? (Choose three.)

• A. validation of malicious traffic
• B. traffic control
• C. extending Web Security to all computing devices
• D. application-level classification
• E. monitoring
• F. signature tuning

Answer: BDE

NEW QUESTION 18
Which option describes how the native VLAN is set up on an IPS sensor when VLAN groups are used in an inline deployment of the sensor?

• A. The sensor looks at the native VLAN setup on the switch to determine the correct native VLAN to use.
• B. The sensor does not care about VLANs.
• C. A default VLAN variable must be associated with each physical interface on the sensor.
• D. There is no way to set this, so you need to tag all traffic.
• E. ISL links are only supported.

Answer: C

NEW QUESTION 19
What is the access-list command on a Cisco IPS appliance used for?

• A. to permanently filter traffic coming to the Cisco IPS appliance via the sensing port
• B. to filter for traffic when the Cisco IPS appliance is in the inline mode
• C. to restrict management access to the sensor
• D. to create a filter that can be applied on the interface that is under attack

Answer: C