Questions And Answers PDF
Cisco 300-206 Implementing Cisco Edge Network Security Solutions (SENSS)
Version: DEMO
http://www.TestWarrior.com/300-206-practice-exam.html
FOR 300-206 Candidates: We offer Two Products: 1st - We have Practice Tests Software with Actual Exam Questions 2nd - Questions and Answers in PDF Format. Try a Free DEMO of these Exam Products via below Link:
http://www.TestWarrior.com/300-206-practice-exam.html
TestWarrior.com
1
Questions And Answers PDF
Version: 10.0 Question 1 All 30 users on a single foor of a building are complaining about network slowness. Afer investgatng the access switch, the network administrator notces that the MAC address table is full (10,000 entries) and all trafc is being fooded out of every port. Which acton can the administrator take to prevent this from occurring? A. Confgure port-security to limit the number of mac-addresses allowed on each port B. Upgrade the switch to one that can handle 20,000 entries C. Confgure private-vlans to prevent hosts from communicatng with one another D. Enable storm-control to limit the trafc rate E. Confgure a VACL to block all IP trafc except trafc to and from that subnet
Aoswern A Question 2 A network printer has a DHCP server service that cannot be disabled. How can a layer 2 switch be confgured to prevent the printer from causing network issues? A. Remove the ip helper-address B. Confgure a Port-ACL to block outbound TCP port 68 C. Confgure DHCP snooping D. Confgure port-security
Aoswern C Question 3 A switch is being confgured at a new locaton that uses statcally assigned IP addresses. Which will ensure that ARP inspecton works as expected? A. Confgure the 'no-dhcp' keyword at the end of the ip arp inspecton command B. Enable statc arp inspecton using the command 'ip arp inspecton statc vlan vlan-number C. Confgure an arp access-list and apply it to the ip arp inspecton command D. Enable port security
Aoswern C Question 4 Which of the following would need to be created to confgure an applicaton-layer inspecton of SMTP trafc operatng on port 2525? A. A class-map that matches port 2525 and applying an inspect ESMTP policy-map for that class in
TestWarrior.com
2
Questions And Answers PDF
the global inspecton policy B. A policy-map that matches port 2525 and applying an inspect ESMTP class-map for that policy C. An access-list that matches on TCP port 2525 trafc and applying it on an interface with the inspect opton D. A class-map that matches port 2525 and applying it on an access-list using the inspect opton
Aoswern A Question 5 Which command is used to nest objects in a pre-existng group? A. object-group B. network group-object C. object-group network D. group-object
Aoswern D Question 6 Which threat-detecton feature is used to keep track of suspected atackers who create connectons to too many hosts or ports? A. complex threat detecton B. scanning threat detecton C. basic threat detecton D. advanced threat detecton
Aoswern B Question 7 What is the default behavior of an access list on the Cisco ASA security appliance? A. It will permit or deny trafc based on the access-list criteria. B. It will permit or deny all trafc on a specifed interface. C. An access group must be confgured before the access list will take efect for trafc control. D. It will allow all trafc.
Aoswern C Question 8 What is the default behavior of NAT control on Cisco ASA Sofware Version 8.3? A. NAT control has been deprecated on Cisco ASA Sofware Version 8.3. B. It will prevent trafc from traversing from one enclave to the next without proper access confguraton.
TestWarrior.com
3
Questions And Answers PDF
C. It will allow trafc to traverse from one enclave to the next without proper access confguraton. D. It will deny all trafc.
Aoswern A Question 9 Which three optons are hardening techniques for Cisco IOS routers? (Choose three.) A. limitng access to infrastructure with access control lists B. enabling service password recovery C. using SSH whenever possible D. encryptng the service password E. using Telnet whenever possible F. enabling DHCP snooping
Aoswern A, C, D Question 10 Which three commands can be used to harden a switch? (Choose three.) A. switch(confg-if)# spanning-tree bpduflter enable B. switch(confg)# ip dhcp snooping C. switch(confg)# errdisable recovery interval 900 D. switch(confg-if)# spanning-tree guard root E. switch(confg-if)# spanning-tree bpduguard disable F. switch(confg-if)# no cdp enable
Aoswern B, D, F Question 11 What are three features of the Cisco ASA 1000V? (Choose three.) A. cloning the Cisco ASA 1000V B. dynamic routng C. the Cisco VNMC policy agent D. IPv6 E. actveestandby failover F. QoS
Aoswern A, C, E Question 12 If the Cisco ASA 1000V has too few licenses, what is its behavior? A. It drops all trafc.
TestWarrior.com
4
Questions And Answers PDF
B. It drops all outside-to-inside packets. C. It drops all inside-to-outside packets. D. It passes the frst outside-to-inside packet and drops all remaining packets.
Aoswern D Question 13 A network administrator is creatng an ASA-CX administratve user account with the following parameters: The user will be responsible for confguring security policies on network devices. The user needs read-write access to policies. The account has no more rights than necessary for the job. What role will the administrator assign to the user? A. Administrator B. Security administrator C. System administrator D. Root Administrator E. Exec administrator
Aoswern B Question 14 What command alters the SSL ciphers used by the Cisco Email Security Appliance for TLS sessions and HTTPS access? A. sslconfg B. sslciphers C. tlsconifg D. certconfg
Aoswern A
TestWarrior.com
5
Questions And Answers PDF
Thank You for Trying Our Product Visit Our Site to Purchase the Full Set of Actual 300-206 Exam Questions With Answers.
http://www.TestWarrior.com/300-206-practice-exam.html We Also Provide Practice Exam Software That Simulates Real Exam Environment And Has Many Self-Assessment Features. Download Free Product Demo From:
Download Free Product Demo from: http://www.TestWarrior.com/300-206-practice-exam.html
Check Out Our Customer Testimonials
TestWarrior.com
6