300-207試験無料問題集（245題）「Cisco Implementing Cisco Threat Control Solutions (SITCS) 認定」

出題：1

Which type of signature is generated by copying a default signature and modifying its behavior?

A. custom

B. normalized

C. meta

D. atomic

正解：A 解答を投票する

出題：2

What CLI command configures IP-based access to restrict GUI and CLI access to a Cisco Email Security appliance's
administrative interface?

A. ipaccessconfig

B. sshconfig

C. sslconfig

D. adminaccessconfig

正解：D 解答を投票する

出題：3

To what extent will the Cisco IPS sensor contribute data to the Cisco SensorBase network?

A. It will not contribute to the SensorBase network.

B. It will contribute to the SensorBase network, but will withhold some sensitive information

C. It will contribute the victim IP address and port to the SensorBase network.

D. It will not contribute to Risk Rating adjustments that use information from the SensorBase network.

正解：B 解答を投票する

解説: (GoShiken メンバーにのみ表示されます)

出題：4

What is a difference between a Cisco Content Security Management virtual appliance and a physical appliance?

A. The physical appliance is configured with a DHCP-enabled management port to receive an IP address automatically,
but you must assign the virtual appliance an IP address manually in your management subnet.

B. Migration between virtual appliances of varying sizes is possible, but physical appliances must be of equal size.

C. The virtual appliance requires an additional license to run on a host.

D. The physical appliance requires an additional license to activate its adapters.

正解：C 解答を投票する

出題：5

Which Cisco Cloud Web Security Connector feature allows access by all of an organization's users while applying
Active Directory group policies?

A. a company authentication key

B. a group authentication key

C. a PAC file

D. a user authentication key

E. proxy forwarding

正解：A 解答を投票する

出題：6

A network engineer can assign IPS event action overrides to virtual sensors and configure which three modes?
(Choose three.)

A. Load-balancing mode

B. Anomaly detection operational mode

C. Fail-open and fail-close mode

D. Inline and Promiscuous mixed mode

E. Normalizer mode

F. Inline TCP session tracking mode

正解：B,E,F 解答を投票する

出題：7

In addition to the CLI, what is another option to manage a Cisco IPS?

A. Cisco SDM

B. Cisco IDM

C. SDEE

D. Cisco ISE

正解：B 解答を投票する

出題：8

Which two Cisco IPS events will generate an IP log? (Choose two.)

A. A signature had an event action that was configured with log packets.

B. An attack produced a response action.

C. A statically configured IP or IP network criterion was matched.

D. A dynamically configured IP address or IP network was matched.

正解：A,C 解答を投票する

出題：9

Which three statements about Cisco ASA CX are true? (Choose three.)

A. It can perform context-aware inspection.

B. It can make context-aware decisions.

C. It provides high-density security services with high availability.

D. It groups multiple ASAs as a single logical device.

E. It uses four cooperative architectural constructs to build the firewall.

F. It uses policy-based interface controls to inspect and forward TCP- and UDP-based packets.

正解：A,B,E 解答を投票する

出題：10

Which three user roles are partially defined by default in Prime Security Manager? (Choose three.)

A. systemadmin

B. securityoperator

C. helpdesk

D. networkoperator

E. monitoringadmin

F. admin

正解：A,C,F 解答を投票する

出題：11

Which two configuration steps are required for implementing SSH for management access to a
Cisco router? (Choose two.)

A. Enabling AAA for authentication, authorization, and accounting with the aaa new-model command.

B. Generating RSA key pairs with the crypto key generate rsa command.

C. Configuring the SSH version with the ip ssh version 2 command.

D. Enabling SSH transport with the transport input ssh command.

E. Configuring a domain name with the ip domain-name [name] command.

正解：D,E 解答を投票する

解説: (GoShiken メンバーにのみ表示されます)

出題：12

The Web Cache Communication Protocol (WCCP) is a content-routing protocol that can facilitate the redirection of
traffic flows in real time. Your organization has deployed WCCP to redirect web traffic that traverses their Cisco
Adaptive Security Appliances (ASAs) to their Cisco Web Security Appliances (WSAs).
The simulator will provide access to the graphical user interfaces of one Cisco ASA and one Cisco WSA that are
participating in a WCCP service. Not all aspects of the GUIs are implemented in the simulator. The options that have
been implemented are sufficient to determine the best answer to each of the questions that are presented.
Your task is to examine the details available in the simulated graphical user interfaces and select the best answer.

What traffic is not redirected by WCCP?

A. Traffic sent from private address space

B. Traffic sent from public address space

C. Traffic destined to public address space

D. Traffic destined to private address space

正解：B 解答を投票する

解説: (GoShiken メンバーにのみ表示されます)

出題：13

Which IPS signature regular expression CLI command matches a host issuing a domain lookup for www.theblock.com?

A. regex-string (\x0b[theblock.com])

B. regex-string (\x03[the]\x05[block]0x3[com])

C. regex-string (\x03[Tt][Hh][Ee]\x05[Bb][Ll][Oo][Cc][Kk])

D. regex-string (\x03[T][H][E]\x05[B][L][O][C][K]\x03[.][C][O][M]

正解：C 解答を投票する

出題：14

For which domains will the Cisco Email Security Appliance allow up to 5000 recipients per message?

A. violet.public and blue.public

B. violet.public

C. red.public and orange.public

D. orange.public

E. violet.public, blue.public and green.public

F. red.public

正解：D 解答を投票する

解説: (GoShiken メンバーにのみ表示されます)

出題：15

Which two statements about Signature 1104 are true? (Choose two.)

A. Produce Alert is the only action defined.

B. The severity level is High.

C. This is a custom signature.

D. This signature is enabled, but inactive, as indicated bythe/0 to that follows the signature number.

E. This signature has triggered as indicated by the red severity icon.

正解：A,B 解答を投票する

解説: (GoShiken メンバーにのみ表示されます)

出題：16

Which four methods are used to deploy transparent mode traffic redirection? (Choose four.)

A. DHCP server

B. manual browser configuration

C. Web Cache Communication Protocol

D. Layer 4 switch

E. policy-based routing

F. PAC files

G. Layer 7 switch

H. Microsoft GPO

正解：C,D,E,G 解答を投票する

出題：17

DRAG DROP
Drag and drop the Cisco Security IntelliShield Alert Manager Service components on the left onto the corresponding
description on the right.

正解：

出題：18

A new Cisco IPS device has been placed on the network without prior analysis. Which CLI command shows the most
fired signature?

A. Show statistics virtual-sensor

B. Show alert

C. Show version

D. Show event alert

正解：A 解答を投票する

出題：19

Using the Cisco WSA GUI, where should an operator navigate to determine the running software image on the Cisco
WSA?

A. Systems Administration > Feature Keys

B. Systems Administration > System Upgrade

C. Systems Administration > General

D. Admin > System Info

正解：B 解答を投票する

300-207試験無料問題集「Cisco Implementing Cisco Threat Control Solutions (SITCS) 認定」