Cisco 300-210 Online Practice Questions and Exam Preparation

Cisco 300-210 Online Questions & Answers

• Question 241:

  An engineer is using the reporting feature on a WSA,. Which option must they consider about the reporting capabilities?

  A. Report can be viewed for a particular domain, user, or category
  B. Report must be schedules manually
  C. Report to view system activity over a specified period of time do not exist
  D. Delete reports require a separate license
  A. Report can be viewed for a particular domain, user, or category

• Question 242:

  Which Cisco Web Security Appliance deployment mode requires minimal change to endpoint devices?

  A. Transparent Mode
  B. Explicit Forward Mode
  C. Promiscuous Mode
  D. Inline Mode
  A. Transparent Mode

• Question 243:

  Which devices support cluster?

  A. All of them
  B. FTD
  C. NGIPSv
  A. All of them

• Question 244:

  Which website can be used to validate group information about connections that flow through Cisco CWS?

  A. whoami.scansafe.com
  B. policytrace.scansafe.com
  C. policytrace.scansafe.net
  D. whoami.scansafe.net
  C. policytrace.scansafe.net

• Question 245:

  What is a purpose of the network analysis policy on a Cisco Firepower NGIPS?

  A. It governs how traffic is preprocessed before inspection
  B. it defines the rules for encrypting traffic
  C. it examines packets for attacks by using intrusion rules
  D. it specifies the outer-header criteria used to process traffic without using advanced inspection
  A. It governs how traffic is preprocessed before inspection

• Question 246:

  An engineer is deploying AMP for the first time and cannot afford any interrupted to network traffic. Which policy types does NOT disrupted the network?

  A. Protect
  B. Server
  C. Audit
  D. tnage
  C. Audit

• Question 247:

  Which three statements about threat ratings are true? (Choose three.)

  A. A threat rating is equivalent to a risk rating that has been lowered by an alert rating.
  B. The largest threat rating from all actioned events is added to the risk rating.
  C. The smallest threat rating from all actioned events is subtracted from the risk rating.
  D. The alert rating for deny-attacker-inline is 45.
  E. Unmitigated events do not cause a threat rating modification.
  F. The threat rating for deny-attacker-inline is 50.
  A. A threat rating is equivalent to a risk rating that has been lowered by an alert rating.
  D. The alert rating for deny-attacker-inline is 45.
  E. Unmitigated events do not cause a threat rating modification.

• Question 248:

  

  

  What action will the sensor take regarding IP addresses listed as known bad hosts in the Cisco SensorBase network?

  A. Global correlation is configured in Audit mode fortesting the feature without actually denying any hosts.
  B. Global correlation is configured in Aggressive mode, which has a very aggressive effect on deny actions.
  C. It will not adjust risk rating values based on the known bad hosts list.
  D. Reputation filtering is disabled.
  D. Reputation filtering is disabled.

  ---

  This can be seen on the Globabl Correlation ?Inspection/Reputation tab show below:

  

• Question 249:

  Which type of policy is used to define the scope for applications that are running on hosts?

  A. access control policy.
  B. application awareness policy.
  C. application detector policy.
  D. network discovery policy.
  C. application detector policy.

• Question 250:

  Which two benefits are provided by the dynamic dashboard in Cisco ASDM Version 5.2? (Choose two.)

  A. It configures system polices for NAC devices.
  B. It forwards traffic to destination devices.
  C. It provides statistics for device health.
  D. It replaces syslog, RADIUS, and TACACS+ servers.
  E. It automatically detects Cisco security appliances to configure.
  C. It provides statistics for device health.
  E. It automatically detects Cisco security appliances to configure.