[Free] Download New Updated (April 2016) Cisco 300-207 Actual Tests 61-70

Ensurepass

QUESTION 61

The Web Security Appliance has identities defined for faculty and staff, students, and default access. The faculty and staff identity identifies users based on the source network and authenticated credentials. The identity for students identifies users based on the source network along with successful authentication credentials. The global identity is for guest users not authenticated against the domain. Recently, a change was made to the organization’s security policy to allow faculty and staff access to a social network website, and the security group changed the access policy for faculty and staff to allow the social networking category. Which are the two most likely reasons that the category is still being blocked for a faculty and staff user? (Choose two.)

 

A.

The user is being matched against the student policy because the user did not enter credentials.

B.

The user is using an unsupported browser so the credentials are not working.

C.

The social networking URL was entered into a custom URL category that is blocked in the access policy.

D.

The user is connected to the wrong network and is being blocked by the student policy.

E.

The social networking category is being allowed but the AVC policy is still blocking the website.

 

Correct Answer: CE

 

 

QUESTION 62

Which five system management protocols are supported by the Intrusion Prevention System? (Choose five.)

 

A.

SNMPv2c

B.

SNMPv1

C.

SNMPv2

D.

SNMPv3

E.

syslog

F.

SDEE

G.

SMTP

 

Correct Answer: ABCFG

 

 

QUESTION 63

Which IPS signature regular expression CLI command matches a host issuing a domain lookup for www.theblock.com?

 

A.

regex-string (x03[Tt][Hh][Ee]x05[Bb][Ll][Oo][Cc][Kk])

B.

regex-string (x0b[theblock.com])

C.

regex-string (x03[the]x05[block]0x3[com])

D.

regex-string (x03[T][H][E]x05[B][L][O][C][K]x03[.][C][O][M]

 

Correct Answer: A

 

 

QUESTION 64

Which three user roles are partially defined by default in Prime Security Manager? (Choose three.)

 

A.

networkoperator

B.

admin

C.

helpdesk

D.

securityoperator

E.

monitoringadmin

F.

systemadmin

 

Correct Answer: BCF

 

 

QUESTION 65

Which three options are IPS signature classifications? (Choose three.)

 

A.

tuned signatures

B.

response signatures

C.

default signatures

D.

custom signatures

E.

preloaded signatures

F.

designated signatures

 

Correct Answer: ACD

 

 

QUESTION 66

At which value do custom signatures begin?

 

A.

1024

B.

10000

C.

1

D.

60000

 

Correct Answer: D

 

 

QUESTION 67

Which two commands are valid URL filtering commands? (Choose two.)

 

A.

url-server (DMZ) vendor smartfilter host 10.0.1.1

B.

url-server (DMZ) vendor url-filter host 10.0.1.1

C.

url-server (DMZ) vendor n2h2 host 10.0.1.1

D.

url-server (DMZ) vendor CISCO host 10.0.1.1

E.

url-server (DMZ) vendor web host 10.0.1.1

 

Correct Answer: AC

 

 

QUESTION 68

Which Cisco technology is a customizable web-based alerting service designed to report threats and vulnerabilities?

 

A.

Cisco Security Intelligence Operations

B.

Cisco Security IntelliShield Alert Manager Service

C.

Cisco Security Optimization Service

D.

Cisco Software Application Support Service

 

Correct Answer: B

 

 

QUESTION 69

clip_image002

clip_image004

clip_image006

 

Which signature definition is virtual sensor 0 assigned to use?

 

A.

rules0

B.

vs0

C.

sig0

D.

ad0

E.

ad1

F.

sigl

 

Correct Answer: C

Explanation:

This is the default signature.You can create multiple security policies and apply them to individual virtual sensors. A security policy is made up of a signature definition policy, an event action rules policy, and an anomaly detection policy. Cisco IPS contains a default signature definition policy called sig0, a defaultevent action rules policy called rules0, and a default anomaly detection policy called ad0. You can assign the default policies to a virtual sensor or you can create new policies.

 

 

 

 

 

 

 

QUESTION 70

clip_image002[1]

clip_image007

clip_image008

 

What action will the sensor take regarding IP addresses listed as known bad hosts in the Cisco SensorBase network?

 

A.

Global correlation is configured in Audit mode fortesting the feature without actually denying any hosts.

B.

Global correlation is configured in Aggressive mode, which has a very aggressive effect on deny actions.

C.

It will not adjust risk rating values based on the known bad hosts list.

D.

Reputation filtering is disabled.

 

Correct Answer: D

Explanation:

This can be seen on the Globabl Correlation – Inspection/Reputation tab show below:

 

clip_image010

 

Free VCE & PDF File for Cisco 300-207 Real Exam

Instant Access to Free VCE Files: CCNA | CCNP | CCIE …
Instant Access to Free PDF Files: CCNA | CCNP | CCIE …