Exam Code: 300-207 (Practice Exam Latest Test Questions VCE PDF)
Exam Name: Implementing Cisco Threat Control Solutions (SITCS)
Certification Provider: Cisco
Free Today! Guaranteed Training- Pass 300-207 Exam.

Q91. Which configuration option causes an ASA with IPS module to drop traffic matching IPS signatures and to block all traffic if the module fails? 

A. Inline Mode, Permit Traffic 

B. Inline Mode, Close Traffic 

C. Promiscuous Mode, Permit Traffic 

D. Promiscuous Mode, Close Traffic 

Answer:


Q92. Which IPS engine detects ARP spoofing? 

A. Atomic ARP Engine 

B. Service Generic Engine 

C. ARP Inspection Engine 

D. AIC Engine 

Answer:


Q93. Which command allows the administrator to access the Cisco WSA on a secure channel on 

port 8443? 

A. strictssl 

B. adminaccessconfig 

C. ssl 

D. ssh 

Answer:


Q94. Which Cisco IPS deployment mode is best suited for bridged interfaces? 

A. inline interface pair mode 

B. inline VLAN pair mode 

C. inline VLAN group mode 

D. inline pair mode 

Answer:


Q95. Which three zones are used for anomaly detection? (Choose three.) 

A. Internal zone 

B. External zone 

C. Illegal zone 

D. Inside zone 

E. Outside zone 

F. DMZ zone 

Answer: A,B,C 


Q96. A Cisco Email Security Appliance uses which message filter to drop all executable attachments entering and leaving the Cisco Email Security Appliance? 

A. drop-exE. if (attachment-filename == "\\.exe$") OR (attachment-filetype == "exe") { drop(); } 

B. drop-exE. if (recv-listener == "InboundMail" ) AND ( (attachment-filename == "\\.exe$") OR (attachment-filetype == "exe")) { drop(); } 

C. drop-exe! if (attachment-filename == "\\.exe$") OR (attachment-filetype == "exe") { drop(); } 

D. drop-exe! if (recv-listener == "InboundMail" ) AND ( (attachment-filename == "\\.exe$") OR (attachment-filetype == "exe")) { drop(); } 

Answer: