300-207 - Implementing Cisco Threat Control Solutions (SITCS)

Go back to Cisco

Example Questions

Which Cisco Web Security Appliance deployment mode requires minimal change to endpoint devices? A Cisco Email Security Appliance uses which message filter to drop all executable attachments entering and leaving the Cisco Email Security Appliance? Which set of commands changes the FTP client timeout when the sensor is communicating with an FTP server? Which Cisco technology combats viruses and malware with virus outbreak filters that are downloaded from Cisco SenderBase? With Cisco IDM, which rate limit option specifies the maximum bandwidth for rate-limited traffic? At which value do custom signatures begin? Which version of AsyncOS for web is required to deploy the Web Security Appliance as a CWS connector? Which command can change the HTTPS SSL method on the Cisco ESA? Which IPS engine detects ARP spoofing? Which two commands are valid URL filtering commands? (Choose two.) What is the authentication method for an encryption envelope that is set to medium security? What are the two policy types that can use a web reputation profile to perform reputation-based processing? (Choose two.) Which centralized reporting function of the Cisco Content Security Management Appliance aggregates data from multiple Cisco ESA devices? What is the default IP range of the external zone? Which antispam technology assumes that email from server A, which has a history of distributing spam, is more likely to be spam than email from server B, which does not have a history of distributing spam? Which command verifies that CWS redirection is working on a Cisco IOS router? When you deploy a sensor to send connection termination requests, which additional traffic- monitoring function can you configure the sensor to perform? Which is the default IP address and admin port setting for https in the Cisco Web Security Appliance? Which Cisco WSA is intended for deployment in organizations of up to 1500 users? The Web Security Appliance has identities defined for faculty and staff, students, and default access. The faculty and staff identity identifies users based on the source network and authenticated credentials. The identity for students identifies users based on the source network along with successful authentication credentials. The global identity is for guest users not authenticated against the domain. Recently, a change was made to the organization's security policy to allow faculty and staff access to a social network website, and the security group changed the access policy for faculty and staff to allow the social networking category. Which are the two most likely reasons that the category is still being blocked for a faculty and staff user? (Choose two.) Which Cisco technology prevents targeted malware attacks, provides data loss prevention and spam protection, and encrypts email? Which command allows the administrator to access the Cisco WSA on a secure channel on port 8443? What is a value that Cisco ESA can use for tracing mail flow? An ASA with an IPS module must be configured to drop traffic matching IPS signatures and block all traffic if the module fails. Which describes the correct configuration? What is the function of the Cisco Context Adaptive Scanning Engine in Cisco Hybrid Email Security services? What are two benefits of using SPAN with promiscuous mode deployment? (Choose two.) Which statement about Cisco IPS Manager Express is true? Which Cisco WSA is intended for deployment in organizations of more than 6000 users? You ran the ssh generate-key command on the Cisco IPS and now administrators are unable to connect. Which action can be taken to correct the problem? What is the default antispam policy for positively identified messages? Which command is used to enable strong ciphers on the Cisco Web Security Appliance? Which method does Cisco recommend for collecting streams of data on a sensor that has been virtualized? Which Cisco ESA command is used to edit the ciphers that are used for GUI access? What can you use to access the Cisco IPS secure command and control channel to make configuration changes? Which IPS signature regular expression CLI command matches a host issuing a domain lookup for www.theblock.com? A Cisco Web Security Appliance's policy can provide visibility and control of which two elements? (Choose two.) In order to set up HTTPS decryption on the Cisco Web Security Appliance, which two steps must be performed? (Choose two.) Which Cisco technology is a modular security service that combines a stateful inspection firewall with next-generation application awareness, providing near real-time threat protection? Which Cisco Web Security Appliance design requires minimal change to endpoint devices? The helpdesk was asked to provide a record of delivery for an important email message that a customer claims it did not receive. Which feature of the Cisco Email Security Appliance provides this record? A new Cisco IPS device has been placed on the network without prior analysis. Which CLI command shows the most fired signature? What CLI command configures IP-based access to restrict GUI and CLI access to a Cisco Email Security appliance's administrative interface? Which Cisco technology is a customizable web-based alerting service designed to report threats and vulnerabilities? When you create a new server profile on the Cisco ESA, which subcommand of the ldapconfig command configures spam quarantine end-user authentication? A system administrator wants to know if the email traffic from a remote partner will activate special treatment message filters that are created just for them. Which tool on the Cisco Email Security gateway can you use to debug or emulate the flow that a message takes through the work queue? Which command disables SSH access for administrators on the Cisco ESA? Which configuration option causes an ASA with IPS module to drop traffic matching IPS signatures and to block all traffic if the module fails? When you deploy a sensor to send connection termination requests, which additional traffic-monitoring function can you configure the sensor to perform? Which Cisco Security IntelliShield Alert Manager Service component mitigates new botnet, phishing, and web-based threats? Who or what calculates the signature fidelity rating?

Study Guides