300-207試験無料問題集（245題）「Cisco Implementing Cisco Threat Control Solutions (SITCS) 認定」

出題：1

Which IPS signature engine inspects the IP protocol packets and the Layer TCP?

A. Atomic TCP

B. String TCP

C. Service HTTP

D. Atomic IP

正解：D 解答を投票する

出題：2

Which two statements regarding the basic setup of the Cisco CX for services are correct? (Choose two.)

A. The Packet capture features is available for permitted packets by default.

B. The Packet capture feature is available for either permitted or dropped packets by default.

C. Public Certificates can be used for HTTPS Decryption policies.

D. Public Certificates cannot be used for HTTPS Decryption policies.

E. When adding a standard LDAP realm, the group attribute will be UniqueMember.

正解：A,D 解答を投票する

出題：3

The Web Cache Communication Protocol (WCCP) is a content-routing protocol that can facilitate the redirection of
traffic flows in real time. Your organization has deployed WCCP to redirect web traffic that traverses their Cisco
Adaptive Security Appliances (ASAs) to their Cisco Web Security Appliances (WSAs).
The simulator will provide access to the graphical user interfaces of one Cisco ASA and one Cisco WSA that are
participating in a WCCP service. Not all aspects of the GUIs are implemented in the simulator. The options that have
been implemented are sufficient to determine the best answer to each of the questions that are presented.
Your task is to examine the details available in the simulated graphical user interfaces and select the best answer.

Which of the following is true with respect to the version of WCCP configured on the Cisco ASA and the Cisco WSA?

A. Both are configured for WCCP v1.

B. Both are configured for WCCP v2.

C. Both are configured for WCCP v3.

D. There is a WCCP version mismatch between the Cisco WSA and the Cisco ASA.

正解：B 解答を投票する

解説: (GoShiken メンバーにのみ表示されます)

出題：4

Cisco AVC allows control of which three of the following? (Choose three.)

A. LWAPP

B. Twitter

C. IPv6

D. Facebook

E. MySpace

F. WCCP

正解：B,D,E 解答を投票する

出題：5

Which four methods are used to deploy transparent mode traffic redirection? (Choose four.)

A. DHCP server

B. manual browser configuration

C. Web Cache Communication Protocol

D. Layer 4 switch

E. policy-based routing

F. PAC files

G. Layer 7 switch

H. Microsoft GPO

正解：C,D,E,G 解答を投票する

出題：6

To what extent will the Cisco IPS sensor contribute data to the Cisco SensorBase network?

A. It will not contribute to the SensorBase network.

B. It will contribute to the SensorBase network, but will withhold some sensitive information

C. It will contribute the victim IP address and port to the SensorBase network.

D. It will not contribute to Risk Rating adjustments that use information from the SensorBase network.

正解：B 解答を投票する

解説: (GoShiken メンバーにのみ表示されます)

出題：7

When a user receives an encrypted email from a Cisco ESA, which technology is used to retrieve the key to open the
email?

A. Cisco Registered Envelope Service

B. Simple Certificate Enrollment Protocol

C. private certificate authority

D. trusted certificate authority

正解：A 解答を投票する

出題：8

A network engineer can assign IPS event action overrides to virtual sensors and configure which three modes?
(Choose three.)

A. Load-balancing mode

B. Anomaly detection operational mode

C. Fail-open and fail-close mode

D. Inline and Promiscuous mixed mode

E. Normalizer mode

F. Inline TCP session tracking mode

正解：B,E,F 解答を投票する

出題：9

What can Cisco Prime Security Manager (PRSM) be used to achieve?

A. Cisco Cloud Security on Cisco ASA

B. Configure TCP state bypass in Cisco ASA and IOS

C. Configure and Monitor Cisco CX Application Visibility and Control, web filtering, access and decryption policies

D. Configure Cisco IPS signature and monitor signature alerts

E. Configure Cisco ASA connection limits

正解：C 解答を投票する

出題：10

When does the Cisco ASA send traffic to the Cisco ASA IPS module for analysis?

A. after outgoing VPN traffic is encrypted

B. after firewall policies are applied

C. before incoming VPN traffic is decrypted.

正解：B 解答を投票する

出題：11

What action will the sensor take regarding IP addresses listed as known bad hosts in the Cisco SensorBase network?

A. Global correlation is configured in Audit mode fortesting the feature without actually denying any hosts.

B. Global correlation is configured in Aggressive mode, which has a very aggressive effect on deny actions.

C. Reputation filtering is disabled.

D. It will not adjust risk rating values based on the known bad hosts list.

正解：C 解答を投票する

解説: (GoShiken メンバーにのみ表示されます)

出題：12

When you deploy a sensor to send connection termination requests, which additional traffic-monitoring function can
you configure the sensor to perform?

A. Monitor traffic as it flows to the sensor.

B. Monitor traffic from the Internet only.

C. Monitor traffic from both the Internet and the intranet.

D. Monitor traffic as it flows through the sensor.

正解：D 解答を投票する

300-207試験無料問題集「Cisco Implementing Cisco Threat Control Solutions (SITCS) 認定」