[Free] Download New Updated (April 2016) Cisco 300-207 Actual Tests 111-120

By | April 6, 2016

Ensurepass

QUESTION 111

Which two statements regarding the basic setup of the Cisco CX for services are correct? (Choose two.)

 

A.

The Packet capture feature is available for either permitted or dropped packets by default.

B.

Public Certificates can be used for HTTPS Decryption policies.

C.

Public Certificates cannot be used for HTTPS Decryption policies.

D.

When adding a standard LDAP realm, the group attribute will be UniqueMember.

E.

The Packet capture features is available for permitted packets by default.

 

Correct Answer: CE

 

 

QUESTION 112

What is a difference between a Cisco Content Security Management virtual appliance and a physical appliance?

 

A.

The virtual appliance requires an additional license to run on a host.

B.

The physical appliance requires an additional license to activate its adapters.

C.

Migration between virtual appliances of varying sizes is possible, but physical appliances must be of equal size.

D.

The physical appliance is configured with a DHCP-enabled management port to receive an IP address automatically, but you must assign the virtual appliance an IP address manually in your management subnet.

 

Correct Answer: A

 

 

QUESTION 113

Who or what calculates the signature fidelity rating in a Cisco IPS?

 

A.

the signature author

B.

Cisco Professional Services

C.

the administrator

D.

the security policy

 

Correct Answer: A

 

 

QUESTION 114

Which command sets the number of packets to log on a Cisco IPS sensor?

 

A.

ip-log-count number

B.

ip-log-packets number

C.

ip-log-bytes number

D.

ip-log number

 

Correct Answer: B

 

 

QUESTION 115

What are two features of the Cisco ASA NGFW? (Choose two.)

 

A.

It can restrict access based on qualitative analysis.

B.

It can restrict access based on reputation.

C.

It can reactively protect against Internet threats.

D.

It can proactively protect against Internet threats.

 

Correct Answer: BD

 

QUESTION 116

Refer to the exhibit. The system administrator of mydomain.com was informed that one of the users in his environment received spam from an Internet sender. Message tracking shows that the emails for this user were not scanned by antispam. Why did the Cisco Email Security gateway fail to do a spam scan on emails for user@mydomain.com?

 

clip_image002

 

A.

The remote MTA activated the SUSPECTLIST sender group.

B.

The Cisco Email Security gateway created duplicates of the message.

C.

The user user@mydomain.com matched an inbound rule with antispam disabled.

D.

The user bob@mydomain.com matched an inbound rule with antispam disabled.

 

Correct Answer: C

 

 

QUESTION 117

Which three statements about Cisco CWS are true? (Choose three.)

 

A.

It provides protection against zero-day threats.

B.

Cisco SIO provides it with threat updates in near real time.

C.

It supports granular application policies.

D.

Its Roaming User Protection feature protects the VPN from malware and data breaches.

E.

It supports local content caching.

F.

Its Cognitive Threat Analytics feature uses cloud-based analysis and detection to block threats outside the network.

 

Correct Answer: ABC

 

 

QUESTION 118

What are the two policy types that can use a web reputation profile to perform reputation-based processing? (Choose two.)

 

A.

profile policies

B.

encryption policies

C.

decryption policies

D.

access policies

Correct Answer: CD

 

 

QUESTION 119

Refer to the exhibit. What are two facts about the interface that you can determine from the given output? (Choose two.)

 

clip_image004

 

A.

A Cisco Flexible NetFlow monitor is attached to the interface.

B.

A quality of service policy is attached to the interface.

C.

Cisco Application Visibility and Control limits throughput on the interface.

D.

Feature activation array is active on the interface.

 

Correct Answer: AB

 

 

QUESTION 120

Which three pieces of information are required to implement transparent user identification using Context Directory Agent? (Choose three.)

 

A.

the server name of the global catalog domain controller

B.

the server name where Context Directory Agent is installed

C.

the backup Context Directory Agent

D.

the primary Context Directory Agent

E.

the shared secret

F.

the syslog server IP address

 

Correct Answer: BDE

 

Free VCE & PDF File for Cisco 300-207 Real Exam

Instant Access to Free VCE Files: CCNA | CCNP | CCIE …
Instant Access to Free PDF Files: CCNA | CCNP | CCIE …