300-207 | Cisco 300-207 Braindumps 2021

NEW QUESTION 1
The Web Cache Communication Protocol (WCCP) is a content-routing protocol that can facilitate the redirection of traffic flows in real time. Your organization has deployed WCCP to redirect web traffic that traverses their Cisco Adaptive Security Appliances (ASAs) to their Cisco Web Security Appliances (WSAs).
The simulator will provide access to the graphical user interfaces of one Cisco ASA and one Cisco WSA that are participating in a WCCP service. Not all aspects of the GUIs are implemented in the simulator. The options that have been implemented are sufficient to determine the best answer to each of the questions that are presented.
Your task is to examine the details available in the simulated graphical user interfaces and select the best answer.




What traffic is not redirected by WCCP?

• A. Traffic destined to public address space
• B. Traffic sent from public address space
• C. Traffic destined to private address space
• D. Traffic sent from private address space

Answer: B

Explanation: From the screen shot below we see the WCCP-Redirection ACL is applied, so all traffic from the Private IP space to any destination will be redirected.

NEW QUESTION 2
How are HTTP requests handled by the Cisco WSA?

• A. transparent request has a destination IP address of the configured proxy.
• B. The URI for an implicit request doest not contain the DNS host.
• C. An explict request has a destination IP address of the intended web server.
• D. The URI for an explicit request contains the host with the protocol information.

Answer: D

NEW QUESTION 3
DRAG DROP
Drag and drop the steps on the left into the correct order on the right to configure a Cisco ASA
NGFW with multiple security contexts.

Answer:

Explanation:

NEW QUESTION 4
Refer to the exhibit.


























What is the maximum message size that the Cisco Email Security Appliance will accept from the violet.public domain?

• A. 1 KB
• B. 100 KB
• C. 1 MB
• D. 10 MB
• E. 100 MB
• F. Unlimited

Answer: D

Explanation: From the instructions we know that the reputation score for the violet.public domain has been set to 8. From the HAT table shown below we know that a score of 8 belongs to the UNKNOWNLIST group, which is assigned the ACCEPTED policy.

Capture
By clicking on the ACCEPTED policy we see that max message size has been set to the default value of 10M:

Capture

NEW QUESTION 5
Which three search parameters are supported by the Email Security Monitor? (Choose three.)

• A. Destination domain
• B. Network owner
• C. MAC address
• D. Policy requirements
• E. Internal sender IP address
• F. Originating domain

Answer: ABE

NEW QUESTION 6
What can you use to access the Cisco IPS secure command and control channel to make configuration changes?

• A. SDEE
• B. the management interface
• C. an HTTP server
• D. Telnet

Answer: B

NEW QUESTION 7
Refer to the exhibit.


























What is the maximum number of recipients per hour that the Cisco Email Security Appliance will accept from the green.public domain?

• A. 1
• B. 20
• C. 25
• D. 50
• E. 5000
• F. Unlimited

Answer: C

Explanation: From the instructions we know that the green.public domain has been assigned a reputation score of 2. From below we know that a reputation score of 2 belongs to the SUSPECTLIST, which has a policy of “THROTTLED”:

Capture
By clicking on the THROTTLED policy we see that the max recipients per hour has been set to 20:

Capture

NEW QUESTION 8
Which interface on the Cisco Email Security Appliance has HTTP and SSH enabled by default?

• A. data 1
• B. data 2
• C. management 1
• D. all interfaces

Answer: A

NEW QUESTION 9
Which Cisco technology is a modular security service that combines a stateful inspection firewall with next-generation application awareness, providing near real-time threat protection?

• A. Cisco ASA 5500 series appliances
• B. Cisco ASA CX Context-Aware Security
• C. WSA
• D. Internet Edge Firewall / IPS

Answer: B

NEW QUESTION 10
Which option is a benefit of Cisco Email Security virtual appliance over the Cisco ESA appliance?

• A. reduced space and power requirements
• B. outbound message protection
• C. automated administration
• D. global threat intelligence updates from Talos

Answer: A

NEW QUESTION 11
Which option is a benefit of Cisco hybrid email security?

• A. on-premises control of outbound data
• B. advanced malware protection
• C. email encryption
• D. message tracking

Answer: A

NEW QUESTION 12
Refer to the exhibit.



Which two statements about Signature 1104 are true? (Choose two.)

• A. This is a custom signature.
• B. The severity level is High.
• C. This signature has triggered as indicated by the red severity icon.
• D. Produce Alert is the only action defined.
• E. This signature is enabled, but inactive, as indicated bythe/0 to that follows the signature number.

Answer: BD

Explanation: This can be seen here where signature 1004 is the 5th one down:

NEW QUESTION 13
What is a primary difference between the web security features of the Cisco WSA and the Cisco ASA NGFW?

• A. Cisco WSA provides URL filtering, while Cisco ASA NGFW does not.
• B. Cisco ASA NGFW provides caching services, while Cisco WSA does not.
• C. Cisco WSA provides web reputation filtering, while Cisco ASA NGFW does not.
• D. Cisco ASA NGFW provides application visibility and control on all ports, while Cisco WSA does not.

Answer: D

NEW QUESTION 14
Refer to the exhibit.

The system administrator of mydomain.com was informed that one of the users in his environment received spam from an Internet sender. Message tracking shows that the emails for this user were not scanned by antispam. Why did the Cisco Email Security gateway fail to do a spam scan on emails for user@mydomain.com?

• A. The remote MTA activated the SUSPECTLIST sender group.
• B. The Cisco Email Security gateway created duplicates of the message.
• C. The user user@mydomain.com matched an inbound rule with antispam disabled.
• D. The user bob@mydomain.com matched an inbound rule with antispam disabled.

Answer: C

NEW QUESTION 15
Which two benefits are provided by the dynamic dashboard in Cisco ASDM Version 5.2? (Choose two.)

• A. It configures system polices for NAC devices.
• B. It forwards traffic to destination devices.
• C. It provides statistics for device health.
• D. It replaces syslog, RADIUS, and TACACS+ servers.
• E. It automatically detects Cisco security appliances to configure.

Answer: CE

NEW QUESTION 16
When https traffic is scanned, which component of the full URL does CWS log?

• A. not log
• B. only host host and query path and query

Answer: B

NEW QUESTION 17
Which two options are the correct URL and credentials used to access the Cisco Web Security Appliance for the first time? (Choose two.)

• A. admin/password
• B. http://192.168.1.1:8080
• C. ironport/ironport
• D. http://192.168.42.42:8080
• E. admin/ironport
• F. http://192.168.42.42:8443

Answer: DE