An Expert interview about 300-206 senss cbt

Exam Code: 300-206 (Practice Exam Latest Test Questions VCE PDF)
Exam Name: Implementing Cisco Edge Network Security Solutions
Certification Provider: Cisco
Free Today! Guaranteed Training- Pass 300-206 Exam.

2016 Jun 300-206 Study Guide Questions:

Q91. Which of the following would need to be created to configure an application-layer inspection of SMTP traffic operating on port 2525? 

A. A class-map that matches port 2525 and applying an inspect ESMTP policy-map for that class in the global inspection policy 

B. A policy-map that matches port 2525 and applying an inspect ESMTP class-map for that policy 

C. An access-list that matches on TCP port 2525 traffic and applying it on an interface with the inspect option 

D. A class-map that matches port 2525 and applying it on an access-list using the inspect option 

Answer: A 

Q92. What are two primary purposes of Layer 2 detection in Cisco IPS networks? (Choose two.) 

A. identifying Layer 2 ARP attacks 

B. detecting spoofed MAC addresses and tracking 802.1X actions and data communication after a successful client association 

C. detecting and preventing MAC address spoofing in switched environments 

D. mitigating man-in-the-middle attacks 

Answer: A,D 

Q93. Refer to the exhibit. 

Which two statements about this firewall output are true? (Choose two.) 

A. The output is from a packet tracer debug. 

B. All packets are allowed to 

C. All packets are allowed to 

D. All packets are denied. 

E. The output is from a debug all command. 

Answer: A,C 

300-206  exam fees

Renew 300-206 dumps pdf:

Q94. To which interface on a Cisco ASA 1000V firewall should a security profile be applied when a VM sits behind it? 

A. outside 

B. inside 

C. management 


Answer: B 

Q95. You have explicitly added the line deny ipv6 any log to the end of an IPv6 ACL on a router interface. Which two ICMPv6 packet types must you explicitly allow to enable traffic to traverse the interface? (Choose two.) 

A. router solicitation 

B. router advertisement 

C. neighbor solicitation 

D. neighbor advertisement 

E. redirect 

Answer: C,D 

Q96. What are two enhancements of SSHv2 over SSHv1? (Choose two.) 

A. VRF-aware SSH support 

B. DH group exchange support 

C. RSA support 

D. keyboard-interactive authentication 

E. SHA support 

Answer: A,B 

300-206  exam fees

Pinpoint pass4sure 300-206:

Q97. How much storage is allotted to maintain system,configuration , and image files on the Cisco ASA 1000V during OVF template file deployment? 

A. 1GB 

B. 5GB 

C. 2GB 

D. 10GB 

Answer: C 

Q98. Which command is used to disable Cisco Discovery Protocol globally on a router? 

A. Cdp disable 

B. No cdp enable 

C. No cdp 

D. No cdp run 

Answer: D 

Q99. How many bridge groups are supported on a firewall that operate in transparent mode? 

A. 8 

B. 16 

C. 10 

D. 6 

Answer: A 

Q100. Which configuration keyword will configure SNMPv3 with authentication but no encryption? 

A. Auth 

B. Priv 

C. No auth 

D. Auth priv 

Answer: A 

About 300-206 Information: 300-206 Dumps