Your success in Cisco 300-207 is our sole target and we develop all our 300-207 braindumps in a way that facilitates the attainment of this target. Not only is our 300-207 study material the best you can find, it is also the most detailed and the most updated. 300-207 Practice Exams for Cisco CCNP Security 300-207 are written to the highest standards of technical accuracy.

Q11. Which configuration option causes an ASA with IPS module to drop traffic matching IPS signatures and to block all traffic if the module fails? 

A. Inline Mode, Permit Traffic 

B. Inline Mode, Close Traffic 

C. Promiscuous Mode, Permit Traffic 

D. Promiscuous Mode, Close Traffic 

Answer:


Q12. Over the period of one day, several Atomic ARP engine alerts fired on the same IP address. You observe that each time an alert fired, requests on the IP address exceeded replies by the same number. Which configuration could cause this behavior? 

A. The reply-ratio parameter is enabled. 

B. MAC flip is enabled. 

C. The inspection condition is disabled. 

D. The IPS is misconfigured. 

Answer:


Q13. Which command establishes a virtual console session to a CX module within a Cisco Adaptive Security Appliance? 

A. session 1 ip address 

B. session 2 ip address 

C. session 1 

D. session ips console 

E. session cxsc console 

Answer:


Q14. Which three options are IPS signature classifications? (Choose three.) 

A. tuned signatures 

B. response signatures 

C. default signatures 

D. custom signatures 

E. preloaded signatures 

F. designated signatures 

Answer: A,C,D 


Q15. What action will the sensor take regarding IP addresses listed as known bad hosts in the Cisco SensorBase network? 

A. Global correlation is configured in Audit mode fortesting the feature without actually denying any hosts. 

B. Global correlation is configured in Aggressive mode, which has a very aggressive effect on deny actions. 

C. It will not adjust risk rating values based on the known bad hosts list. 

D. Reputation filtering is disabled. 

Answer:

Explanation: 

This can be seen on the Globabl Correlation – Inspection/Reputation tab show below: 


Q16. Which three features does Cisco CX provide? (Choose three.) 

A. HTTPS traffic decryption and inspection 

B. Application Visibility and Control 

C. Category or reputation-based URL filtering 

D. Email virus scanning 

E. Application optimization and acceleration 

F. VPN authentication 

Answer: A,B,C 


Q17. Which IPS engine detects ARP spoofing? 

A. Atomic ARP Engine 

B. Service Generic Engine 

C. ARP Inspection Engine 

D. AIC Engine 

Answer:


Q18. Which two statements regarding the basic setup of the Cisco CX for services are correct? (Choose two.) 

A. The Packet capture feature is available for either permitted or dropped packets by default. 

B. Public Certificates can be used for HTTPS Decryption policies. 

C. Public Certificates cannot be used for HTTPS Decryption policies. 

D. When adding a standard LDAP realm, the group attribute will be UniqueMember. 

E. The Packet capture features is available for permitted packets by default. 

Answer: C,E 


Q19. What can you use to access the Cisco IPS secure command and control channel to make configuration changes? 

A. SDEE 

B. the management interface 

C. an HTTP server 

D. Telnet 

Answer:


Q20. What is the default CX Management 0/0 IP address on a Cisco ASA 5512-X appliance? 

A. 192.168.1.1 

B. 192.168.1.2 

C. 192.168.1.3 

D. 192.168.1.4 

E. 192.168.1.5 

F. 192.168.8.8 

Answer: