[Free] Download New Latest (September 2016) Cisco 300-207 Actual Test 81-90

Ensurepass

QUESTION 81

What Event Action in an IPS signature is used to stop an attacker from communicating with a network using an access-list?

 

A.

Request Block Host

B.

Deny Attacker Inline

C.

Deny Connection Inline

D.

Deny Packet Inline

E.

Request Block Connection

 

Correct Answer: A

 

 

QUESTION 82

Within Cisco IPS anomaly detection, what is the default IP range of the external zone?

 

A.

0.0.0.0 0.0.0.0

B.

0.0.0.0 – 255.255.255.255

C.

0.0.0.0/8

D.

the network of the management interface

 

Correct Answer: B

 

 

QUESTION 83

Which two Cisco IPS events will generate an IP log? (Choose two.)

 

A.

A signature had an event action that was configured with log packets.

B.

A statically configured IP or IP network criterion was matched.

C.

A dynamically configured IP address or IP network was matched.

D.

An attack produced a response action.

 

Correct Answer: AB

 

 

QUESTION 84

Which three options are valid event actions for a Cisco IPS? (Choose three.)

 

A.

deny-packet-inline

B.

deny-attack-reset

C.

produce-verbose-alert

D.

log-attacker-packets

E.

deny-packet-internal

F.

request-block-drop-connection

 

Correct Answer: ACD

 

 

QUESTION 85

Which configuration option causes an ASA with IPS module to drop traffic matching IPS signatures and to block all traffic if the module fails?

 

A.

Inline Mode, Permit Traffic

B.

Inline Mode, Close Traffic

C.

Promiscuous Mode, Permit Traffic

D.

Promiscuous Mode, Close Traffic

 

Correct Answer: B

 

 

QUESTION 86

Which Cisco IPS CLI command shows the most fired signature?

 

A.

show statistics virtual-sensor

B.

show event alert

C.

show alert

D.

show version

 

Correct Answer: A

 

 

QUESTION 87

Which IPS engine detects ARP spoofing?

 

A.

Atomic ARP Engine

B.

Service Generic Engine

C.

ARP Inspection Engine

D.

AIC Engine

 

Correct Answer: A

 

 

QUESTION 88

Which two options are characteristics of router-based IPS? (Choose two.)

 

A.

It supports custom signatures

B.

It supports virtual sensors.

C.

It supports multiple VRFs.

D.

It uses configurable anomaly detection.

E.

Signature definition files have been deprecated.

 

Correct Answer: CE

 

 

QUESTION 89

What is the access-list command on a Cisco IPS appliance used for?

 

A.

to permanently filter traffic coming to the Cisco IPS appliance via the sensing port

B.

to filter for traffic when the Cisco IPS appliance is in the inline mode

C.

to restrict management access to the sensor

D.

to create a filter that can be applied on the interface that is under attack

 

Correct Answer: C

 

 

 

QUESTION 90

How does a user access a Cisco Web Security Appliance for initial setup?

 

A.

Connect the console cable and use the terminal at 9600 baud to run the setup wizard.

B.

Connect the console cable and use the terminal at 115200 baud to run the setup wizard.

C.

Open the web browser at 192.168.42.42:8443 for the setup wizard over https.

D.

Open the web browser at 192.168.42.42:443 for the setup wizard over https.

 

Correct Answer: C

 

Free VCE & PDF File for Cisco 300-207 Real Exam

Instant Access to Free VCE Files: CCNA | CCNP | CCIE …
Instant Access to Free PDF Files: CCNA | CCNP | CCIE …