300-206 Premium Bundle

300-206 Premium Bundle

Implementing Cisco Edge Network Security Solutions Certification Exam

4.5 
(36915 ratings)
0 QuestionsPractice Tests
0 PDFPrint version
November 21, 2024Last update

Introducing The New!

Surepassexam Collection

Get Unlimited Access to all
Surepassexam's PREMIUM files

DOWNLOAD NOW
Download Quality. Itexamlabs.com Certified
  1. Home
  2. Cisco
  3. 300-206 Exam

Cisco 300-206 Free Practice Questions

Q1. How much storage is allotted to maintain system,configuration , and image files on the Cisco ASA 1000V during OVF template file deployment? 

A. 1GB 

B. 5GB 

C. 2GB 

D. 10GB 

Answer:

Q2. Which four are IPv6 First Hop Security technologies? (Choose four.) 

A. Send 

B. Dynamic ARP Inspection 

C. Router Advertisement Guard 

D. Neighbor Discovery Inspection 

E. Traffic Storm Control 

F. Port Security 

G. DHCPv6 Guard 

Answer: A,C,D,G 

Q3. Refer to the exhibit. 

This command is used to configure the SNMP server on a Cisco router. Which option is the encryption password for the SNMP server? 

A. Sha 

B. Snmp 

C. Group-1 

D. Snmpv3 

Answer:

Q4. Cisco Security Manager can manage which three products? (Choose three.) 

A. Cisco IOS 

B. Cisco ASA 

C. Cisco IPS 

D. Cisco WLC 

E. Cisco Web Security Appliance 

F. Cisco Email Security Appliance 

G. Cisco ASA CX 

H. Cisco CRS 

Answer: A,B,C 

Q5. Which statement about Cisco Security Manager form factors is true? 

A. Cisco Security Manager Professional and Cisco Security Manager UCS Server Bundles support FWSMs. 

B. Cisco Security Manager Standard and Cisco Security Manager Professional support FWSMs. 

C. Only Cisco Security Manager Professional supports FWSMs. 

D. Only Cisco Security Manager Standard supports FWSMs. 

Answer:

Q6. At which layer does MACsec provide encryption? 

A. Layer 1 

B. Layer 2 

C. Layer 3 

D. Layer 4 

Answer:

Q7. Which feature can suppress packet flooding in a network? 

A. PortFast 

B. BPDU guard 

C. Dynamic ARP Inspection 

D. storm control 

Answer:

Q8. Which two device types can Cisco Prime Security Manager manage in Multiple Device mode? (Choose two.) 

A. Cisco ESA 

B. Cisco ASA 

C. Cisco WSA 

D. Cisco ASA CX 

Answer: B,D 

Q9. Refer to the exhibit. 

To protect Host A and Host B from communicating with each other, which type of PVLAN port should be used for each host? 

A. Host A on a promiscuous port and Host B on a community port 

B. Host A on a community port and Host B on a promiscuous port 

C. Host A on an isolated port and Host B on a promiscuous port 

D. Host A on a promiscuous port and Host B on a promiscuous port 

E. Host A on an isolated port and host B on an isolated port 

F. Host A on a community port and Host B on a community port 

Answer:

Q10. What is the default behavior of NAT control on Cisco ASA Software Version 8.3? 

A. NAT control has been deprecated on Cisco ASA Software Version 8.3. 

B. It will prevent traffic from traversing from one enclave to the next without proper access configuration. 

C. It will allow traffic to traverse from one enclave to the next without proper access configuration. 

D. It will deny all traffic. 

Answer:

Q11. Which two options are protocols and tools that are used by the management plane when discussing Cisco ASA general management plane hardening? ( Choose two ) 

A. Unicast Reverse Path Forwarding 

B. NetFlow 

C. Routing Protocol Authentication 

D. Threat detection 

E. Syslog 

F. ICMP unreachables 

G. Cisco URL Filtering 

Answer: B,E 

Explanation: http://www.cisco.com/web/about/security/intelligence/firewall-best-practices.html 

Q12. Which three options correctly identify the Cisco ASA1000V Cloud Firewall? (Choose three.) 

A. operates at Layer 2 

B. operates at Layer 3 

C. secures tenant edge traffic 

D. secures intraswitch traffic 

E. secures data center edge traffic 

F. replaces Cisco VSG 

G. complements Cisco VSG 

H. requires Cisco VSG 

Answer: B,C,G 

Q13. An administrator installed a Cisco ASA that runs version 9.1. You are asked to configure the firewall through Cisco ASDM. 

When you attempt to connect to a Cisco ASA with a default configuration, which username and password grants you full access? 

A. admin / admin 

B. asaAdmin / (no password) 

C. It is not possible to use Cisco ASDM until a username and password are created via the username usernamepassword password CLI command. 

D. enable_15 / (no password) 

E. cisco / cisco 

Answer:

Q14. If you disable PortFast on switch ports that are connected to a Cisco ASA and globally turn on BPDU filtering, what is the effect on the switch ports? 

A. The switch ports are prevented from going into an err-disable state if a BPDU is received. 

B. The switch ports are prevented from going into an err-disable state if a BPDU is sent. 

C. The switch ports are prevented from going into an err-disable state if a BPDU is received and sent. 

D. The switch ports are prevented from forming a trunk. 

Answer:

Q15. A rogue device has connected to the network and has become the STP root bridge, which has caused a network availability issue. 

Which two commands can protect against this problem? (Choose two.) 

A. switch(config)#spanning-tree portfast bpduguard default 

B. switch(config)#spanning-tree portfast bpdufilter default 

C. switch(config-if)#spanning-tree portfast 

D. switch(config-if)#spanning-tree portfast disable 

E. switch(config-if)#switchport port-security violation protect 

F. switch(config-if)#spanning-tree port-priority 0 

Answer: A,C 

START 300-206 EXAM
© All pages Copyright to 2024 by itexamlabs.com. All rights reserved. testpreplab.com certstest.com