Want to know Testking 300-207 Exam practice test features? Want to lear more about Cisco Implementing Cisco Threat Control Solutions (SITCS) certification experience? Study High quality Cisco 300-207 answers to Replace 300-207 questions at Testking. Gat a success with an absolute guarantee to pass Cisco 300-207 (Implementing Cisco Threat Control Solutions (SITCS)) test on your first attempt.

2017 Mar 300-207 exam fees

Q81. Which two statements about Cisco ESA clusters are true? (Choose two.) 

A. A cluster must contain exactly one group. 

B. A cluster can contain multiple groups. 

C. Clusters are implemented in a client/server relationship. 

D. The cluster configuration must be managed by the cluster administrator. 

E. The cluster configuration can be created and managed through either the GUI or the CLI. 

Answer: B,E 


Q82. Which Cisco ESA predefined sender group uses parameter-matching to reject senders? 

A. BLACKLIST 

B. WHITELIST 

C. SUSPECTLIST 

D. UNKNOWNLIST 

Answer:


Q83. Which Cisco monitoring solution displays information and important statistics for the security devices in a network? 

A. Cisco Prime LAN Management 

B. Cisco ASDM Version 5.2 

C. Cisco Threat Defense Solution 

D. Syslog Server 

E. TACACS+ 

Answer:


Q84. Which three statements about Cisco ASA CX are true? (Choose three.) 

A. It groups multiple ASAs as a single logical device. 

B. It can perform context-aware inspection. 

C. It provides high-density security services with high availability. 

D. It uses policy-based interface controls to inspect and forward TCP- and UDP-based packets. 

E. It can make context-aware decisions. 

F. It uses four cooperative architectural constructs to build the firewall. 

Answer: B,E,F 


Q85. The security team needs to limit the number of e-mails they receive from the Intellishield Alert Service. Which three parameters can they adjust to restrict alerts to specific product sets? (Choose three.) 

A. Vendor 

B. Chassis/Module 

C. Device ID 

D. Service Contract 

E. Version/Release 

F. Service Pack/Platform 

Answer: A,E,F 


Up to date 300-207 exam answers:

Q86. Which four statements are correct regarding management access to a Cisco Intrusion Prevention System? (Choose four.) 

A. The Telnet protocol is enabled by default 

B. The Telnet protocol is disabled by default 

C. HTTP is enabled by default 

D. HTTP is disabled by default 

E. SSH is enabled by default 

F. SSH is disabled by default 

G. HTTPS is enabled by default 

H. HTTPS is disabled by default 

Answer: B,D,E,G 


Q87. Which two practices are recommended for implementing NIPS at enterprise Internet edges? (Choose two.) 

A. Integrate sensors primarily on the more trusted side of the firewall (inside or DMZ interfaces). 

B. Integrate sensors primarily on the less trusted side of the firewall (outside interfaces). 

C. Implement redundant IPS and make data paths symmetrical. 

D. Implement redundant IPS and make data paths asymmetrical. 

E. Use NIPS only for small implementations. 

Answer: A,C 


Q88. Which Cisco ESA command is used to edit the ciphers that are used for GUI access? 

A. interfaceconfig 

B. etherconfig 

C. certconfig 

D. sslconfig 

Answer:


Q89. During initial configuration, the Cisco ASA can be configured to drop all traffic if the ASA CX SSP fails by using which command in a policy-map? 

A. cxsc fail 

B. cxsc fail-close 

C. cxsc fail-open 

D. cxssp fail-close 

Answer:


Q90. Over the period of one day, several Atomic ARP engine alerts fired on the same IP address. You observe that each time an alert fired, requests on the IP address exceeded replies by the same number. Which configuration could cause this behavior? 

A. The reply-ratio parameter is enabled. 

B. MAC flip is enabled. 

C. The inspection condition is disabled. 

D. The IPS is misconfigured. 

Answer: