300-207試験無料問題集（245題）「Cisco Implementing Cisco Threat Control Solutions (SITCS) 認定」

出題：1

When a Cisco IPS is deployed in fail-closed mode, what are two conditions that can result in traffic being dropped?
(Choose two.)

A. The built-in signatures are unavailable.

B. The SDF failed to load.

C. The signature engine is undergoing the build process.

D. An ACL is configured.

正解：B,C 解答を投票する

出題：2

When does the Cisco ASA send traffic to the Cisco ASA IPS module for analysis?

A. after outgoing VPN traffic is encrypted

B. after firewall policies are applied

C. before incoming VPN traffic is decrypted.

正解：B 解答を投票する

出題：3

Which three administrator actions are used to configure IP logging in Cisco IME? (Choose three.)

A. Select a virtual sensor.

B. Set the logging duration.

C. Set the number of bytes to capture.

D. Enable IP logging.

E. Set the number of packets to capture.

F. Specify the host IP address.

正解：A,B,F 解答を投票する

出題：4

Refer to the exhibit.

The system administrator of mydomain.com was informed that one of the users in his environment received spam
from an Internet sender. Message tracking shows that the emails for this user were not scanned by antispam. Why did
the Cisco Email Security gateway fail to do a spam scan on emails for [email protected]?

A. The user [email protected] matched an inbound rule with antispam disabled.

B. The user [email protected] matched an inbound rule with antispam disabled.

C. The remote MTA activated the SUSPECTLIST sender group.

D. The Cisco Email Security gateway created duplicates of the message.

正解：A 解答を投票する

出題：5

An ASA with an IPS module must be configured to drop traffic matching IPS signatures and block all traffic if the
module fails. Which describes the correct configuration?

A. Inline Mode, Close Traffic

B. Promiscuous Mode, Close Traffic

C. Promiscuous Mode, Permit Traffic

D. Inline Mode, Permit Traffic

正解：A 解答を投票する

出題：6

The Web Cache Communication Protocol (WCCP) is a content-routing protocol that can facilitate the redirection of
traffic flows in real time. Your organization has deployed WCCP to redirect web traffic that traverses their Cisco
Adaptive Security Appliances (ASAs) to their Cisco Web Security Appliances (WSAs).
The simulator will provide access to the graphical user interfaces of one Cisco ASA and one Cisco WSA that are
participating in a WCCP service. Not all aspects of the GUIs are implemented in the simulator. The options that have
been implemented are sufficient to determine the best answer to each of the questions that are presented.
Your task is to examine the details available in the simulated graphical user interfaces and select the best answer.

Which of the following is true with respect to the version of WCCP configured on the Cisco ASA and the Cisco WSA?

A. Both are configured for WCCP v1.

B. Both are configured for WCCP v2.

C. Both are configured for WCCP v3.

D. There is a WCCP version mismatch between the Cisco WSA and the Cisco ASA.

正解：B 解答を投票する

解説: (GoShiken メンバーにのみ表示されます)

出題：7

What is a valid search parameter for the Cisco ESA find event tool?

A. Message ID

B. Download Type

C. Envelope Origination

D. Envelope Type

正解：A 解答を投票する

出題：8

An IPS is configured to fail-closed and you observe that all packets are dropped. What is a possible reason for this
behavior?

A. The IPS span session failed.

B. The global correlation update failed.

C. Mainapp is unresponsive.

D. The attack drop file is misconfigured.

正解：C 解答を投票する

出題：9

In addition to the CLI, what is another option to manage a Cisco IPS?

A. Cisco SDM

B. Cisco IDM

C. SDEE

D. Cisco ISE

正解：B 解答を投票する

出題：10

Which set of commands changes the FTP client timeout when the sensor is communicating with an FTP server?

A. sensor# configure terminal
sensor(config)# service sensor
sensor(config-hos)# network-settings
sensor(config-hos-net)# ftp-timeout 500

B. sensor# configure terminal
sensor(config)# service host
sensor(config-hos)# network-settings
sensor(config-hos-net)# ftp-timeout 500

C. sensor# configure terminal
sensor(config)# service network
sensor(config-hos)# network-settings
sensor(config-hos-net)# ftp-timeout 500

D. sensor# configure terminal
sensor(config)# service host
sensor(config-hos)# network-settings parameter ftp
sensor(config-hos-net)# ftp-timeout 500

正解：B 解答を投票する

出題：11

What are the initial actions that can be performed on an incoming SMTP session by the workqueue of a Cisco Email
Security Appliance?

A. SMTP Authentication, SBRS Verification, Sendergroup matching, DNS host verification

B. Accept, Reject, Relay, TCPRefuse

C. LDAP Verification, Envelope Sender Verification, Bounce Verification, Alias Table Verification

D. Recipient Access Table Verification, Host DNS Verification, Masquerading, Spam Payload Check

正解：B 解答を投票する

出題：12

Which website can be used to validate group information about connections that flow through Cisco CWS?

A. whoami.scansafe.net

B. policytrace.scansafe.com

C. policytrace.scansafe.net

D. whoami.scansafe.com

正解：C 解答を投票する

出題：13

Which is the default IP address and admin port setting for https in the Cisco Web Security Appliance?

A. http://192.168.42.42:8080

B. https://192.168.42.42:8443

C. https://192.168.42.42:443

D. http://192.168.42.42:80

正解：B 解答を投票する

出題：14

What command alters the SSL ciphers used by the Cisco Email Security Appliance for TLS sessions and HTTPS access?

A. certconfig

B. sslciphers

C. sslconfig

D. tlsconifg

正解：C 解答を投票する

出題：15

Which three options are IPS signature classifications? (Choose three.)

A. response signatures

B. designated signatures

C. preloaded signatures

D. tuned signatures

E. custom signatures

F. default signatures

正解：D,E,F 解答を投票する

出題：16

Which statement about Cisco IPS Manager Express is true?

A. It provides basic device management for large-scale deployments.

B. It provides a GUI for configuring IPS sensors and security modules.

C. It provides greater security than simple ACLs.

D. It enables communication with Cisco ASA devices that have no administrative access.

正解：B 解答を投票する

出題：17

Which sensor deployment mode does Cisco recommend when interface capacity is limited and you need to increase
sensor functionality?

A. inline VLAN group mode

B. inline VLAN pair mode

C. VLAN group mode

D. inline interface pair mode

正解：A 解答を投票する

出題：18

A system administrator wants to know if the email traffic from a remote partner will activate special treatment
message filters that are created just for them. Which tool on the Cisco Email Security gateway can you use to debug or
emulate the flow that a message takes through the work queue?

A. the trace tool

B. the message tracker interface

C. centralized or local message tracking

D. the CLI grep command

E. the CLI findevent command

正解：A 解答を投票する

出題：19

Connections are being denied because of SenderBase Reputation Scores. Which two features must be enabled in
order to record those connections in the mail log on the Cisco ESA? (Choose two.)

A. Injection Debug Logs

B. Rejected Connection Handling

C. Domain Debug Logs

D. Message Tracking

正解：B,D 解答を投票する

出題：20

How does a user access a Cisco Web Security Appliance for initial setup?

A. Connect the console cable and use the terminal at 9600 baud to run the setup wizard.

B. Connect the console cable and use the terminal at 115200 baud to run the setup wizard.

C. Open the web browser at 192.168.42.42:8443 for the setup wizard over https.

D. Open the web browser at 192.168.42.42:443 for the setup wizard over https.

正解：C 解答を投票する

300-207試験無料問題集「Cisco Implementing Cisco Threat Control Solutions (SITCS) 認定」