New 300-207 exam questions from PassLeader 300-207 dumps! Welcome to download the newest PassLeader 300-207 VCE and PDF dumps: http://www.passleader.com/300-207.html (251 Q&As)
P.S. Free 300-207 dumps are available on Google Drive shared by PassLeader: https://drive.google.com/open?id=0B-ob6L_QjGLpfkU1Q3dsMlRzZVdzdjBOMTJYaWw4NzYxSk1sdm8yNTNsUzl3RGx2dllxOTg
QUESTION 111
Which two statements regarding the basic setup of the Cisco CX for services are correct? (Choose two.)
A. The Packet capture feature is available for either permitted or dropped packets by default.
B. Public Certificates can be used for HTTPS Decryption policies.
C. Public Certificates cannot be used for HTTPS Decryption policies.
D. When adding a standard LDAP realm, the group attribute will be UniqueMember.
E. The Packet capture features is available for permitted packets by default.
Answer: CE
QUESTION 112
Which three zones are used for anomaly detection in a Cisco IPS? (Choose three.)
A. internal zone
B. external zone
C. illegal zone
D. inside zone
E. outside zone
F. DMZ zone
Answer: ABC
QUESTION 113
Who or what calculates the signature fidelity rating in a Cisco IPS?
A. the signature author
B. Cisco Professional Services
C. the administrator
D. the security policy
Answer: A
QUESTION 114
Which command sets the number of packets to log on a Cisco IPS sensor?
A. ip-log-count number
B. ip-log-packets number
C. ip-log-bytes number
D. ip-log number
Answer: B
QUESTION 115
Refer to the exhibit. The system administrator of mydomain.com was informed that one of the users in his environment received spam from an Internet sender. Message tracking shows that the emails for this user were not scanned by antispam. Why did the Cisco Email Security gateway fail to do a spam scan on emails for [email protected]?
A. The remote MTA activated the SUSPECTLIST sender group.
B. The Cisco Email Security gateway created duplicates of the message.
C. The user [email protected] matched an inbound rule with antispam disabled.
D. The user [email protected] matched an inbound rule with antispam disabled.
Answer: D
QUESTION 116
Lab Sim
Answer:
For Answer Please flow Steps are in Explanation
First, enable the Gig 0/0 and Gig 0/1 interfaces:
Second, create the pair under the “interface pairs” tab:
Then, apply the HIGHRISK action rule to the newly created interface pair:
Then apply the same for the MEDIUMRISK traffic (deny attacker inline)
Finally. Log the packets for the LOWRICK event:
When done it should look like this:
QUESTION 117
Which three features does Cisco CX provide? (Choose three.)
A. HTTPS traffic decryption and inspection
B. Application Visibility and Control
C. Category or reputation-based URL filtering
D. Email virus scanning
E. Application optimization and acceleration
F. VPN authentication
Answer: ABC
QUESTION 118
Which three functions can Cisco Application Visibility and Control perform within Cisco Cloud Web Security? (Choose three.)
A. validation of malicious traffic
B. traffic control
C. extending Web Security to all computing devices
D. application-level classification
E. monitoring
F. signature tuning
Answer: BDE
QUESTION 119
Which Cisco Web Security Appliance deployment mode requires minimal change to endpoint devices?
A. Transparent Mode
B. Explicit Forward Mode
C. Promiscuous Mode
D. Inline Mode
Answer: A
QUESTION 120
What is the default antispam policy for positively identified messages within the Cisco Email Security Appliance?
A. Drop
B. Deliver and Append with [SPAM]
C. Deliver and Prepend with [SPAM]
D. Deliver and Alternate Mailbox
Answer: C
New 300-207 exam questions from PassLeader 300-207 dumps! Welcome to download the newest PassLeader 300-207 VCE and PDF dumps: http://www.passleader.com/300-207.html (251 Q&As)
P.S. Free 300-207 dumps are available on Google Drive shared by PassLeader: https://drive.google.com/open?id=0B-ob6L_QjGLpfkU1Q3dsMlRzZVdzdjBOMTJYaWw4NzYxSk1sdm8yNTNsUzl3RGx2dllxOTg