2016-6-14: Cisco CCNP Security 300-207: Implementing Cisco Threat Control Solutions Exam Questions and Answers New Updated Today!
QUESTION 226
On which plateforms can you run CWS connector? (choose two)
A. Cisco ASA Firewall
B. Cisco IPS module
C. Standalone deployment
D. Cisco ISR router
E. Cisco Firepower NGIPS
Answer: AD
QUESTION 227
Refer to the exhibit, which description of the result of this configuration is true?
Router(config)#line vty 5 15
Router(config-line)#access-class 23 in
A. Only clients denied in access list 23 can manage the router.
B. Only telnet access (TCP) is allowed on the VTY lines of this router
C. Only clients permitted in access list 23 can manage the router
D. Only SSH access (TCP 23) is allowed on the VTY lines of this router.
Answer: C
QUESTION 228
What does the anomaly detection Cisco IOS IPS component detection ?
A. ARP Spoofing
B. Worm-infected hosts
C. Signature changes
D. Network Congestion
Answer: B
QUESTION 229
Refer to the exhibit. The security engineer has configured cisco cloud web security redirection on a cisco ASA firewall. Which statement describes what can be determined from exhibit?
authUserName: LAB\user1
authenticated: true
companyName: Companyl
countryCode: US
externalIP: 209.165.200.241
groupNames:
– Test Lab
– “LAB://testgroup’l
logicalTowerNumber: 197
staticGroupNames:
– Test Lab
– “LAB://testgroup’l
userName: userl
A. In case of issues, the next step should be to perform debugging on the cisco ASA.
B. The URL visited by the user was LAB://testgroup.
C. This out has been obtained by browsing to whoami.scansafe.net
D. The IP address of the Scansafe tower is 209.165.200.241
Answer: C
QUESTION 230
Refer to the exhibit. How is the “cisco” password stored?
Router (config) #username admin secret cisco
Router (config) #no service password-encryption
A. As MD5 hash
B. As Type 0
C. As Type 7
D. As Clear Text
Answer: A
QUESTION 231
Refer to the exhibit. What type of password is “cisco”?
Router(config)#service password-encryption
Router(config)#username admin password cisco
A. Enhanced
B. CHAP
C. Type 7
D. Type 0
Answer: C
QUESTION 232
When does the Cisco ASA send traffic to the Cisco ASA IPS module for analysis?
A. before firewall policy are applied
B. after outgoing VPN traffic is encrypted
C. after firewall policies are applied
D. before incoming VPN traffic is decrypted.
Answer: C
QUESTION 233
Which technique is deployed to harden network devices?
A. port-by-port router ACLs
B. infrastructure ACLs
C. transmit ACLs
D. VLAN ACLs
Answer: B
QUESTION 234
Refer to the exhibit. Which option describe the result of this configuration on a Cisco ASA firewall?
asafwl (config) #http server enable
asafw1(config)#http 10.10.10.1 255.255.255.255 inside
A. The firewall allows command-line access from 10.10.10.1
B. The firewall allows ASDM access from a client on 10.10.10.1
C. The management IP address of the firewall is 10.10.10.1
D. The inside interface IP address of the firewall is 10.10.10.1
Answer: B
2016 New Cisco 300-207 Study Materials:
1.| Latest 300-207 PDF Dumps & 300-207 VCE Dumps 251q from Braindump2go: http://www.braindump2go.com/300-207.html
[100% Exam Pass Guaranteed!]
2.| New 300-207 Exam Questions and Answers – Google Drive: https://drive.google.com/folderview?id=0B75b5xYLjSSNQUNpYTRvMUZDMG8&usp=sharing