Exam Code: 300-207 (Practice Exam Latest Test Questions VCE PDF)
Exam Name: Implementing Cisco Threat Control Solutions (SITCS)
Certification Provider: Cisco
Free Today! Guaranteed Training- Pass 300-207 Exam.
2021 Oct examcollection 300-207:
Q61. Which two design considerations are required to add the Cisco Email Security Appliance to an existing mail delivery chain? (Choose two.)
A. Existing MX records should be maintained and policy routing should be used to redirect traffic to the ESA.
B. Update the MX records to point to the inbound listener interfaces on the ESA.
C. Update the MX records to point to the outbound listener interfaces on the ESA.
D. Different Listeners must be used to handle inbound and outbound mail handling.
E. The ESA should be connected to the same subnet as the Email Server because it maintains only a single routing table.
F. The ESA can be connected to a DMZ external to the Email Server because it maintains multiple routing tables.
G. The ESA can be connected to a DMZ external to the Email Server but it maintains only a single routing table.
H. Mail Listeners by default can share the same IP interface by defining the routes for sending and receiving.
Q62. Which Cisco technology provides spam filtering and email protection?
Q63. Which Cisco WSA is intended for deployment in organizations of up to 1500 users?
A. WSA S370
B. WSA S670
C. WSA S370-2RU
D. WSA S170
Q64. When a Cisco Email Security Appliance joins a cluster, which four settings are inherited? (Choose four.)
A. IP address
B. DNS settings
C. SMTP routes
Q65. Which two statements about devices within a Cisco ESA cluster are true? (Choose two.)
A. Clustered systems must consist of devices in the same hardware series.
B. Clustered devices can communicate via either SSH or Cluster Communication Service.
C. Clustered devices can communicate only with Cluster Communication Service.
D. In-the-cloud devices must be in a separate cluster from on-premise devices.
E. Clustered devices can run different versions of AsyncOS.
Rebirth ipexpert 300-207:
Q66. Which three administrator actions are used to configure IP logging in Cisco IME? (Choose three.)
A. Select a virtual sensor.
B. Enable IP logging.
C. Specify the host IP address.
D. Set the logging duration.
E. Set the number of packets to capture.
F. Set the number of bytes to capture.
Q67. The Web Security Appliance has identities defined for faculty and staff, students, and default access. The faculty and staff identity identifies users based on the source network and authenticated credentials. The identity for students identifies users based on the source network along with successful authentication credentials. The global identity is for guest users not authenticated against the domain.
Recently, a change was made to the organization's security policy to allow faculty and staff access to a social network website, and the security group changed the access policy for faculty and staff to allow the social networking category.
Which are the two most likely reasons that the category is still being blocked for a faculty and staff user? (Choose two.)
A. The user is being matched against the student policy because the user did not enter credentials.
B. The user is using an unsupported browser so the credentials are not working.
C. The social networking URL was entered into a custom URL category that is blocked in the access policy.
D. The user is connected to the wrong network and is being blocked by the student policy.
E. The social networking category is being allowed but the AVC policy is still blocking the website.
Q68. What is the function of the Cisco Context Adaptive Scanning Engine in Cisco Hybrid Email Security services?
A. It uses real-time traffic threat assessment to identify suspicious email senders and messages.
B. It provides a preventive defense against viruses by scanning messages before they enter the network.
C. It analyzes message content and attachments to protect an organization's intellectual property.
D. It protects against blended threats by using human-like logic to review and evaluate traffic.
Q69. What are two benefits of using SPAN with promiscuous mode deployment? (Choose two.)
A. SPAN does not introduce latency to network traffic.
B. SPAN can perform granular scanning on captures of per-IP-address or per-port monitoring.
C. Promiscuous Mode can silently block traffic flows on the IDS.
D. SPAN can analyze network traffic from multiple points.
Q70. With Cisco IDM, which rate limit option specifies the maximum bandwidth for rate-limited traffic?
see more 300-207 dumps