Top Best Quality 300-207 tutorials Tips!

Certified of 300-207 exam question materials and ebook for Cisco certification for IT professionals, Real Success Guaranteed with Updated 300-207 pdf dumps vce Materials. 100% PASS Implementing Cisco Threat Control Solutions (SITCS) exam Today!

Q21. Which IPS engine detects ARP spoofing? 

A. Atomic ARP Engine 

B. Service Generic Engine 

C. ARP Inspection Engine 

D. AIC Engine 


Q22. Refer to the exhibit. 

What Cisco ESA CLI command generated the output? 

A. smtproutes 

B. tophosts C. hoststatus 

D. workqueuestatus 


Q23. The Web Cache Communication Protocol (WCCP) is a content-routing protocol that can facilitate the redirection of traffic flows in real time. Your organization has deployed WCCP to redirect web traffic that traverses their Cisco Adaptive Security Appliances (ASAs) to their Cisco Web Security Appliances (WSAs). 

The simulator will provide access to the graphical user interfaces of one Cisco ASA and one Cisco WSA that are participating in a WCCP service. Not all aspects of the GUIs are implemented in the simulator. The options that have been implemented are sufficient to determine the best answer to each of the questions that are presented. 

Your task is to examine the details available in the simulated graphical user interfaces and select the best answer. 

How many Cisco ASAs and how many Cisco WSAs are participating in the WCCP service? 

A. One Cisco ASA or two Cisco ASAs configured as an Active/Standby failover pair, and one Cisco WSA. 

B. One Cisco ASA or two Cisco ASAs configured as an Active/Active failover pair, and one Cisco WSA. 

C. One Cisco ASA or two Cisco ASAs configured as an Active/Standby failover pair, and two Cisco WSAs. 

D. One Cisco ASA or two Cisco ASAs configured as an Active/Active failover pair, and two Cisco WSAs. 

E. Two Cisco ASAs and one Cisco WSA. 

F. Two Cisco ASAs and two Cisco WSAs. 



We can see from the output that the number of routers (ASA’s) is 1, so there is a single ASA or an active/ standby pair being used, and 1 Cache Engine. If the ASA’s were in a active/active role it would show up as 2 routers. 

Q24. Within Cisco IPS anomaly detection, what is the default IP range of the external zone? 


B. - 


D. the network of the management interface 


Q25. With Cisco IDM, which rate limit option specifies the maximum bandwidth for rate-limited traffic? 

A. protocol 

B. rate 

C. bandwidth 

D. limit 


Q26. Refer to the exhibit. 

Which four rows exhibit the correct WCCP service to protocol assignments? (Choose four.) 

A. Row 1 

B. Row 2 

C. Row 3 

D. Row 4 

E. Row 5 

F. Row 6 

G. Row 7 

H. Row 8 

Answer: B,D,F,H 

Q27. Which Cisco WSA is intended for deployment in organizations of up to 1500 users? 

A. WSA S370 

B. WSA S670 

C. WSA S370-2RU 

D. WSA S170 


Q28. The Web Security Appliance has identities defined for faculty and staff, students, and default access. The faculty and staff identity identifies users based on the source network and authenticated credentials. The identity for students identifies users based on the source network along with successful authentication credentials. The global identity is for guest users not authenticated against the domain. 

Recently, a change was made to the organization's security policy to allow faculty and staff access to a social network website, and the security group changed the access policy for faculty and staff to allow the social networking category. 

Which are the two most likely reasons that the category is still being blocked for a faculty and staff user? (Choose two.) 

A. The user is being matched against the student policy because the user did not enter credentials. 

B. The user is using an unsupported browser so the credentials are not working. 

C. The social networking URL was entered into a custom URL category that is blocked in the access policy. 

D. The user is connected to the wrong network and is being blocked by the student policy. 

E. The social networking category is being allowed but the AVC policy is still blocking the website. 

Answer: C,E 

Q29. What is a primary difference between the web security features of the Cisco WSA and the Cisco ASA NGFW? 

A. Cisco WSA provides URL filtering, while Cisco ASA NGFW does not. 

B. Cisco ASA NGFW provides caching services, while Cisco WSA does not. 

C. Cisco WSA provides web reputation filtering, while Cisco ASA NGFW does not. 

D. Cisco ASA NGFW provides application visibility and control on all ports, while Cisco WSA does not. 


Q30. Which Cisco Cloud Web Security Connector feature allows access by all of an organization's users while applying Active Directory group policies? 

A. a company authentication key 

B. a group authentication key 

C. a PAC file 

D. proxy forwarding 

E. a user authentication key