Get all latest (August) Cisco 300-206 Actual Test 71-80

Ensurepass

 

QUESTION 71

Which feature can suppress packet flooding in a network?

 

A.

PortFast

B.

BPDU guard

C.

Dynamic ARP Inspection

D.

storm control

 

Correct Answer: D

QUESTION 72

In a Cisco ASAv failover deployment, which interface is preconfigured as the failover interface?

 

A.

GigabitEthernet0/2

B.

GigabitEthernet0/4

C.

GigabitEthernet0/6

D.

GigabitEthernet0/8

 

Correct Answer: D

 

 

QUESTION 73

What are the three types of private VLAN ports? (Choose three.)

 

A.

promiscuous

B.

isolated

C.

community

D.

primary

E.

secondary

F.

trunk

 

Correct Answer: ABC

 

 

QUESTION 74

You are configuring a Cisco IOS Firewall on a WAN router that is operating as a Trusted Relay Point (TRP) in a voice network. Which feature must you configure to open data- channel pinholes for voice packets that are sourced from a TRP within the WAN?

 

A.

CAC

B.

ACL

C.

CBAC

D.

STUN

 

Correct Answer: D

 

 

QUESTION 75

clip_image001

clip_image003

clip_image005

 

Which statement about how the Cisco ASA supports SNMP is true?

 

A.

All SNMFV3 traffic on the inside interface will be denied by the global ACL

B.

The Cisco ASA and ASASM provide support for network monitoring using SNMP Versions 1,2c, and 3, but do not support the use of all three versions simultaneously.

C.

The Cisco ASA and ASASM have an SNMP agent that notifies designated management ,. stations if events occur that are predefined to require a notification, for example, when a link in the network goes up or down.

D.

SNMPv3 is enabled by default and SNMP v1 and 2c are disabled by default.

E.

SNMPv3 is more secure because it uses SSH as the transport mechanism.

 

Correct Answer: C

Explanation:

This can be verified by this ASDM screen shot:

 

clip_image007

 

 

QUESTION 76

What command alters the SSL ciphers used by the Cisco Email Security Appliance for TLS sessions and HTTPS access?

 

A.

sslconfig

B.

sslciphers

C.

tlsconifg

D.

certconfig

 

Correct Answer: A

 

 

QUESTION 77

Which security operations management best practice should be followed to enable appropriate network access for administrators?

 

A.

Provide full network access from dedicated network administration systems

B.

Configure the same management account on every network device

C.

Dedicate a separate physical or logical plane for management traffic

D.

Configure switches as terminal servers for secure device access

 

Correct Answer: C

 

 

 

 

 

QUESTION 78

Which command configures the SNMP server group1 to enable authentication for members of the access list east?

 

A.

snmp-server group group1 v3 auth access east

B.

snmp-server group1 v3 auth access east

C.

snmp-server group group1 v3 east

D.

snmp-server group1 v3 east access

 

Correct Answer: A

 

 

QUESTION 79

Which statement about the Cisco Security Manager 4.4 NAT Rediscovery feature is true?

 

A.

It provides NAT policies to existing clients that connect from a new switch port.

B.

It can update shared policies even when the NAT server is offline.

C.

It enables NAT policy discovery as it updates shared polices.

D.

It enables NAT policy rediscovery while leaving existing shared polices unchanged.

 

Correct Answer: D

 

 

QUESTION 80

Which three options are default settings for NTP parameters on a Cisco device? (Choose three.)

 

A.

NTP authentication is enabled.

B.

NTP authentication is disabled.

C.

NTP logging is enabled.

D.

NTP logging is disabled.

E.

NTP access is enabled.

F.

NTP access is disabled.

 

Correct Answer: BDE

 

Free VCE & PDF File for Cisco 300-206 Real Exam

Instant Access to Free VCE Files: CCNA | CCNP | CCIE …
Instant Access to Free PDF Files: CCNA | CCNP | CCIE …

This entry was posted in Uncategorized by admin. Bookmark the permalink.

Comments are closed.