[PDF&VCE] New Lead2pass Cisco 300-207 New Questions Free Download (101-120)

2016 October Cisco Official New Released 300-207 Dumps in Lead2pass.com!

100% Free Download! 100% Pass Guaranteed!

2016 get prepared with fully updated Cisco 300-207 real exam questions and accurate answers for 300-207 exam. Lead2pass IT experts review the 300-207 newly added questions and offer correct Cisco 300-207 exam questions answers. 100% pass easily!

Following questions and answers are all new published by Cisco Official Exam Center: http://www.lead2pass.com/300-207.html

QUESTION 101
A system administrator wants to know if the email traffic from a remote partner will activate special treatment message filters that are created just for them. Which tool on the Cisco Email Security gateway can you use to debug or emulate the flow that a message takes through the work queue?

A.    the message tracker interface
B.    centralized or local message tracking
C.    the CLI findevent command
D.    the trace tool
E.    the CLI grep command

Answer: D

QUESTION 102
Which command verifies that CWS redirection is working on a Cisco IOS router?

A.    show content-scan session active
B.    show content-scan summary
C.    show interfaces stats
D.    show sessions

Answer: A

QUESTION 103
Which two commands are used to verify that CWS redirection is working on a Cisco ASA appliance? (Choose two.)

A.    show scansafe statistics
B.    show webvpn statistics
C.    show service-policy inspect scansafe
D.    show running-config scansafe
E.    show running-config webvpn
F.    show url-server statistics

Answer: AC

QUESTION 104
A user is deploying a Cisco IPS appliance in a data center to mitigate most attacks, including atomic attacks. Which two modes does Cisco recommend using to configure for this? (Choose two.)

A.    VLAN pair
B.    interface pair
C.    transparent mode
D.    EtherChannel load balancing
E.    promiscuous mode

Answer: AD

QUESTION 105
Which statement about Cisco IPS Manager Express is true?

A.    It provides basic device management for large-scale deployments.
B.    It provides a GUI for configuring IPS sensors and security modules.
C.    It enables communication with Cisco ASA devices that have no administrative access.
D.    It provides greater security than simple ACLs.

Answer: B

QUESTION 106
Refer to the exhibit. When designing the network to redirect web traffic utilizing the Catalyst 6500 to the Cisco Web Security Appliance, impact on the switch platform needs consideration.
Which four rows identify the switch behavior in correlation to the redirect method? (Choose four.)
1061

A.    Row 1
B.    Row 2
C.    Row 3
D.    Row 4
E.    Row 5
F.    Row 6
G.    Row 7
H.    Row 8

Answer: BCFG

QUESTION 107
Refer to the exhibit. Which four rows exhibit the correct WCCP service to protocol assignments? (Choose four.)
1071

A.    Row 1
B.    Row 2
C.    Row 3
D.    Row 4
E.    Row 5
F.    Row 6
G.    Row 7
H.    Row 8

Answer: BDFH

QUESTION 108
Which three protocols are required when considering firewall rules for email services using a Cisco Email Security Appliance? (Choose three.)

A.    SMTP
B.    HTTP
C.    DNS
D.    SNMP
E.    FTP

Answer: ABC

QUESTION 109
Which two design considerations are required to add the Cisco Email Security Appliance to an existing mail delivery chain? (Choose two.)

A.    Existing MX records should be maintained and policy routing should be used to redirect traffic to the ESA.
B.    Update the MX records to point to the inbound listener interfaces on the ESA.
C.    Update the MX records to point to the outbound listener interfaces on the ESA.
D.    Different Listeners must be used to handle inbound and outbound mail handling.
E.    The ESA should be connected to the same subnet as the Email Server because it maintains only a single routing table.
F.    The ESA can be connected to a DMZ external to the Email Server because it maintains multiple routing tables.
G.    The ESA can be connected to a DMZ external to the Email Server but it maintains only a single routing table.
H.    Mail Listeners by default can share the same IP interface by defining the routes for sending and receiving.

Answer: BG

QUESTION 110
Which three sender reputation ranges identify the default behavior of the Cisco Email Security Appliance? (Choose three.)

A.    If it is between -1 and +10, the email is accepted
B.    If it is between +1 and +10, the email is accepted
C.    If it is between -3 and -1, the email is accepted and additional emails from the sender are throttled
D.    If it is between -3 and +1, the email is accepted and additional emails from the sender are throttled
E.    If it is between -4 and +1, the email is accepted and additional emails from the sender are throttled
F.    If it is between -10 and -3, the email is blocked
G.    If it is between -10 and -3, the email is sent to the virus and spam engines for additional scanning
H.    If it is between -10 and -4, the email is blocked

Answer: ACF

QUESTION 111
Which two statements regarding the basic setup of the Cisco CX for services are correct? (Choose two.)

A.    The Packet capture feature is available for either permitted or dropped packets by default.
B.    Public Certificates can be used for HTTPS Decryption policies.
C.    Public Certificates cannot be used for HTTPS Decryption policies.
D.    When adding a standard LDAP realm, the group attribute will be UniqueMember.
E.    The Packet capture features is available for permitted packets by default.

Answer: CE

QUESTION 112
Which three zones are used for anomaly detection in a Cisco IPS? (Choose three.)

A.    internal zone
B.    external zone
C.    illegal zone
D.    inside zone
E.    outside zone
F.    DMZ zone

Answer: ABC

QUESTION 113
Who or what calculates the signature fidelity rating in a Cisco IPS?

A.    the signature author
B.    Cisco Professional Services
C.    the administrator
D.    the security policy

Answer: A

QUESTION 114
Which command sets the number of packets to log on a Cisco IPS sensor?

A.    ip-log-count number
B.    ip-log-packets number
C.    ip-log-bytes number
D.    ip-log number

Answer: B

QUESTION 115
Refer to the exhibit. The system administrator of mydomain.com was informed that one of the users in his environment received spam from an Internet sender. Message tracking shows that the emails for this user were not scanned by antispam. Why did the Cisco Email Security gateway fail to do a spam scan on emails for [email protected]?
1151

A.    The remote MTA activated the SUSPECTLIST sender group.
B.    The Cisco Email Security gateway created duplicates of the message.
C.    The user [email protected] matched an inbound rule with antispam disabled.
D.    The user [email protected] matched an inbound rule with antispam disabled.

Answer: D

QUESTION 116
Lab Sim
1161

1162
Answer:
For Answer Please flow Steps are in Explanation
First, enable the Gig 0/0 and Gig 0/1 interfaces:
1163
Second, create the pair under the "interface pairs" tab:
1164
Then, apply the HIGHRISK action rule to the newly created interface pair:
1165
Then apply the same for the MEDIUMRISK traffic (deny attacker inline)
1166
Finally. Log the packets for the LOWRICK event:
1167
When done it should look like this:
1168
1169
QUESTION 117
Which three features does Cisco CX provide? (Choose three.)

A.    HTTPS traffic decryption and inspection
B.    Application Visibility and Control
C.    Category or reputation-based URL filtering
D.    Email virus scanning
E.    Application optimization and acceleration
F.    VPN authentication

Answer: ABC

QUESTION 118
Which three functions can Cisco Application Visibility and Control perform within Cisco Cloud Web Security? (Choose three.)

A.    validation of malicious traffic
B.    traffic control
C.    extending Web Security to all computing devices
D.    application-level classification
E.    monitoring
F.    signature tuning

Answer: BDE

QUESTION 119
Which Cisco Web Security Appliance deployment mode requires minimal change to endpoint devices?

A.    Transparent Mode
B.    Explicit Forward Mode
C.    Promiscuous Mode
D.    Inline Mode

Answer: A

QUESTION 120
What is the default antispam policy for positively identified messages within the Cisco Email Security Appliance?

A.    Drop
B.    Deliver and Append with [SPAM]
C.    Deliver and Prepend with [SPAM]
D.    Deliver and Alternate Mailbox

Answer: C

Latest 300-207 questions and answers from Cisco Exam Center offered by Lead2pass for free share now! Read and remember all real questions answers, Guarantee pass 300-207 real test 100% or full money back!

300-207 new questions on Google Drive: https://drive.google.com/open?id=0B3Syig5i8gpDM2V5bnM0dTVhYjg

2016 Cisco 300-207 exam dumps (All 251 Q&As) from Lead2pass:

http://www.lead2pass.com/300-207.html [100% Exam Pass Guaranteed]