300-207試験無料問題集（245題）「Cisco Implementing Cisco Threat Control Solutions (SITCS) 認定」

出題：1

What is the default CX Management 0/0 IP address on a Cisco ASA 5512-X appliance?

A. 192.168.1.3

B. 192.168.1.2

C. 192.168.1.4

D. 192.168.1.5

E. 192.168.8.8

F. 192.168.1.1

正解：E 解答を投票する

出題：2

During initial configuration, the Cisco ASA can be configured to drop all traffic if the ASA CX SSP fails by using which
command in a policy-map?

A. cxsc fail

B. cxssp fail-close

C. cxsc fail-open

D. cxsc fail-close

正解：D 解答を投票する

出題：3

Refer to the exhibit.

When designing the network to redirect web traffic utilizing the Catalyst 6500 to the Cisco Web Security Appliance,
impact on the switch platform needs consideration. Which four rows identify the switch behavior in correlation to the
redirect method? (Choose four.)

A. Row 6

B. Row 4

C. Row 3

D. Row 8

E. Row 2

F. Row 5

G. Row 7

H. Row 1

正解：A,C,E,G 解答を投票する

出題：4

Which five system management and reporting protocols are supported by the Cisco Intrusion Prevention System?
(Choose five.)

A. syslog

B. SNMPv1

C. SMTP

D. SNMPv3

E. SNMPv2c

F. SNMPv2

G. SDEE

正解：B,C,E,F,G 解答を投票する

出題：5

Which Cisco ESA component receives connections from external mail servers?

A. public listener

B. private listener

C. SMTP incoming relay agent

D. MTA

E. recipient access table

正解：A 解答を投票する

出題：6

What is the default IP range of the external zone?

A. 0.0.0.0 0.0.0.0

B. 0.0.0.0/8

C. 0.0.0.0 - 255.255.255.255

D. The network of the management interface

正解：C 解答を投票する

出題：7

What is the status of OS Identification?

A. It is configured to enable OS mapping and ARR only for the 10.0.0.0/24 network.

B. OS mapping information will not be used for Risk Rating calculations.

C. It is only enabled to identify "Cisco IOS" OS using statically mapped OS fingerprinting

D. It is enabled for passive OS fingerprinting for all networks.

正解：D 解答を投票する

解説: (GoShiken メンバーにのみ表示されます)

出題：8

Which centralized reporting function of the Cisco Content Security Management Appliance aggregates data from
multiple Cisco ESA devices?

A. web tracking

B. message tracking

C. logging

D. system tracking

正解：B 解答を投票する

出題：9

Which interface on the Cisco Email Security Appliance has HTTP and SSH enabled by default?

A. management 1

B. all interfaces

C. data 2

D. data 1

正解：D 解答を投票する

出題：10

Which piece of information is required to perform a policy trace for the Cisco WSA?

A. the URL to trace

B. authentication credentials to make the request

C. the source IP address of the trace

D. the destination IP address of the trace

正解：A 解答を投票する

出題：11

A network security design engineer is considering using a Cisco Intrusion Detection System in the DMZ of the
network. Which option is the drawback to using IDS in the DMZ as opposed to using
Intrusion Prevention System?

A. Response actions cannot stop malicious packets or cannot guarantee to stop any DOS attack

B. Response actions cannot stop triggered packet or guarantee to stop a connection techniques.

C. IDS has impact on the network (thatis, latency and jitter).

正解：B 解答を投票する

出題：12

Which three categories of the seven major risk management categories are covered in the Cyber Risk Reports?
(Choose three.)

A. risk rating

B. confidence level

C. geopolitical

D. vulnerability

E. global reputation

F. legal

正解：C,D,F 解答を投票する

出題：13

Which three options are characteristics of router-based IPS? (Choose three.)

A. It is used for large networks.

B. It is used for small networks.

C. It supports multiple VRFs.

D. Signature definition files have been deprecated.

E. It uses configurable anomaly detection.

F. It supports virtual sensors.

正解：B,C,D 解答を投票する

出題：14

Which three protocols are required when considering firewall rules for email services using a Cisco Email Security
Appliance? (Choose three.)

A. SMTP

B. SNMP

C. FTP

D. DNS

E. HTTP

正解：A,D,E 解答を投票する

出題：15

Refer to the exhibit.

What are two facts about the interface that you can determine from the given output? (Choose two.)

A. A quality of service policy is attached to the interface.

B. Cisco Application Visibility and Control limits throughput on the interface.

C. Feature activation array is active on the interface.

D. A Cisco Flexible NetFlow monitor is attached to the interface.

正解：A,D 解答を投票する

出題：16

Refer to the exhibit.

The system administrator of mydomain.com was informed that one of the users in his environment received spam
from an Internet sender. Message tracking shows that the emails for this user were not scanned by antispam. Why did
the Cisco Email Security gateway fail to do a spam scan on emails for [email protected]?

A. The user [email protected] matched an inbound rule with antispam disabled.

B. The user [email protected] matched an inbound rule with antispam disabled.

C. The remote MTA activated the SUSPECTLIST sender group.

D. The Cisco Email Security gateway created duplicates of the message.

正解：A 解答を投票する

出題：17

Which signature engine is responsible for ICMP inspection on Cisco IPS?

A. AIC Engine

B. Fixed Engine

C. Service Engine

D. Atomic IP Engine

正解：D 解答を投票する

300-207試験無料問題集「Cisco Implementing Cisco Threat Control Solutions (SITCS) 認定」