Online Access Free 300-207 Practice Test

Which two design considerations are required to add the Cisco Email Security Appliance to an existing mail delivery
chain? (Choose two.)

• A.Existing MX records should be maintained and policy routing should be used to redirect traffic to the ES
• B.The ESA should be connected to the same subnet as the Email Server because it maintains only a single routing
  table.
• C.Mail Listeners by default can share the same IP interface by defining the routes for sending and receiving.
• D.Different Listeners must be used to handle inbound and outbound mail handling.
• E.The ESA can be connected to a DMZ external to the Email Server but it maintains only a single routing table.
• F.The ESA can be connected to a DMZ external to the Email Server because it maintains multiple routing tables.
• G.Update the MX records to point to the inbound listener interfaces on the ESA.
• H.Update the MX records to point to the outbound listener interfaces on the ESA.

Which Cisco Cloud Web Security tool provides URL categorization?

• A.Cisco ScanSafe
• B.Cisco Dynamic Content Analysis Engine
• C.ASA Firewall Proxy
• D.Cisco Web Usage Control

The Web Security Appliance has identities defined for faculty and staff, students, and default access. The faculty and
staff identity identifies users based on the source network and authenticated credentials. The identity for students
identifies users based on the source network along with successful authentication credentials. The global identity is
for guest users not authenticated against the domain.
Recently, a change was made to the organization's security policy to allow faculty and staff access to a social network
website, and the security group changed the access policy for faculty and staff to allow the social networking
category.
Which are the two most likely reasons that the category is still being blocked for a faculty and staff user? (Choose
two.)

• A.The social networking category is being allowed but the AVC policy is still blocking the website.
• B.The user is being matched against the student policy because the user did not enter credentials.
• C.The social networking URL was entered into a custom URL category that is blocked in the access policy.
• D.The user is connected to the wrong network and is being blocked by the student policy.
• E.The user is using an unsupported browser so the credentials are not working.

Which feature does Acceptable Use Controls use to implement Cisco AVC?

• A.ISA
• B.Cisco ESA
• C.Cisco Web Usage Controls
• D.Cisco WSA

Which IPS feature allows you to aggregate multiple IPS links over a single port channel?

• A.UDLD
• B.ECLB
• C.PAgP
• D.LACP