Proper study guides for Regenerate Cisco Implementing Cisco Threat Control Solutions (SITCS) certified begins with Cisco 300-207 preparation products which designed to deliver the Vivid 300-207 questions by making you pass the 300-207 test at your first time. Try the free 300-207 demo right now.

Q11. What three alert notification options are available in Cisco IntelliShield Alert Manager? (Choose three.) 

A. Alert Summary as Text 

B. Complete Alert as an HTML Attachment 

C. Complete Alert as HTML 

D. Complete Alert as RSS 

E. Alert Summary as Plain Text 

F. Alert Summary as MMS 

Answer: A,B,C 

Q12. Which two commands are used to verify that CWS redirection is working on a Cisco ASA appliance? (Choose two.) 

A. show scansafe statistics 

B. show webvpn statistics 

C. show service-policy inspect scansafe 

D. show running-config scansafe 

E. show running-config webvpn 

F. show url-server statistics 

Answer: A,C 

Q13. Which two Cisco IPS events will generate an IP log? (Choose two.) 

A. A signature had an event action that was configured with log packets. 

B. A statically configured IP or IP network criterion was matched. 

C. A dynamically configured IP address or IP network was matched. 

D. An attack produced a response action. 

Answer: A,B 

Q14. Which two statements about devices within a Cisco ESA cluster are true? (Choose two.) 

A. Clustered systems must consist of devices in the same hardware series. 

B. Clustered devices can communicate via either SSH or Cluster Communication Service. 

C. Clustered devices can communicate only with Cluster Communication Service. 

D. In-the-cloud devices must be in a separate cluster from on-premise devices. 

E. Clustered devices can run different versions of AsyncOS. 

Answer: A,B 

Q15. What are the initial actions that can be performed on an incoming SMTP session by the workqueue of a Cisco Email Security Appliance? 

A. Accept, Reject, Relay, TCPRefuse 

B. LDAP Verification, Envelope Sender Verification, Bounce Verification, Alias Table Verification 

C. Recipient Access Table Verification, Host DNS Verification, Masquerading, Spam Payload Check 

D. SMTP Authentication, SBRS Verification, Sendergroup matching, DNS host verification 


Q16. The Web Cache Communication Protocol (WCCP) is a content-routing protocol that can facilitate the redirection of traffic flows in real time. Your organization has deployed WCCP to redirect web traffic that traverses their Cisco Adaptive Security Appliances (ASAs) to their Cisco Web Security Appliances (WSAs). 

The simulator will provide access to the graphical user interfaces of one Cisco ASA and one Cisco WSA that are participating in a WCCP service. Not all aspects of the GUIs are implemented in the simulator. The options that have been implemented are sufficient to determine the best answer to each of the questions that are presented. 

Your task is to examine the details available in the simulated graphical user interfaces and select the best answer. 

Which of the following is true with respect to the version of WCCP configured on the Cisco ASA and the Cisco WSA? 

A. Both are configured for WCCP v1. 

B. Both are configured for WCCP v2. 

C. Both are configured for WCCP v3. 

D. There is a WCCP version mismatch between the Cisco WSA and the Cisco ASA. 



ASA version shows as version 2.0: 

\\psf\Home\Desktop\Screen Shot 2015-01-27 at 9.45.57 AM.png 

WSA also shows version 2 is being used: 

\\psf\Home\.Trash\Screen Shot 2015-01-27 at 9.47.53 AM.png 

Q17. A network engineer can assign IPS event action overrides to virtual sensors and configure 

which three modes? (Choose three.) 

A. Anomaly detection operational mode 

B. Inline TCP session tracking mode 

C. Normalizer mode 

D. Load-balancing mode 

E. Inline and Promiscuous mixed mode 

F. Fail-open and fail-close mode 

Answer: A,B,C 

Q18. You ran the ssh generate-key command on the Cisco IPS and now administrators are unable to connect. Which action can be taken to correct the problem? 

A. Replace the old key with a new key on the client. 

B. Run the ssh host-key command. 

C. Add the administrator IP addresses to the trusted TLS host list on the IPS. 

D. Run the ssh authorized-keys command. 


Q19. What step is required to enable HTTPS Proxy on the Cisco Web Security Appliance? 

A. Web Security Manager HTTPS Proxy click Enable 

B. Security Services HTTPS Proxy click Enable 

C. HTTPS Proxy is enabled by default 

D. System Administration HTTPS Proxy click Enable 


Q20. Which three features does Cisco CX provide? (Choose three.) 

A. HTTPS traffic decryption and inspection 

B. Application Visibility and Control 

C. Category or reputation-based URL filtering 

D. Email virus scanning 

E. Application optimization and acceleration 

F. VPN authentication 

Answer: A,B,C