Cisco 300-210 Braindumps 2021

NEW QUESTION 1
Which feature requires the network discovery policy for it to work on the Cisco Next Generate fusion Prevent-on System,

• A. impact flags
• B. URL filtering
• C. security intelligence
• D. health monitoring

Answer: A

NEW QUESTION 2
Which solution must a customer deploy to prioritize traffic to a cloud-based contact management application while still allowing employees access to the Internet for business and personal use?

• A. Cisco Application Visibility and Control
• B. Cisco Intrusion Prevention Services
• C. Cisco NetFlow
• D. policy-based routing

Answer: A

NEW QUESTION 3
Which Cisco ESA predefined sender group uses parameter-matching to reject senders?

• A. BLACKLIST
• B. WHITELIST
• C. SUSPECTLIST
• D. UNKNOWNLIST

Answer: A

NEW QUESTION 4
The security team needs to limit the number of e-mails they receive from the Intellishield Alert Service. Which three parameters can they adjust to restrict alerts to specific product sets? (Choose three.)

• A. Vendor
• B. Chassis/Module
• C. Device ID
• D. Service Contract
• E. Version/Release
• F. Service Pack/Platform

Answer: AEF

NEW QUESTION 5
Which option describes the role of the Learning Accept Mode for anomaly detection?

• A. It creates a knowledge base of the network traffic
• B. It detects ongoing attacks and adds them to a database.
• C. It configures the anomaly detection zones.
• D. It identifies incomplete connections and flags them.

Answer: A

Explanation: http://www.cisco.com/c/en/us/td/docs/security/security_management/cisco_security_manager/sec urity_manager/4-0/user/guide/CSMUserGuide_wrapper/ipsanom.html

NEW QUESTION 6
At which value do custom signatures begin?

• A. 1024
• B. 10000
• C. 1
• D. 60000

Answer: D

NEW QUESTION 7
Which two types of software can be installed on a cisco ASA-5545-X appliance? (choose two)

• A. cisco ASAv
• B. Cisco firePOWER Appliance
• C. Cisco firePOWER services
• D. cisco ASA
• E. ciscofirePOWER management Center

Answer: CD

NEW QUESTION 8
Which two GUI options display users' activity in Cisco Web Security Appliance? (Choose two.)

• A. Web Security Manager Identity Identity Name
• B. Security Services Reporting
• C. Reporting Users
• D. Reporting Reports by User Location

Answer: CD

NEW QUESTION 9
Which CLI command is used to register a Cisco FirePOWER sensor to Firepower Management Center?

• A. configure system add <host><key>
• B. configure manager <key> add host
• C. configure manager delete
• D. configure manger add <host><key>

Answer: A

Explanation: http://www.cisco.com/c/en/us/td/docs/security/firepower/60/configuration/guide
/fpmc-config-guide-v60/fpmc-config-guide-v60_appendix_01011110.html#ID-2201-00000005

NEW QUESTION 10
over which two ports does the ISR G2 connector for CWS support redirection of HTTP traffic? (choose tw0)

• A. TCP port 65535
• B. UDP port 8080
• C. TCP port 88
• D. TCP port 80 E,.UDP port 80

Answer: AD

NEW QUESTION 11
Which piece of information is required to perform a policy trace for the Cisco WSA?

• A. the destination IP address of the trace
• B. the source IP address of the trace
• C. the URL to trace
• D. authentication credentials to make the request

Answer: C

NEW QUESTION 12
Refer to exhibit.
Which configuration blow would result in this output of the show service-policy sfr command?

• A. policy-map global_policy Class inspection_default Class sfrSfr
• B. Policy-map global_policy Class inspection-default Class sfrSfr fail-close
• C. policy-map global_policy Class inspection_default Class sfrSfr fail-open monitor-only
• D. policy-map global_policy Class inspection_default Class sfrSfr fail-close monitor-only

Answer: C

NEW QUESTION 13
Which Cisco ASA SSL VPN feature provides support for PCI compliance by allowing for the validation of two sets of username and password credentials on the SSL VPN login page?

• A. Single Sign-On
• B. Certificate to Profile Mapping
• C. Double Authentication
• D. RSA OTP

Answer: D

NEW QUESTION 14


























What is the maximum number of recipients per hour that the Cisco Email Security Appliance will accept from the green.public domain?

• A. 1
• B. 20
• C. 25
• D. 50
• E. 5000
• F. Unlimited

Answer: C

Explanation: From the instructions we know that the green.public domain has been assigned a reputation score of 2. From below we know that a reputation score of 2 belongs to the SUSPECTLIST, which has a policy of “THROTTLED”:
Capture

By clicking on the THROTTLED policy we see that the max recipients per hour has been set to 20: Capture

NEW QUESTION 15



Which three statements about the Cisco IPS appliance configurations are true? (Choose three.)

• A. The maximum number of denied attackers is set to 10000.
• B. The block action duraton is set to 3600 seconds.
• C. The Meta Event Generator is globally enabled.
• D. Events Summarization is globally disabled.
• E. Threat Rating Adjustment is globally disabled.

Answer: ABC

NEW QUESTION 16
When centralized message tracking is enabled on the Cisco ESA, over which port does the communication to the SMA occur by default?

• A. port 2222/TCP
• B. port 443/TCP
• C. port 25/TCP
• D. port 22/TCP

Answer: D

NEW QUESTION 17
Which three statements concerning keystroke logger detection are correct? (Choose three.)

• A. requires administrative privileges in order to run
• B. runs on Windows and MAC OS X systems
• C. detects loggers that run as a process or kernel module
• D. detects both hardware- and software-based keystroke loggers
• E. allows the administrator to define "safe" keystroke logger applications

Answer: ACE