Cause all that matters here is passing the Cisco 300-210 exam. Cause all that you need is a high score of 300-210 Implementing Cisco Threat Control Solutions (SITCS) exam. The only one thing you need to do is downloading Ucertify 300-210 exam study guides now. We will not let you down with our money-back guarantee.
Q1. Which three access control actions permit traffic to pass through the device when using Cisco FirePOWER? (Choose three.)
A. pass
B. trust
C. monitor
D. allow
E. permit
F. inspect
Answer: B C D
Explanation
http://www.cisco.com/c/en/us/td/docs/security/firesight/541/user-guide/FireSIGHT-System-UserGuide-v5401/A
Q2. Which option is a benefit of Cisco Email Security virtual appliance over the Cisco ESA appliance?
A. global threat intelligence updates from Talos
B. reduced space and power requirements
C. outbound message protection
D. automated administration
Answer: B
Q3. On Cisco Firepower Management Center, which policy is used to collect health modules alerts from managed devices?
A. health policy
B. system policy
C. correlation policy
D. access control policy
E. health awareness policy
Answer: A
Q4. With Firepower Threat Defense, which two interface settings are required when configuring a routed interface? (Choose two.)
A. Speed
B. Duplex
C. Media Type
D. Redundant Interface
E. EtherChannel
Answer: A B
Q5. What is the maximum message size that the Cisco Email Security Appliance will accept from the violet.public domain?
A. 1 KB
B. 100 KB
C. 1 MB
D. 10 MB
E. 100 MB
F. Unlimited
Answer: D
Q6. Which detection method is also known as machine learning on Network-based Cisco Advanced Malware Protection?
A. custom file detection
B. hashing
C. Spero engine
D. dynamic analysis
Answer: D
Q7. Which Cisco Firepower rule action displays a HTTP warning page and resets the connection of HTTP traffic specified in the access control rule ?
A. Interactive Block with Reset
B. Block
C. Allow with Warning
D. Interactive Block
Answer: D
Explanation
http://www.cisco.com/c/en/us/td/docs/security/firesight/541/firepower-module-user-guide/asa-firepower-module
Q8. In a Cisco FirePOWER instrusion policy, which two event actions can be configured on a rule? (Choose two.)
A. drop packet
B. drop and generate
C. drop connection
D. capture trigger packet
E. generate events
Answer: B
Q9. What is a value that Cisco ESA can use for tracing mail flow?
A. the source IP address
B. the FQDN of the destination IP address
C. the destination IP address
D. the FQDN of the source IP address
Answer: D
Q10. Which three sender reputation ranges identify the default behavior of the Cisco Email Security Appliance? (Choose three.)
A. If it is between -1 and +10, the email is accepted
B. If it is between +1 and +10, the email is accepted
C. If it is between -3 and -1, the email is accepted and additional emails from the sender are throttled
D. If it is between -3 and +1, the email is accepted and additional emails from the sender are throttled
E. If it is between -4 and +1, the email is accepted and additional emails from the sender are throttled
F. If it is between -10 and -3, the email is blocked
G. If it is between -10 and -3, the email is sent to the virus and spam engines for additional scanning
H. If it is between -10 and -4, the email is blocked
Answer: A C F
Q11. Which Cisco Web Security Appliance feature enables the appliance to block suspicious traffic on all of its ports and IP addresses?
A. explicit forward mode
B. Layer 4 Traffic Monitor
C. transparent mode
D. Secure Web Proxy
Answer: B
Q12. Which three statements about Cisco CWS are true'? (Choose three )
A. It provides protection against zero-day threats.
B. Cisco SIO provides it with threat updates in near real time.
C. It supports granular application policies.
D. Its Roaming User Protection feature protects the VPN from malware and data breaches.
E. It supports local content caching.
F. Its Cognitive Threat Analytics feature uses cloud-based analysis and detection to block threats outside the network.
Answer: A B C
Q13. Which two TCP ports can allow the Cisco Firepower Management Center to communication with FireAMP cloud for file disposition information? (Choose two.)
A. 8080
B. 22
C. 8305
D. 32137
E. 443
Answer: D E
Explanation
http://www.cisco.com/c/en/us/support/docs/security/sourcefire-fireamp-private-cloud-virtual-appliance/118336-
&pos=2&
page=http://www.cisco.com/c/en/us/support/docs/security/sourcefire-amp-appliances/118121-technote-sourcefir
Q14. Which three operating systems are supported with Cisco AMP for Endpoints? (Choose three.)
A. Windows
B. AWS
C. Android
D. Cisco IOS
E. OS X
F. ChromeOS
Answer: A C E
Explanation
http://www.cisco.com/c/en/us/products/security/fireamp-endpoints/index.html
Q15. Access the configuration of the Cisco Email Security Appliance using the MailFlowPolicies tab. Within the GUI, you can navigate between the Host Access Table Overview and Mail Flow Policies tables. You can also navigate to the individual Mail Flow Policies and Sender Groups that are configured on the appliance.
Consider the configuration and the SenderBase Reputation Scores of the following fictitious domains when answering the four multiple choice questions.
A. red.public, -6
B. orange.public, -4
C. yellow.public, -2
D. green. .public, 2
E. blue.public, 6
F. violet.public, 8
Answer: D
Q16. With Firepower Threat Defense, which two interface settings are required when configuring a routed interface? (Choose two.)
A. Speed
B. Duplex
C. Media Type
D. Redundant Interface
E. EtherChannel
Answer: A B
Q17. With Cisco AMP for Endpoints, which option shows a list of all files that have been executed in your environment?
A. vulnerable software
B. file analysis
C. detections
D. prevalence
E. threat root cause
Answer: C
Q18. In which two places can thresholding settings be configured? (Choose two.)
A. globally, per intrusion policy
B. globally, within the network analysis policy
C. on each access control rule
D. on each IPS rule
E. per preprocessor, within the network analysis policy
Answer: C D
Q19. Which piece of information is required to perform a policy trace for the Cisco WSA?
A. the destination IP address of the trace
B. the source IP address of the trace
C. the URL to trace
D. authentication credentials to make the request
Answer: C
Q20. Which object can be used on a Cisco FirePOWER appliance, but not in an access control policy rule on Cisco FirePOWER services running on a Cisco ASA?
A. URL
B. security intelligence
C. VLAN
D. geolocation
Answer: C
Q21. Which Cisco Web Security Appliance feature enables the appliance to block suspicious traffic on all of its ports and IP addresses?
A. explicit forward mode
B. Layer 4 Traffic Monitor
C. transparent mode
D. Secure Web Proxy
Answer: B
Q22. A system administrator wants to know if the email traffic from a remote partner will active special treatment message filters that are created just for them. Which tool on the Cisco Email Security gateway can you use to debug and emulate the flow that a message takes through the work queue?
A. the trace tool
B. centralized or local message tracking
C. the CLI findevent command
D. the CLI grep command
E. the message tracker interface
Answer: A
Q23. Which three access control actions permit traffic to pass through the device when using Cisco FirePOWER? (Choose three.)
A. pass
B. trust
C. monitor
D. allow
E. permit
F. inspect
Answer: B C D
Explanation
http://www.cisco.com/c/en/us/td/docs/security/firesight/541/user-guide/FireSIGHT-System-UserGuide-v5401/A
Q24. Which option lists the minimum requirements to deploy a managed device inline?
A. passive interface, security zone, MTU, and link mode.
B. passive interface, MTU, MDI/MDIX, and link mode.
C. inline interfaces, MTU, MDI/MDIX, and link mode.
D. inline interfaces, security zones, MTU, and link mode.
Answer: A
Q25. Which type of server is required to communicate with a third-party DLP solution?
A. an ICAP-capable proxy server
B. a PKI certificate server
C. an HTTP server
D. an HTTPS server
Answer: A
Q26. In WSA , which two pieces of information are required to implement transparent user identification using Context Directory Agent? (Choose two.)
A. the server name where Context Directory Agent is installed
B. the server name of the global catalog domain controller
C. the backup Context Directory Agent
D. the shared secret
E. the syslog server IP address
Answer: A E
Q27. A system administrator wants to know if the email traffic from a remote partner will active special treatment message filters that are created just for them. Which tool on the Cisco Email Security gateway can you use to debug and emulate the flow that a message takes through the work queue?
A. the trace tool
B. centralized or local message tracking
C. the CLI findevent command
D. the CLI grep command
E. the message tracker interface
Answer: A
Q28. Which Cisco AMP for Endpoints, what, is meant by simple custom detection?
A. It is a rule for identifying a file that should be whitelisted by Cisco AMP.
B. It is a method for identifying and quarantining a specific file by its SHA-256 hash.
C. It is a feature for configuring a personal firewall.
D. It is a method for identifying and quarantining a set of files by regular expression language.
Answer: A