300-206 Questions Free - Real Exam Questions

Practice Our 300-206 Questions Free Exam Questions and Pass Your Exam Easily.


300-206 Questions Free

Preparing Cisco 300-206 exam is not difficult now. You can prepare from Cisco Books or 300-206 dumps. Here we have mentioned some sample questions. You can use our free 300-206 study material notes for test preparation. Latest 300-206 questions available.

Implementing Cisco Edge Network Security Solutions

Exam Number 300-206 SENSS 

Associated Certifications:
CCNP Security

Duration: 90 minutes (65 - 75 questions)
Available Languages: English


Register Pearson VUE



Exam Topics:


25% 2.0 Cisco Security Devices GUIs and Secured
CLI Management
12% 3.0 Management Services on Cisco
Devices
10% 4.0 Troubleshooting, Monitoring and Reporting
Tools
16% 5.0 Threat Defense Architectures
12% 6.0 Security Components and Considerations
25% 1.0 Threat Defense


View Exam Detail

300-206 Dumps


Which two features are supported when configuring clustering of multiple Cisco ASA appliances? (Choose two.)

A. NAT
B. dynamic routing
C. SSL remote access VPN
D. IPSec remote access VPN

Answer: A,B


Which two parameters must be configured before you enable SCP on a router? (Choose two.)

A. SSH
B. authorization
C. ACLs
D. NTP
E. TACACS+

Answer: A,B


When a Cisco ASA is configured in multiple context mode, within which configuration are the interfaces allocated to the security contexts?

A. each security context
B. system configuration
C. admin context (context with the “admin” role)
D. context startup configuration file (.cfg file)

Answer: B


Which three configurations are needed to enable SNMPv3 support on the Cisco ASA? (Choose three.)

A. SNMPv3 Local EngineID
B. SNMPv3 Remote EngineID
C. SNMP Users
D. SNMP Groups
E. SNMP Community Strings
F. SNMP Hosts

Answer: C,D,F


What are three features of the Cisco ASA 1000V? (Choose three.)

A. cloning the Cisco ASA 1000V
B. dynamic routing
C. the Cisco VNMC policy agent
D. IPv6
E. active/standby failover
F. QoS

Answer: A,C,E


You have explicitly added the line deny ipv6 any log to the end of an IPv6 ACL on a router interface. Which two ICMPv6 packet types must you explicitly allow to enable traffic to traverse the interface? (Choose two.)

A. router solicitation
B. router advertisement
C. neighbor solicitation
D. neighbor advertisement
E. redirect

Answer: CD


A network printer has a DHCP server service that cannot be disabled. How can a layer 2 switch be configured to prevent the printer from causing network issues?

A. Remove the ip helper-address
B. Configure a Port-ACL to block outbound TCP port 68
C. Configure DHCP snooping
D. Configure port-security

Answer: C 


All 30 users on a single floor of a building are complaining about network slowness. After investigating the access switch, the network administrator notices that the MAC address table is full (10,000 entries) and all traffic is being flooded out of every port. Which action can the administrator take to prevent this from occurring?

A. Configure port-security to limit the number of mac-addresses allowed on each port
B. Upgrade the switch to one that can handle 20,000 entries
C. Configure private-vlans to prevent hosts from communicating with one another
D. Enable storm-control to limit the traffic rate
E. Configure a VACL to block all IP traffic except traffic to and from that subnet

Answer: A


All 30 users on a single floor of a building are complaining about network slowness. After investigating the access switch, the network administrator notices that the MAC address table is full (10,000 entries) and all traffic is being flooded out of every port. Which action can the administrator take to prevent this from occurring?

A. Configure port-security to limit the number of mac-addresses allowed on each port

B. Upgrade the switch to one that can handle 20,000 entries

C. Configure private-vlans to prevent hosts from communicating with one another

D. Enable storm-control to limit the traffic rate

E. Configure a VACL to block all IP traffic except traffic to and from that subnet

Answer: A


IPv6 addresses in an organization’s network are assigned using Stateless Address Autoconfiguration. What is a security concern of using SLAAC for IPv6 address assignment?

A. Man-In-The-Middle attacks or traffic interception using spoofed IPv6 Router Advertisements

B. Smurf or amplification attacks using spoofed IPv6 ICMP Neighbor Solicitations

C. Denial of service attacks using TCP SYN floods

D. Denial of Service attacks using spoofed IPv6 Router Solicitations

Answer: A


page 1 from 2 next page »

Category