次の認定試験に速く合格する！

簡単に認定試験を準備し、学び、そして合格するためにすべてが必要だ。

会員センターカート (0)

300-207 無料問題集「Cisco Implementing Cisco Threat Control Solutions (SITCS)」

ページ: 1 / 14
トータル 245 問

サインアップ、ログインされた後に、試験全体を無料で表示できるようになります。

完全版を入手する

質問 1

What can Cisco Prime Security Manager (PRSM) be used to achieve?

（A）Configure Cisco ASA connection limits

（B）Configure Cisco IPS signature and monitor signature alerts

（C）Configure and Monitor Cisco CX Application Visibility and Control, web filtering, access and decryption policies

（D）Configure TCP state bypass in Cisco ASA and IOS

（E）Cisco Cloud Security on Cisco ASA

正解：C 解答を投票する

質問 2

Which two design considerations are required to add the Cisco Email Security Appliance to an existing mail delivery
chain? (Choose two.)

（A）Update the MX records to point to the inbound listener interfaces on the ESA.

（B）Update the MX records to point to the outbound listener interfaces on the ESA.

（C）Different Listeners must be used to handle inbound and outbound mail handling.

（D）Existing MX records should be maintained and policy routing should be used to redirect traffic to the ES

（E）The ESA can be connected to a DMZ external to the Email Server but it maintains only a single routing table.

（F）The ESA should be connected to the same subnet as the Email Server because it maintains only a single routing
table.

（G）Mail Listeners by default can share the same IP interface by defining the routes for sending and receiving.

（H）The ESA can be connected to a DMZ external to the Email Server because it maintains multiple routing tables.

正解：A、E 解答を投票する

質問 3

A system administrator wants to know if the email traffic from a remote partner will activate special treatment
message filters that are created just for them. Which tool on the Cisco Email Security gateway can you use to debug or
emulate the flow that a message takes through the work queue?

（A）the CLI grep command

（B）the trace tool

（C）centralized or local message tracking

（D）the message tracker interface

（E）the CLI findevent command

正解：B 解答を投票する

質問 4

What step is required to enable HTTPS Proxy on the Cisco Web Security Appliance?

（A）Web Security Manager HTTPS Proxy click Enable

（B）System Administration HTTPS Proxy click Enable

（C）HTTPS Proxy is enabled by default

（D）Security Services HTTPS Proxy click Enable

正解：D 解答を投票する

質問 5

Which statement about the Cisco ASA CX role in inspecting SSL traffic is true?

（A）Either all traffic is decrypted, or no traffic is decrypted by the Cisco ASA CX.

（B）To decrypt traffic, the Cisco ASA CX must accept the websites' certificates as Trusted Root Cas.

（C）The traffic is encrypted, so the Cisco ASA CX cannot determine the content of the traffic.

（D）If the administrator elects to decrypt traffic, the Cisco ASA CX acts as a man-in-me-middle.

正解：D 解答を投票する

質問 6

Which method does Cisco recommend for collecting streams of data on a sensor that has been virtualized?

（A）SPAN

（B）packet capture

（C）the Wireshark utility

（D）VACL capture

正解：B 解答を投票する

質問 7

Which three options are IPS signature classifications? (Choose three.)

（A）response signatures

（B）default signatures

（C）designated signatures

（D）custom signatures

（E）tuned signatures

（F）preloaded signatures

正解：B、D、E 解答を投票する

質問 8

Which two configuration steps are required for implementing SSH for management access to a
Cisco router? (Choose two.)

（A）Configuring the SSH version with the ip ssh version 2 command.

（B）Enabling AAA for authentication, authorization, and accounting with the aaa new-model command.

（C）Enabling SSH transport with the transport input ssh command.

（D）Generating RSA key pairs with the crypto key generate rsa command.

（E）Configuring a domain name with the ip domain-name [name] command.

正解：C、E 解答を投票する

解説: (JPNTest メンバーにのみ表示されます)

質問 9

Elliptic curve cryptography is a stronger more efficient cryptography method meant to replace which current
encryption technology?

（A）AES

（B）RSA

（C）DES

正解：B 解答を投票する

質問 10

Which configuration option causes an ASA with IPS module to drop traffic matching IPS signatures and to block all
traffic if the module fails?

（A）Promiscuous Mode, Close Traffic

（B）Inline Mode, Permit Traffic

（C）Inline Mode, Close Traffic

（D）Promiscuous Mode, Permit Traffic

正解：C 解答を投票する

質問 11

What is the CLI command to create a new Message Filter in a Cisco Email Security Appliance?

（A）filterconfig

（B）messagefilters

（C）filters new

（D）policyconfig-- inbound or outbound-- filters

正解：C 解答を投票する

質問 12

Which two statements about Signature 1104 are true? (Choose two.)

（A）This is a custom signature.

（B）This signature has triggered as indicated by the red severity icon.

（C）Produce Alert is the only action defined.

（D）The severity level is High.

（E）This signature is enabled, but inactive, as indicated bythe/0 to that follows the signature number.

正解：C、D 解答を投票する

解説: (JPNTest メンバーにのみ表示されます)

質問 13

Which technique is deployed to harden network devices?

（A）infrastructure ACLs

（B）VLAN ACLs

（C）port-by-port router ACLs

（D）transmit ACLs

正解：A 解答を投票する

質問 14

A network engineer may use which three types of certificates when implementing HTTPS decryption services on the
ASA CX? (Choose three.)

（A）Public Certificate Authority Server Certificate

（B）Microsoft CA Subordinate Root Certificate

（C）LDAP CA Server Certificate

（D）LDAP CA Root Certificate

（E）Self Signed Server Certificate

（F）Public Certificate Authority Root Certificate

（G）Microsoft CA Server Certificate

（H）Self Signed Root Certificate

正解：B、D、H 解答を投票する

質問 15

Who or what calculates the signature fidelity rating in a Cisco IPS?

（A）Cisco Professional Services

（B）the administrator

（C）the security policy

（D）the signature author

正解：D 解答を投票する

質問 16

Which Cisco technology is a modular security service that combines a stateful inspection firewall with next-generation
application awareness, providing near real-time threat protection?

（A）Cisco ASA 5500 series appliances

（B）WSA

（C）Internet Edge Firewall / IPS

（D）Cisco ASA CX Context-Aware Security

正解：D 解答を投票する

質問 17

Which two statements regarding the basic setup of the Cisco CX for services are correct? (Choose two.)

（A）Public Certificates can be used for HTTPS Decryption policies.

（B）The Packet capture feature is available for either permitted or dropped packets by default.

（C）When adding a standard LDAP realm, the group attribute will be UniqueMember.

（D）The Packet capture features is available for permitted packets by default.

（E）Public Certificates cannot be used for HTTPS Decryption policies.

正解：D、E 解答を投票する

質問 18

The Web Cache Communication Protocol (WCCP) is a content-routing protocol that can facilitate the redirection of
traffic flows in real time. Your organization has deployed WCCP to redirect web traffic that traverses their Cisco
Adaptive Security Appliances (ASAs) to their Cisco Web Security Appliances (WSAs).
The simulator will provide access to the graphical user interfaces of one Cisco ASA and one Cisco WSA that are
participating in a WCCP service. Not all aspects of the GUIs are implemented in the simulator. The options that have
been implemented are sufficient to determine the best answer to each of the questions that are presented.
Your task is to examine the details available in the simulated graphical user interfaces and select the best answer.

How many Cisco ASAs and how many Cisco WSAs are participating in the WCCP service?

（A）One Cisco ASA or two Cisco ASAs configured as an Active/Standby failover pair, and one Cisco WS

（B）Two Cisco ASAs and two Cisco WSAs.

（C）One Cisco ASA or two Cisco ASAs configured as an Active/Standby failover pair, and two Cisco WSAs.

（D）One Cisco ASA or two Cisco ASAs configured as an Active/Active failover pair, and two Cisco WSAs.

（E）Two Cisco ASAs and one Cisco WSA.

（F）One Cisco ASA or two Cisco ASAs configured as an Active/Active failover pair, and one Cisco WSA.

正解：A 解答を投票する

解説: (JPNTest メンバーにのみ表示されます)

ページ: 1 / 14
トータル 245 問

300-207 の機能をすべて解除する

キャプチャ不要
365日無料更新サービス
希望する合格率を設定できる
時間の割り当てられる（時間：分）
300-207 に2つの練習用モード
サポートサービス対応

完全版を入手する

弊社を連絡する

我々は１２時間以内ですべてのお問い合わせを答えます。

オンラインサポート時間：( UTC+9 ) 9:00-24:00
月曜日から土曜日まで

サポート：現在連絡

トップ試験

ATM 試験問題集
AgilePM-Foundation 試験問題集
CCAK 試験問題集
MB-700 試験問題集
Acquia-Certified-Site-Builder-D8 試験問題集
SY0-701 試験問題集

300-207 無料問題集「Cisco Implementing Cisco Threat Control Solutions (SITCS)」

弊社を連絡する

関連リンク

トップ試験