Your success in Cisco 300-207 is our sole target and we develop all our 300-207 braindumps in a way that facilitates the attainment of this target. Not only is our 300-207 study material the best you can find, it is also the most detailed and the most updated. 300-207 Practice Exams for Cisco CCNP Security 300-207 are written to the highest standards of technical accuracy.
Q51. During initial configuration, the Cisco ASA can be configured to drop all traffic if the ASA CX SSP fails by using which command in a policy-map?
A. cxsc fail
B. cxsc fail-close
C. cxsc fail-open
D. cxssp fail-close
Answer: B
Q52. The security team needs to limit the number of e-mails they receive from the Intellishield Alert Service. Which three parameters can they adjust to restrict alerts to specific product sets? (Choose three.)
A. Vendor
B. Chassis/Module
C. Device ID
D. Service Contract
E. Version/Release
F. Service Pack/Platform
Answer: A,E,F
Q53. Which statement about Cisco IPS Manager Express is true?
A. It provides basic device management for large-scale deployments.
B. It provides a GUI for configuring IPS sensors and security modules.
C. It enables communication with Cisco ASA devices that have no administrative access.
D. It provides greater security than simple ACLs.
Answer: B
Q54. Which Cisco Web Security Appliance design requires minimal change to endpoint devices?
A. Transparent Mode
B. Explicit Forward Mode
C. Promiscuous Mode
D. Inline Mode
Answer: A
Q55. Which Cisco Cloud Web Security tool provides URL categorization?
A. Cisco Dynamic Content Analysis Engine
B. Cisco ScanSafe
C. ASA Firewall Proxy
D. Cisco Web Usage Control
Answer: D
Q56. What are the initial actions that can be performed on an incoming SMTP session by the workqueue of a Cisco Email Security Appliance?
A. Accept, Reject, Relay, TCPRefuse
B. LDAP Verification, Envelope Sender Verification, Bounce Verification, Alias Table Verification
C. Recipient Access Table Verification, Host DNS Verification, Masquerading, Spam Payload Check
D. SMTP Authentication, SBRS Verification, Sendergroup matching, DNS host verification
Answer: A
Q57. A Cisco Web Security Appliance's policy can provide visibility and control of which two elements? (Choose two.)
A. Voice and Video Applications
B. Websites with a reputation between -100 and -60
C. Secure websites with certificates signed under an unknown CA
D. High bandwidth websites during business hours
Answer: C,D
Q58. An IPS is configured to fail-closed and you observe that all packets are dropped. What is a possible reason for this behavior?
A. Mainapp is unresponsive.
B. The global correlation update failed.
C. The IPS span session failed.
D. The attack drop file is misconfigured.
Answer: A
Q59. What step is required to enable HTTPS Proxy on the Cisco Web Security Appliance?
A. Web Security Manager HTTPS Proxy click Enable
B. Security Services HTTPS Proxy click Enable
C. HTTPS Proxy is enabled by default
D. System Administration HTTPS Proxy click Enable
Answer: B
Q60. Which three search parameters are supported by the Email Security Monitor? (Choose three.)
A. Destination domain
B. Network owner
C. MAC address
D. Policy requirements
E. Internal sender IP address
F. Originating domain
Answer: A,B,E