[PDF&VCE] Updated 300-207 New Questions From Lead2pass Free Downloading (161-180)

15 Oct

2016 October Cisco Official New Released 300-207 Dumps in Lead2pass.com!

100% Free Download! 100% Pass Guaranteed!

I have already passed Cisco 300-207 certification exam yesterday….Scored 984/1000 in US! Many new exam questions added into the 2016 300-207 test! So I just come here to share with your guys and wish more 300-207 candidates can pass easily!

Following questions and answers are all new published by Cisco Official Exam Center: http://www.lead2pass.com/300-207.html

QUESTION 161
The Web Cache Communication Protocol (WCCP) is a content-routing protocol that can facilitate the redirection of traffic flows in real time. Your organization has deployed WCCP to redirect web traffic that traverses their Cisco Adaptive Security Appliances (ASAs) to their Cisco Web Security Appliances (WSAs).
The simulator will provide access to the graphical user interfaces of one Cisco ASA and one Cisco WSA that are participating in a WCCP service. Not all aspects of the GUIs are implemented in the simulator. The options that have been implemented are sufficient to determine the best answer to each of the questions that are presented.
Your task is to examine the details available in the simulated graphical user interfaces and select the best answer.

1611_thumb
1612_thumb

1613_thumb

1614_thumb

Which of the following is true with respect to the version of WCCP configured on the Cisco ASA and the Cisco WSA?

A.    Both are configured for WCCP v1.
B.    Both are configured for WCCP v2.
C.    Both are configured for WCCP v3.
D.    There is a WCCP version mismatch between the Cisco WSA and the Cisco ASA.

Answer: B
Explanation:
ASA version shows as version 2.0:
WSA also shows version 2 is being used:

QUESTION 162
What are two features of the Cisco ASA NGFW? (Choose two.)

A.    It can restrict access based on qualitative analysis.
B.    It can restrict access based on reputation.
C.    It can reactively protect against Internet threats.
D.    It can proactively protect against Internet threats.

Answer: BD

QUESTION 163
Which three statements about Cisco CWS are true? (Choose three.)

A.    It provides protection against zero-day threats.
B.    Cisco SIO provides it with threat updates in near real time.
C.    It supports granular application policies.
D.    Its Roaming User Protection feature protects the VPN from malware and data breaches.
E.    It supports local content caching.
F.    Its Cognitive Threat Analytics feature uses cloud-based analysis and detection to block threats outside the network.

Answer: ABC

QUESTION 164
Refer to the exhibit. What are two facts about the interface that you can determine from the given output? (Choose two.)
1641_thumb

A.    A Cisco Flexible NetFlow monitor is attached to the interface.
B.    A quality of service policy is attached to the interface.
C.    Cisco Application Visibility and Control limits throughput on the interface.
D.    Feature activation array is active on the interface.

Answer: AB

QUESTION 165
What are the two policy types that can use a web reputation profile to perform reputation-based processing? (Choose two.)

A.    profile policies
B.    encryption policies
C.    decryption policies
D.    access policies

Answer: CD

QUESTION 166
Which three pieces of information are required to implement transparent user identification using Context Directory Agent? (Choose three.)

A.    the server name of the global catalog domain controller
B.    the server name where Context Directory Agent is installed
C.    the backup Context Directory Agent
D.    the primary Context Directory Agent
E.    the shared secret
F.    the syslog server IP address

Answer: BDE

QUESTION 167
Which method does Cisco recommend for collecting streams of data on a sensor that has been virtualized?

A.    VACL capture
B.    SPAN
C.    the Wireshark utility
D.    packet capture

Answer: D

QUESTION 168
Which configuration mode enables a virtual sensor to monitor the session state for unidirectional traffic?

A.    asymmetric mode
B.    symmetric mode
C.    loose mode
D.    strict mode

Answer: A

QUESTION 169
Over the period of one day, several Atomic ARP engine alerts fired on the same IP address.
You observe that each time an alert fired, requests on the IP address exceeded replies by the same number. Which configuration could cause this behavior?

A.    The reply-ratio parameter is enabled.
B.    MAC flip is enabled.
C.    The inspection condition is disabled.
D.    The IPS is misconfigured.

Answer: A

QUESTION 170
Which type of signature is generated by copying a default signature and modifying its behavior?

A.    meta
B.    custom
C.    atomic
D.    normalized

Answer: B

QUESTION 171
Which two conditions must you configure in an event action override to implement a risk rating of 70 or higher and terminate the connection on the IPS? (Choose two.)

A.    Configure the event action override to send a TCP reset.
B.    Set the risk rating range to 70 to 100.
C.    Configure the event action override to send a block-connection request.
D.    Set the risk rating range to 0 to 100.
E.    Configure the event action override to send a block-host request.

Answer: AB

QUESTION 172
Which two conditions must you configure in an event action rule to match all IPv4 addresses in the victim range and filter on the complete subsignature range? (Choose two.)

A.    Disable event action override.
B.    Leave the victim address range unspecified.
C.    Set the subsignature ID-range to the default.
D.    Set the deny action percentage to 100.
E.    Set the deny action percentage to 0.

Answer: BC

QUESTION 173
If learning accept mode is set to “auto” and the knowledge base is loaded only when explicitly requested on the IPS, which statement about the knowledge base is true?

A.    The knowledge base is set to load dynamically.
B.    The knowledge base is set to “save only.”
C.    The knowledge base is set to “discarded.”
D.    The knowledge base is set to load statically.

Answer: B

QUESTION 174
In which way are packets handled when the IPS internal zone is set to “disabled”?

A.    All packets are dropped to the external zone.
B.    All packets are dropped to the internal zone.
C.    All packets are ignored in the internal zone.
D.    All packets are sent to the default external zone.

Answer: D

QUESTION 175
Which type of server is required to communicate with a third-party DLP solution?

A.    an HTTPS server
B.    an HTTP server
C.    an ICAP-capable proxy server
D.    a PKI certificate server

Answer: C

QUESTION 176
Which feature does Acceptable Use Controls use to implement Cisco AVC?

A.    ISA
B.    Cisco Web Usage Controls
C.    Cisco WSA
D.    Cisco ESA

Answer: B

QUESTION 177
You have configured a VLAN pair that is connected to a switch that is unable to pass traffic. If the IPS is configured correctly, which additional configuration must you perform to enable the switch to pass traffic?

A.    Configure access ports on the switch.
B.    Configure the trunk port on the switch.
C.    Enable IP routing on the switch.
D.    Enable ARP inspection on the switch.

Answer: A

QUESTION 178
You ran the ssh generate-key command on the Cisco IPS and now administrators are unable to connect. Which action can be taken to correct the problem?

A.    Replace the old key with a new key on the client.
B.    Run the ssh host-key command.
C.    Add the administrator IP addresses to the trusted TLS host list on the IPS.
D.    Run the ssh authorized-keys command.

Answer: A

QUESTION 179
Which piece of information is required to perform a policy trace for the Cisco WSA?

A.    the URL to trace
B.    the source IP address of the trace
C.    authentication credentials to make the request
D.    the destination IP address of the trace

Answer: A

QUESTION 180
What is a valid search parameter for the Cisco ESA find event tool?

A.    Envelope Origination
B.    Envelope Type
C.    Message ID
D.    Download Type

Answer: C

Pass 300-207 is not difficult! But you need more practice tests, I spent 1 month prepared for this exam! Here is full version of the exam dump, I want to share with you, maybe it can help you a little bit:

300-207 new questions on Google Drive: https://drive.google.com/open?id=0B3Syig5i8gpDM2V5bnM0dTVhYjg

2016 Cisco 300-207 exam dumps (All 251 Q&As) from Lead2pass:

http://www.lead2pass.com/300-207.html [100% Exam Pass Guaranteed]