♥♥ 2021 NEW RECOMMEND ♥♥
Free VCE & PDF File for Cisco 300-207 Real Exam (Full Version!)
★ Pass on Your First TRY ★ 100% Money Back Guarantee ★ Realistic Practice Exam Questions
Free Instant Download NEW 300-207 Exam Dumps (PDF & VCE):
Available on:
http://www.surepassexam.com/300-207-exam-dumps.html
Q91. The Web Security Appliance has identities defined for faculty and staff, students, and default access. The faculty and staff identity identifies users based on the source network and authenticated credentials. The identity for students identifies users based on the source network along with successful authentication credentials. The global identity is for guest users not authenticated against the domain.
Recently, a change was made to the organization's security policy to allow faculty and staff access to a social network website, and the security group changed the access policy for faculty and staff to allow the social networking category.
Which are the two most likely reasons that the category is still being blocked for a faculty and staff user? (Choose two.)
A. The user is being matched against the student policy because the user did not enter credentials.
B. The user is using an unsupported browser so the credentials are not working.
C. The social networking URL was entered into a custom URL category that is blocked in the access policy.
D. The user is connected to the wrong network and is being blocked by the student policy.
E. The social networking category is being allowed but the AVC policy is still blocking the website.
Answer: C,E
Q92. A Cisco Web Security Appliance's policy can provide visibility and control of which two elements? (Choose two.)
A. Voice and Video Applications
B. Websites with a reputation between -100 and -60
C. Secure websites with certificates signed under an unknown CA
D. High bandwidth websites during business hours
Answer: C,D
Q93. Which three functions can Cisco Application Visibility and Control perform? (Choose three.)
A. Validation of malicious traffic
B. Traffic control
C. Extending Web Security to all computing devices
D. Application-level classification
E. Monitoring
F. Signature tuning
Answer: B,D,E
Q94. Which two statements about Cisco ESA clusters are true? (Choose two.)
A. A cluster must contain exactly one group.
B. A cluster can contain multiple groups.
C. Clusters are implemented in a client/server relationship.
D. The cluster configuration must be managed by the cluster administrator.
E. The cluster configuration can be created and managed through either the GUI or the CLI.
Answer: B,E
Q95. Which three statements about the Cisco IPS appliance configurations are true? (Choose three.)
A. The maximum number of denied attackers is set to 10000.
B. The block action duraton is set to 3600 seconds.
C. The Meta Event Generator is globally enabled.
D. Events Summarization is globally disabled.
E. Threat Rating Adjustment is globally disabled.
Answer: A,B,C
Q96. What are three best practices for a Cisco Intrusion Prevention System? (Choose three.)
A. Checking for new signatures every 4 hours
B. Checking for new signatures on a staggered schedule
C. Automatically updating signature packs
D. Manually updating signature packs
E. Group tuning of signatures
F. Single tuning of signatures
Answer: B,C,E