Exam Code: 300-207 (Practice Exam Latest Test Questions VCE PDF)
Exam Name: Implementing Cisco Threat Control Solutions (SITCS)
Certification Provider: Cisco
Free Today! Guaranteed Training- Pass 300-207 Exam.
Q31. Which command can change the HTTPS SSL method on the Cisco ESA?
A. sslconfig
B. strictssl
C. sshconfig
D. adminaccessconfig
Answer: A
Q32. Which command verifies that the correct CWS license key information was entered on the Cisco ASA?
A. sh run scansafe server
B. sh run scansafe
C. sh run server
D. sh run server scansafe
Answer: B
Q33. Which Cisco monitoring solution displays information and important statistics for the security devices in a network?
A. Cisco Prime LAN Management
B. Cisco ASDM Version 5.2
C. Cisco Threat Defense Solution
D. Syslog Server
E. TACACS+
Answer: B
Q34. What is the default IP range of the external zone?
A. 0.0.0.0 0.0.0.0
B. 0.0.0.0 - 255.255.255.255
C. 0.0.0.0/8
D. The network of the management interface
Answer: B
Q35. When you create a new server profile on the Cisco ESA, which subcommand of the ldapconfig command configures spam quarantine end-user authentication?
A. isqauth
B. isqalias
C. test
D. server
Answer: A
Q36. Which three options are valid event actions for a Cisco IPS? (Choose three.)
A. deny-packet-inline
B. deny-attack-reset
C. produce-verbose-alert
D. log-attacker-packets
E. deny-packet-internal
F. request-block-drop-connection
Answer: A,C,D
Q37. Joe was asked to secure access to the Cisco Web Security Appliance to prevent unauthorized access. Which four steps should Joe implement to accomplish this goal? (Choose four.)
A. Implement IP access lists to limit access to the management IP address in the Cisco Web Security Appliance GUI.
B. Add the Cisco Web Security Appliance IP address to the local access list.
C. Enable HTTPS access via the GUI/CLI with redirection from HTTP.
D. Replace the Cisco self-signed certificate with a publicly signed certificate.
E. Put the Cisco WSA Management interface on a private management VLAN.
F. Change the netmask on the Cisco WSA Management interface to a 32-bit mask.
G. Create an MX record for the Cisco Web Security Appliance in DNS.
Answer: A,C,D,E
Q38. Which three statements about threat ratings are true? (Choose three.)
A. A threat rating is equivalent to a risk rating that has been lowered by an alert rating.
B. The largest threat rating from all actioned events is added to the risk rating.
C. The smallest threat rating from all actioned events is subtracted from the risk rating.
D. The alert rating for deny-attacker-inline is 45.
E. Unmitigated events do not cause a threat rating modification.
F. The threat rating for deny-attacker-inline is 50.
Answer: A,D,E
Q39. During initial configuration, the Cisco ASA can be configured to drop all traffic if the ASA CX SSP fails by using which command in a policy-map?
A. cxsc fail
B. cxsc fail-close
C. cxsc fail-open
D. cxssp fail-close
Answer: B
Q40. Which Cisco technology provides spam filtering and email protection?
A. IPS
B. ESA
C. WSA
D. CX
Answer: B