IT認証試験問題集
毎月、ITshikenは1500人以上の受験者が試験準備を助けて、試験に合格するために受験者にご協力します
 ホームページ / 300-210 問題集  / 300-210 問題練習

Cisco 300-210 SITCS 問題練習

Implementing Cisco Threat Control Solutions (SITCS) 試験

最新更新時間: 2019/07/10,合計393問。

平成から令和へ:300-210 最新真題を買う時、日本語版と英語版両方を同時に獲得できます。

実際の問題集を練習し、試験のポイントを了解し、テストに申し込むするかどうかを決めることができます。

さらに試験準備時間の35%を節約するには、300-210 問題集を使用してください。

 / 27

Question No : 1












For which domains will the Cisco Email Security Appliance allow up to 5000 recipients per message?

正解:

Question No : 2
Which two configuration steps are required for implementing SSH for management access to a
Cisco router? (Choose two.)

正解:
Explanation: http://www.cisco.com/c/en/us/support/docs/security-vpn/secure-shell-ssh/4145ssh.html

Question No : 3
168.1.0.0.0.255
hostname(config)# class-map inspection_default

正解: C
Explanation:http://www.cisco.com/c/en/us/td/docs/security/asa/asa82/configuration/guide/config/inspect_overvi ew.html

Question No : 4
DRAG DROP
Drag and drop the terms on the left onto the correct definition for the promiscuous IPS risk rating calculation on the right.



正解:


Explanation: http://www.cisco.com/c/en/us/products/collateral/security/ips-4200-seriessensors/prod_white_paper0900aecd806e7299.html

Question No : 5
DRAG DROP
Drag and drop the steps on the left into the correct order on the right to configure a Cisco ASA
NGFW with multiple security contexts.



正解:


Explanation:
http://www.cisco.com/c/en/us/td/docs/security/security_management/cisco_security_manager/sec urity_manager/4-4/user/guide/CSMUserGuide_wrapper/pxcontexts.pdf (page 2 to 4)

Question No : 6
DRAG DROP
Drag and drop the Cisco Security IntelliShield Alert Manager Service components on the left onto the corresponding description on the right.



正解:

Question No : 7
DRAG DROP
Drag and drop the steps on the left into the correct order of initial Cisco IOS IPS configuration on the right.



正解:

Question No : 8
Which commands are required to configure SSH on router? (Choose two.)

正解:
Explanation:
Here are the steps:
Configure a hostname for the router using these commands.
yourname#configure terminal
Enter configuration commands, one per line. End with CNTL/Z.
yourname (config)#hostname LabRouter
LabRouter(config)#
Configure a domain name with the ip domain-name command followed by whatever you would like your domain name to be. I used CiscoLab.com.
LabRouter(config)#ip domain-name CiscoLab.com
We generate a certificate that will be used to encrypt the SSH packets using the crypto key generate rsa command.
Take note of the message that is displayed right after we enter this command: "The name for the keys will be: LabRouter.CiscoLab.com" -- it combines the hostname of the router along with the domain name we configured to get the name of the encryption key generated; this is why it was important for us to, first of all, configure a hostname then a domain name before we generated the keys.
Reference: https://www.pluralsight.com/blog/tutorials/configure-secure-shell-ssh-on-cisco-router

Question No : 9
Which Option of SNMPv3 ensure authentication but no encryption?

正解:
Explanation:
SNMPv1, SNMPv2c, and SNMPv3 each represent a different security model. The security model combines with the selected security level to determine the security mechanism applied when the
SNMP message is processed.
The security level determines the privileges required to view the message associated with an SNMP trap. The privilege level determines whether the message needs to be protected from disclosure or authenticated. The supported security level depends upon which security model is implemented. SNMP security levels support one or more of the following privileges:
SNMPv3 provides for both security models and security levels. A security model is an authentication strategy that is set up for a user and the role in which the user resides. A security level is the permitted level of security within a security model. A combination of a security model and a security level determines which security mechanism is employed when handling an SNMP packet.
Reference: http://www.cisco.com/en/US/

Question No : 10
Which signature engine is responsible for ICMP inspection on Cisco IPS?

正解:

Question No : 11
Which action is possible when a signature is triggered on the Cisco IOS IPS?

正解:

Question No : 12
Elliptic curve cryptography is a stronger more efficient cryptography method meant to replace which current encryption technology?

正解:

Question No : 13
Which description of an advantage of utilizing IPS virtual sensors is true?

正解:
Explanation:
http://www.cisco.com/c/en/us/td/docs/security/ips/7-
0/configuration/guide/cli/cliguide7/cli_virtual_sensors.pdf

Question No : 14
Which option describes the role of the Learning Accept Mode for anomaly detection?

正解:
Explanation:http://www.cisco.com/c/en/us/td/docs/security/security_management/cisco_security_manager/sec urity_manager/4-0/user/guide/CSMUserGuide_wrapper/ipsanom.html

Question No : 15
Which settings are required when deploying Cisco IPS in high-availability mode using
EtherChannel load balancy?
A. ECLB IPS appliances must be in on-a-stick mode, ECLB IPS solution maintains state if a sensor goes down, and TCP flow is forced through the same IPS appliance.A. ECLB IPS appliances must not be in on-a-stick mode, ECLB IPS solution maintains state if a sensor goes down, and TCP flow is forced through the same IPS appliance flow
B.ECLB IPS appliances must be in on-a-stick mode, ECLB IPS solution does not maintain state if a sensor goes down, and TCP flow is forced through a different IPS appliance.
D. ECLB IPS appliances must not be in on-a-stick mode, ECLB IPS solution does not maintain state if a sensor goes down, and TCP flow is forced through a different IPS appliance.

正解: C
Explanation:
http://www.cisco.com/en/US/products/hw/vpndevc/ps4077/products_configuration_example09186 a0080671a8d.shtml

 / 27