300-206 Premium Bundle

300-206 Premium Bundle

Implementing Cisco Edge Network Security Solutions Certification Exam

4.5 
(24375 ratings)
0 QuestionsPractice Tests
0 PDFPrint version
November 23, 2024Last update

Introducing The New!

Surepassexam Collection

Get Unlimited Access to all
Surepassexam's PREMIUM files

DOWNLOAD NOW
Download Quality. Itexamlabs.com Certified
  1. Home
  2. Cisco
  3. 300-206 Exam

Cisco 300-206 Free Practice Questions

Q1. What are two reasons to implement Cisco IOS MPLS Bandwidth-Assured Layer 2 Services? (Choose two.) 

A. guaranteed bandwidth and peak rates as well as low cycle periods, regardless of which systems access the device 

B. increased resiliency through MPLS FRR for AToM circuits and better bandwidth utilization through MPLS TE 

C. enabled services over an IP/MPLS infrastructure, for enhanced MPLS Layer 2 functionality 

D. provided complete proactive protection against frame and device spoofing 

Answer: B,C 

Q2. IPv6 addresses in an organization's network are assigned using Stateless Address Autoconfiguration. What is a security concern of using SLAAC for IPv6 address assignment? 

A. Man-In-The-Middle attacks or traffic interception using spoofed IPv6 Router Advertisements 

B. Smurf or amplification attacks using spoofed IPv6 ICMP Neighbor Solicitations 

C. Denial of service attacks using TCP SYN floods 

D. Denial of Service attacks using spoofed IPv6 Router Solicitations 

Answer:

Q3. Refer to the exhibit. Which command can produce this packet tracer output on a firewall? 

A. packet-tracer input INSIDE tcp 192.168.1.100 88 192.168.2.200 3028 

B. packet-tracer output INSIDE tcp 192.168.1.100 88 192.168.2.200 3028 

C. packet-tracer input INSIDE tcp 192.168.2.200 3028 192.168.1.100 88 

D. packet-tracer output INSIDE tcp 192.168.2.200 3028 192.168.1.100 88 

Answer:

Q4. Which command enables the HTTP server daemon for Cisco ASDM access? 

A. http server enable 

B. http server enable 443 

C. crypto key generate rsa modulus 1024 

D. no http server enable 

Answer:

Q5. If you encounter problems logging in to the Cisco Security Manager 4.4 web server or client or backing up its databases, which account has most likely been improperly modified? 

A. admin (the default administrator account) 

B. casuser (the default service account) 

C. guest (the default guest account) 

D. user (the default user account) 

Answer:

Q6. To which port does a firewall send secure logging messages? 

A. TCP/1500 

B. UDP/1500 

C. TCP/500 

D. UDP/500 

Answer:

Q7. A switch is being configured at a new location that uses statically assigned IP addresses. Which will ensure that ARP inspection works as expected? 

A. Configure the 'no-dhcp' keyword at the end of the ip arp inspection command 

B. Enable static arp inspection using the command 'ip arp inspection static vlan vlan-number 

C. Configure an arp access-list and apply it to the ip arp inspection command 

D. Enable port security 

Answer:

Q8. In a Cisco ASAv failover deployment, which interface is preconfigured as the failover interface? 

A. GigabitEthernet0/2 

B. GigabitEthernet0/4 

C. GigabitEthernet0/6 

D. GigabitEthernet0/8 

Answer:

Q9. Which three statements about transparent firewall are true? ( Choose three) 

A. It does not support any type of VPN. 

B. Both interfaces must be configured with private IP addresses. 

C. It can have only a management IP address. 

D. It does not support dynamic routing protocols. 

E. It only supports PAT. 

F. Transparent firewall works at Layer 2. 

Answer: C,D,F 

Q10. Which set of commands creates a message list that includes all severity 2 (critical) messages on a Cisco security device? 

A. logging list critical_messages level 2 

console logging critical_messages 

B. logging list critical_messages level 2 

logging console critical_messages 

C. logging list critical_messages level 2 

logging console enable critical_messages 

D. logging list enable critical_messages level 2 

console logging critical_messages 

Answer:

Q11. A network administrator is creating an ASA-CX administrative user account with the following parameters: 

The user will be responsible for configuring security policies on network devices. 

The user needs read-write access to policies. 

The account has no more rights than necessary for the job. 

What role will the administrator assign to the user? 

A. Administrator 

B. Security administrator 

C. System administrator 

D. Root Administrator 

E. Exec administrator 

Answer:

Q12. Which cloud characteristic is used to describe the sharing of physical resources 

between various entities? 

A. Multitenancy 

B. Ubiquitous access 

C. Elasticity 

D. Resiliency 

Answer:

Q13. Which feature can suppress packet flooding in a network? 

A. PortFast 

B. BPDU guard 

C. Dynamic ARP Inspection 

D. storm control 

Answer:

Q14. Which statement describes the correct steps to enable Botnet Traffic Filtering on a Cisco ASA version 9.0 transparent-mode firewall with an active Botnet Traffic Filtering license? 

A. Enable DNS snooping, traffic classification, and actions. 

B. Botnet Traffic Filtering is not supported in transparent mode. 

C. Enable the use of the dynamic database, enable DNS snooping, traffic classification, and actions. 

D. Enable the use of dynamic database, enable traffic classification and actions. 

Answer:

Q15. Prior to a software upgrade, which Cisco Prime Infrastructure feature determines if 

the devices being upgraded have sufficient RAM to support te new software ? 

A. Software Upgrade Report 

B. Image Management Report 

C. Upgrade Analysis Report 

D. Image Analysis Report 

Answer:

START 300-206 EXAM
© All pages Copyright to 2024 by itexamlabs.com. All rights reserved. testpreplab.com certstest.com