Jump to content
meshal66

new question 300-210

Recommended Posts

Hi all

 

these is New questions 300-210 but i'm not sure about the answers ...!!

 

 

1, A network engineer wants to deploy a virtual cisco ESA and wants protection against email-based threats, email encryption, and clustering. Which software license bundle must the network engineer purchase to access these components?

A, cisco email security Premium

B, cisco email security Hybrid Essential

C, cisco email security advansed

D, cisco email security Gateway

Ans: B ?

2, over which two ports does the ISR G2 connector for CWS support redirection of HTTP traffic? (choose twe)

A, TCP port 65535

B, UDP port 8080

C, TCP port 88

D, TCP port 80

E, UDP port 80

Ans:A, D ?

3, An engineer wants to improve web traffic performance by proxy caching. Which technology provides this improvement?

A, Firepower

B, FireSIGT

C, WSA

D, ASA

Ans: C ?

4, A customer is concerned with their employee’s internet usage and has asked for more web traffic control. Which two features of the cisco web security appliance help with issue? (choose two)

A, Advanced Malware Protection

B, Dynamic ARP Inspection

C, DHCP spoofing Protection

D, Network Address Translation

E, Application Visibility and Control

Ans: A, E ?

5, An engineer is configuring a cisco ESA and wants to control whether to accept or reject email messages to a messages to a recipient ddress. Which list contains the allowed recipient addresses?

A, BAT

B, HAT

C, SAT

D, RAT

Ans:D ?

6, In cisco Firepower 6.0, which policy contains the button that allows you to access the network analysis policy?

A, Network discovery policy

B, intrusion Policy

C, access control policy

D, file policy

Ans: C ?

7, which two routing options are valid with cisco firePOWER threat Defense version 6.0?(choose two)

A, ECMP with up to three equal cost paths across multiple interfaces

B, BGPv6

C, BGPv4 with nonstop forwarding

D, BGPv4 unicast address family

E, ECMP with up to four equal cost paths

Ans: A, B ?

8, An engineer wants to cluster an existing ESA physical appliance with an ESA virtual appliance. Which statement is true?

A, This action is possible as long as the devices are running the identical AsyncOS

B, This action is not possible for virtual appliances

C, This action is possible between different models and OS

D, This action is not possible because the devices are not identical models

Ans: A ?

9, in cisco firePOWER 5.x and 6.0, which type of traffic causes a web page to be displayed by the appliance when Block or Interactive Block is selected as an access control action?

A, FTP

B, decrypted HTTP

C, encrypted HTTP

D, unencrypted HHTP

Ans: D ?

10, which two types of software can be installed on a cisco ASA-5545-X appliance? (choose two)

A, cisco ASAv

B, Cisco firePOWER Appliance

C, Cisco firePOWER services

D, cisco ASA

E, ciscofirePOWER management Center

Ans: C, D ?

11, which type of interface do you configure to receive traffic from a switch or tap, promiscuously, on a cisco firePOWER device?

A, inline set

B, transparent

C, Routed

D, Passive

Ans: A ?

12, which two tasks can the network discovery feature perform? (choose two)

A, host discovery

B, Block traffic

C, user discovery

D, reset connection

E, route traffic

Ans: A, C ?

13, which two services must remain as on-premisses equipment when deploying a hybrid email solution? (choose two)

A, DDoS

B, DLP

C, antispam

D, encryption

E, antivirus

Ans: D, E ?

14, Remote clients have reportted application slowness. The remote site has one circuit that is highly utilized and a second circuit with nearly zero utilization. The business unit has asked to have applications load shared over two WAN links. An engineer has decided to deploy cisco Application Visibility and Control to better utilize the existing WAN links and to understand the traffic flows. Which configuration provides application deep packet inspection?

A, IP accounting

B, NBAR2

C, RMON

D, SNMP

Ans: A ?

15, which two options are the basic parts of a Snort rule? (Choose two)

A, rule policy

B, rule header

C, Rule assignment and ports

D, rule options

E, Rule footer

Ans: A, C ?

 

please check these answers and let me know if the are not correct

Edited by meshal66

Share this post


Link to post
Share on other sites

For question 1:

The answer is A

 

Email Security Premium Boundle: Antispam scanning, Sophos Antivirus solution, Virus Outbreack filtres,

DLP Compliance, Email encryption, CLustering.

  • Like 1

Share this post


Link to post
Share on other sites

For question 15:

 

15, which two options are the basic parts of a Snort rule? (Choose two)

A, rule policy

B, rule header <----------------

C, Rule assignment and ports

D, rule options <------------

E, Rule footer

 

Ans: A, C ? B, D

 

Hidden Content

    Give reaction to this post to see the hidden content.

Share this post


Link to post
Share on other sites

today fail this exam. saw that questions.

 

my answers

1. B

2. A,D

3. C

4. A,E not sure about answers

5. B (HAT for white-black lists recipients)

6. C

7. A,D

8. A

9. D not sure with correct haven't any explanations in cisco site

10. C,D

11 D ??? not sure

12 Also answer A,C

13 My answer was B,E maybe correct B, D?

14 My answer was B

15 A Snort rule can be broken down into two basic parts, the rule header and options for the rule.

Hidden Content

    Give reaction to this post to see the hidden content.
my answers was B,D

 

Finally still fail result, i have a lab scenario with CWS configuration with ISR G2 configuration, in lab interface f0/1 still don't up, but all config was written correctly.

 

***! Absolutly not passable new exams!!!

Edited by ruslanss

Share this post


Link to post
Share on other sites

today fail this exam. saw that questions.

 

my answers

1. B

2. A,D

3. C

4. A,E not sure about answers

5. B (HAT for white-black lists recipients)

6. C

7. A,D

8. A

9. D not sure with correct haven't any explanations in cisco site

10. C,D

11 D ??? not sure

12 Also answer A,C

13 My answer was B,E maybe correct B, D?

14 My answer was B

15 A Snort rule can be broken down into two basic parts, the rule header and options for the rule.

Hidden Content

    Give reaction to this post to see the hidden content.
my answers was B,D

 

Finally still fail result, i have a lab scenario with CWS configuration with ISR G2 configuration, in lab interface f0/1 still don't up, but all config was written correctly.

 

***! Absolutly not passable new exams!!!

 

 

So what is the question pools are you using ? this 15 question plus the 67 questions ? (you mentioned still got 15-20 new questions....can you remember?)

Share this post


Link to post
Share on other sites

61 total questions. about 1/3 out of dumps.. More of them from topic starter.

 

so total new questions are 40?????.............how to pass like this ?

Share this post


Link to post
Share on other sites

Question 5:

deployment details

August 2013

26

Enabling Mail Policies

1. Configure outbound email

2. Set up Bounce Verification

3. Review incoming mail policies

4. Enable message tracking (optional)

PROCESS

now that system setup is complete, you are ready to enable mail policies.

Procedure 1

Configure outbound email

Cisco ESA uses a Recipient Access Table (RAT) to control whether to accept or reject email messages to

a recipient address. The System Setup Wizard configures Cisco ESA to accept email to your organization

(Example: cisco.local), but rejects email to all other recipients.

Share this post


Link to post
Share on other sites

Question 9:

HTTP Response Pages and Interactive Blocking

Thefollowing

topicsdescribe

howtoconfigure

custom

pagestodisplay

whenthesystem

blockswebrequests:

About HTTP Response

Pages,

page 1

Choosing

HTTP Response

Pages,

page 2

Interactive

Blocking

with HTTP Response

Pages,

page 3

About HTTP Response Pages

As part of access control,

you can configure

an

HTTPresponsepage

to display

when the system

blocks web

requests,

using either access control

rules or the access control

policy default

action.

You can choose

a generic

system-provided

response

page, or you can enter custom

HTML.

The reponse

page

displayed

depends

on how you block the session:

Block or Block with reset

A blocked

session

times out or resets. The

Block

Response

Page

overrides

the default

browser

or server page that explains

that the connection

was denied.

Interactive

BlockorInteractive

Blockwithreset

Thesystem

candisplay

an

Interactive

Block

Response

Page

to warn users, but also allow them to click a button (or refresh

the page) to load the originally

requested

site. Users may have to refresh

after bypassing

the response

page to load page elements

that

did not load.

HTTP response

pages do not always

appear

when the system

blocks web traffic; see Limitations

to HTTP

Response

Pages, on page 1.

Limitations to HTTP Response Pages

HTTP response

pages do not always

appear

when the system

blocks web traffic.

Configurations Other Than Access Control Rules

Thesystem

displays

aresponse

pageonlyforunencrypted

ordecrypted

connections

blocked

(orinteractively

blocked)

either by access control

rules or by the access control

policy default

action.

Share this post


Link to post
Share on other sites

New questions

 

1. Which two statement about Cisco Firepower file and intrusion inspection under control policies are true? (Choose two.)

A. File inspection occurs before intrusion prevention.

B. Intrusion Inspection occurs after traffic is blocked by file type.

C. File and intrusion drop the same packet.

D. Blocking by file type takes precedence over malware inspection and blocking

E. File inspection occurs after file discovery

 

Answer A,E. Please check yourself!!!

 

2. Which SSL traffic decryption feature is used when decrypting traffic from an external host to a server on your network?

A. Decrypt by stripping the server certificate.

B. Decrypt by resigning the server certificate

C. Decrypt with a known private key

D. Decypt with a known public key

 

Answer B. Please check yourself!!!

 

3. An engineer must deploy AMP with cloud protection. Which machine learning engine uses active heuristics.

A. Spero

B. IOCs

C. 1to1

D. Ethos

 

Answer A. Please check yourself!!!

Share this post


Link to post
Share on other sites

4. An engineer must architect an AMP private cloud deployment. What is the benefit of running in air-gaped mode?

A. Internet connection is not required for disposition.

B. Database sync time is reduced.

C. Disposition queries are done on AMP appliances.

D. A dedicated server is needed to run amp-sync.

 

Answer D. Please check yourself!!!

 

5. Which Cisco AMP file disposition valid?

A. pristine

B. malware

C. dirty

D. nonmalicios

 

Answer D. Please check yourself!!!

 

6. An engineer is configuring a Cisco Email Security Appliance (ESA) and chooses "Preferred" as the settings for TLS on a HAT Mail Flow Policy. Which result occurs?.

A. TLS is allowed for outgoing connections to MTAs. Connection to the listener require encrypted Simple Mail Transfer Protocol conversations

B. TLS is allowed for incoming connections to the listener from MTAs, even after a STARTTLS command received

C. TLS is allowed for incoming connections to the listener from MTAs. Until a STARTTLS command received, the ESA responds with an error message to every command other than No Option, EHLO, or QUIT.

D. TLS is allowed for outgoing connections to the listener from MTAs. Until a STARTTLS command received, the ESA responds with an error message to every command other than No Option (NOOP), EHLO, or QUIT.

 

Answer D. Please check yourself!!!

Share this post


Link to post
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.


×
×
  • Create New...