Proper study guides for Update Cisco Implementing Cisco Threat Control Solutions (SITCS) certified begins with Cisco 300-207 preparation products which designed to deliver the Real 300-207 questions by making you pass the 300-207 test at your first time. Try the free 300-207 demo right now.

Q1. What is the default antispam policy for positively identified messages within the Cisco Email Security Appliance? 

A. Drop 

B. Deliver and Append with [SPAM] 

C. Deliver and Prepend with [SPAM] 

D. Deliver and Alternate Mailbox 

Answer:


Q2. What can Cisco Prime Security Manager (PRSM) be used to achieve? 

A. Configure and Monitor Cisco CX Application Visibility and Control, web filtering, access and decryption policies 

B. Configure Cisco ASA connection limits 

C. Configure TCP state bypass in Cisco ASA and IOS 

D. Configure Cisco IPS signature and monitor signature alerts 

E. Cisco Cloud Security on Cisco ASA 

Answer:


Q3. Which Cisco ASA configuration command drops traffic if the Cisco ASA CX module fails? 

A. no fail-open 

B. fail-close 

C. fail-close auth-proxy 

D. auth-proxy 

Answer:


Q4. Which two statements about devices within a Cisco ESA cluster are true? (Choose two.) 

A. Clustered systems must consist of devices in the same hardware series. 

B. Clustered devices can communicate via either SSH or Cluster Communication Service. 

C. Clustered devices can communicate only with Cluster Communication Service. 

D. In-the-cloud devices must be in a separate cluster from on-premise devices. 

E. Clustered devices can run different versions of AsyncOS. 

Answer: A,B 


Q5. Refer to the exhibit. 

What CLI command generated the output? 

A. smtproutes 

B. tophosts 

C. hoststatus 

D. workqueuestatus 

Answer:


Q6. Which three protocols are required when considering firewall rules for email services using a Cisco Email Security Appliance? (Choose three.) 

A. SMTP 

B. HTTP 

C. DNS 

D. SNMP 

E. FTP 

Answer: A,B,C 


Q7. Which three administrator actions are used to configure IP logging in Cisco IME? (Choose three.) 

A. Select a virtual sensor. 

B. Enable IP logging. 

C. Specify the host IP address. 

D. Set the logging duration. 

E. Set the number of packets to capture. 

F. Set the number of bytes to capture. 

Answer: A,C,D 


Q8. Which two options are characteristics of router-based IPS? (Choose two.) 

A. It supports custom signatures 

B. It supports virtual sensors. 

C. It supports multiple VRFs. 

D. It uses configurable anomaly detection. 

E. Signature definition files have been deprecated. 

Answer: C,E 


Q9. Which two conditions must you configure in an event action rule to match all IPv4 addresses in the victim range and filter on the complete subsignature range? (Choose two.) 

A. Disable event action override. 

B. Leave the victim address range unspecified. 

C. Set the subsignature ID-range to the default. 

D. Set the deny action percentage to 100. 

E. Set the deny action percentage to 0. 

Answer: B,C 


Q10. Which antispam technology assumes that email from server A, which has a history of distributing spam, is more likely to be spam than email from server B, which does not have a history of distributing spam? 

A. Reputation-based filtering 

B. Context-based filtering 

C. Cisco ESA multilayer approach 

D. Policy-based filtering 

Answer: