New 300-207 exam questions from PassLeader 300-207 dumps! Welcome to download the newest PassLeader 300-207 VCE and PDF dumps: http://www.passleader.com/300-207.html (251 Q&As)
P.S. Free 300-207 dumps are available on Google Drive shared by PassLeader: https://drive.google.com/open?id=0B-ob6L_QjGLpfkU1Q3dsMlRzZVdzdjBOMTJYaWw4NzYxSk1sdm8yNTNsUzl3RGx2dllxOTg
QUESTION 136
When you configure the Cisco ESA to perform blacklisting, what are two items you can disable to enhance performance? (Choose two.)
A. spam scanning
B. antivirus scanning
C. APT detection
D. rootkit detection
Answer: AB
QUESTION 137
Which Cisco ESA predefined sender group uses parameter-matching to reject senders?
A. BLACKLIST
B. WHITELIST
C. SUSPECTLIST
D. UNKNOWNLIST
Answer: A
QUESTION 138
Which command disables SSH access for administrators on the Cisco ESA?
A. interfaceconfig
B. sshconfig
C. sslconfig
D. systemsetup
Answer: A
QUESTION 139
When you create a new server profile on the Cisco ESA, which subcommand of the ldapconfig command configures spam quarantine end-user authentication?
A. isqauth
B. isqalias
C. test
D. server
Answer: A
QUESTION 140
Which three administrator actions are used to configure IP logging in Cisco IME? (Choose three.)
A. Select a virtual sensor.
B. Enable IP logging.
C. Specify the host IP address.
D. Set the logging duration.
E. Set the number of packets to capture.
F. Set the number of bytes to capture.
Answer: ACD
QUESTION 141
Which centralized reporting function of the Cisco Content Security Management Appliance aggregates data from multiple Cisco ESA devices?
A. message tracking
B. web tracking
C. system tracking
D. logging
Answer: A
QUESTION 142
What is a value that Cisco ESA can use for tracing mail flow?
A. the FQDN of the source IP address
B. the FQDN of the destination IP address
C. the destination IP address
D. the source IP address
Answer: A
QUESTION 143
What are three features of the Cisco Security Intellishield Alert Manager Service? (Choose three.)
A. validation of alerts by security analysts
B. custom notifications
C. complete threat and vulnerability remediation
D. vendor-specific threat analysis
E. workflow-management tools
F. real-time threat and vulnerability mitigation
Answer: ABE
QUESTION 144
When you deploy a sensor to send connection termination requests, which additional traffic- monitoring function can you configure the sensor to perform?
A. Monitor traffic as it flows to the sensor.
B. Monitor traffic as it flows through the sensor.
C. Monitor traffic from the Internet only.
D. Monitor traffic from both the Internet and the intranet.
Answer: B
QUESTION 145
Which IPS feature allows you to aggregate multiple IPS links over a single port channel?
A. UDLD
B. ECLB
C. LACP
D. PAgP
Answer: B
QUESTION 146
Which Cisco IPS deployment mode is best suited for bridged interfaces?
A. inline interface pair mode
B. inline VLAN pair mode
C. inline VLAN group mode
D. inline pair mode
Answer: B
QUESTION 147
When a Cisco IPS is deployed in fail-closed mode, what are two conditions that can result in traffic being dropped? (Choose two.)
A. The signature engine is undergoing the build process.
B. The SDF failed to load.
C. The built-in signatures are unavailable.
D. An ACL is configured.
Answer: AB
QUESTION 148
If inline-TCP-evasion-protection-mode on a Cisco IPS is set to asymmetric mode, what is a side effect?
A. Packet flow is normal.
B. TCP requests are throttled.
C. Embryonic connections are ignored.
D. Evasion may become possible.
Answer: D
QUESTION 149
Which sensor deployment mode does Cisco recommend when interface capacity is limited and you need to increase sensor functionality?
A. inline interface pair mode
B. inline VLAN pair mode
C. inline VLAN group mode
D. VLAN group mode
Answer: C
QUESTION 150
Which role does Passive Identity Management play in the Cisco Cloud Web Security architecture?
A. It provides user-level information that is received from Active Directory.
B. It enables the administrator to control web access for users and user groups.
C. It defines a standard for exchanging authentication and authorization data.
D. It controls content that passes into and out of the network.
Answer: A
New 300-207 exam questions from PassLeader 300-207 dumps! Welcome to download the newest PassLeader 300-207 VCE and PDF dumps: http://www.passleader.com/300-207.html (251 Q&As)
P.S. Free 300-207 dumps are available on Google Drive shared by PassLeader: https://drive.google.com/open?id=0B-ob6L_QjGLpfkU1Q3dsMlRzZVdzdjBOMTJYaWw4NzYxSk1sdm8yNTNsUzl3RGx2dllxOTg