300-207 | Actual 300-207 Braindumps 2021

NEW QUESTION 1
On which platforms can you run CWS connector? (Choose two)

• A. Cisco ASA Firewall
• B. Cisco IPS module
• C. Standalone deployment
• D. Cisco ISR router
• E. Cisco Firepower NGIPS

Answer: AD

NEW QUESTION 2
What are three arguments that can be used with the show content-scan command in Cisco IOS software? (Choose three)

• A. session
• B. data
• C. verbose
• D. buffer
• E. summary
• F. statistics

Answer: AEF

NEW QUESTION 3
Which information does the show scansafe statistics command provide?

• A. ESA message tracking
• B. PRSM events
• C. AV statistics
• D. Cisco CWS activity

Answer: D

NEW QUESTION 4
Which piece of information is required to perform a policy trace for the Cisco WSA?

• A. the URL to trace
• B. the source IP address of the trace
• C. authentication credentials to make the request
• D. the destination IP address of the trace

Answer: A

NEW QUESTION 5
A user is deploying a Cisco IPS appliance in a data center to mitigate most attacks, including atomic attacks. Which two modes does Cisco recommend using to configure for this? (Choose two.)

• A. VLAN pair
• B. interface pair
• C. transparent mode
• D. EtherChannel load balancing
• E. promiscuous mode

Answer: AD

NEW QUESTION 6
If inline-TCP-evasion-protection-mode on a Cisco IPS is set to asymmetric mode, what is a side effect?

• A. Packet flow is normal.
• B. TCP requests are throttled.
• C. Embryonic connections are ignored.
• D. Evasion may become possible.

Answer: D

NEW QUESTION 7
Refer to the exhibit.

The system administrator of mydomain.com received complaints that some messages that were sent from sender user@somedomain.com were delayed. Message tracking data on the sender shows that an email sample that was received was clean and properly delivered. What is the likely cause of the intermittent delays?

• A. The remote MTA has a SenderBase Reputation Score of -1.0.
• B. The remote MTA is sending emails from RFC 1918 IP addresses.
• C. The remote MTA has activated the SUSPECTLIST sender group.
• D. The remote MTA has activated the default inbound mail policy.

Answer: C

NEW QUESTION 8
Who or what calculates the signature fidelity rating?

• A. the signature author
• B. Cisco Professional Services
• C. the administrator
• D. the security policy

Answer: A

NEW QUESTION 9
When a user receives an encrypted email from a Cisco ESA, which technology is used to retrieve the key to open the email?

• A. trusted certificate authority
• B. private certificate authority
• C. Cisco Registered Envelope Service
• D. Simple Certificate Enrollment Protocol

Answer: C

NEW QUESTION 10
Which configuration option causes an ASA with IPS module to drop traffic matching IPS signatures and to block all traffic if the module fails?

• A. Inline Mode, Permit Traffic
• B. Inline Mode, Close Traffic
• C. Promiscuous Mode, Permit Traffic
• D. Promiscuous Mode, Close Traffic

Answer: B

NEW QUESTION 11
CORRECT TEXT

Answer:

Explanation: We need to create a policy map named inside-policy and send the traffic to the CXSC blade:
ASA-FW# config t
ASA-FW(config)# policy-map inside-policy
ASA-FW(config-pmap)# policy-map inside-policy ASA-FW(config-pmap)# class class-default
ASA-FW(config-pmap-c)# cxsc fail-close auth-proxy ASA-FW(config-pmap-c)# exit
ASA-FW(config-pmap)# exit
The fail-close is needed as per instructions that if the CX module fails, no traffic should be allowed. The auth-proxy keyword is needed for active authentication.
Next, we need to apply this policy map to the inside interface: ASA-FW(config)#service-policy inside-policy interface inside. Finally, verify that the policy is active:
ASA-FW# show service-policy interface inside Interface inside:
Service-policy: inside-policy Class-map: class-default
Default QueueingCXSC: card status Up, mode fail-close, auth-proxy enabled Packet input 181, packet output 183, drop 0, reset-drop 0, proxied 0
Configuration guidelines can be found at this reference link:

NEW QUESTION 12
Refer to the exhibit.



Which three statements about the Cisco IPS appliance configurations are true? (Choose three.)

• A. The maximum number of denied attackers is set to 10000.
• B. The block action duraton is set to 3600 seconds.
• C. The Meta Event Generator is globally enabled.
• D. Events Summarization is globally disabled.
• E. Threat Rating Adjustment is globally disabled.

Answer: ABC

NEW QUESTION 13
Which four methods are used to deploy transparent mode traffic redirection? (Choose four.)

• A. PAC files
• B. Web Cache Communication Protocol
• C. policy-based routing
• D. Microsoft GPO
• E. Layer 4 switch
• F. DHCP server
• G. Layer 7 switch
• H. manual browser configuration

Answer: BCEG

NEW QUESTION 14
The helpdesk was asked to provide a record of delivery for an important email message that a customer claims it did not receive. Which feature of the Cisco Email Security Appliance provides this record?

• A. Outgoing Mail Reports
• B. SMTP Routes
• C. Message Tracking
• D. Scheduled Reports
• E. System Administration

Answer: C

NEW QUESTION 15
What command alters the SSL ciphers used by the Cisco Email Security Appliance for TLS sessions and HTTPS access?

• A. sslconfig
• B. sslciphers
• C. tlsconifg
• D. certconfig

Answer: A

NEW QUESTION 16
DRAG DROP
Drag and drop the terms on the left onto the correct definition for the promiscuous IPS risk rating calculation on the right.

Answer:

Explanation:

NEW QUESTION 17
r01(config)#ip wccp web-cache redirect-list 80 password local
Refer to the above. What can be determined from this router configuration command for Cisco
WSA?

• A. Traffic using TCP port 80 is redirected to the Cisco WSA.
• B. The default “cisco” password is configured on the Cisco WSA.
• C. Traffic denied in prefix-list 80 is redirected to the Cisco WSA.
• D. Traffic permitted in access-list 80 is redirected to the Cisco WSA.

Answer: D