Exam Code: 300-206 (Practice Exam Latest Test Questions VCE PDF)
Exam Name: Implementing Cisco Edge Network Security Solutions
Certification Provider: Cisco
Free Today! Guaranteed Training- Pass 300-206 Exam.
♥♥ 2017 NEW RECOMMEND ♥♥
Free VCE & PDF File for Cisco 300-206 Real Exam
★ Pass on Your First TRY ★ 100% Money Back Guarantee ★ Realistic Practice Exam Questions
2017 Mar 300-206 Study Guide Questions:
Q61. What are two security features at the access port level that can help mitigate Layer 2 attacks? (Choose two.)
A. DHCP snooping
B. IP Source Guard
D. Secure Shell
Q62. What are three attributes that can be applied to a user account with RBAC? (Choose three.)
C. ACE tag
D. user roles
E. VDC group tag
F. expiry date
Q63. Which statement about Dynamic ARP Inspection is true ?
A. In a typical network, you make all ports as trusted expect for the ports connection to switches , which are untrusted
B. DAI associates a trust state with each switch
C. DAI determines the validity of an ARP packet based on valid IP to MAC address binding from the DHCP snooping database
D. DAI intercepts all ARP requests and responses on trusted ports only
E. DAI cannot drop invalid ARP packets
Regenerate 300-206 exam prep:
Q64. Which command tests authentication with SSH and shows a generated key?
A. show key mypubkey rsa
B. show crypto key mypubkey rsa
C. show crypto key
D. show key mypubkey
Q65. Which log level provides the most detail on the Cisco Web Security Appliance?
Q66. Which set of commands creates a message list that includes all severity 2 (critical) messages on a Cisco security device?
A. logging list critical_messages level 2
console logging critical_messages
B. logging list critical_messages level 2
logging console critical_messages
C. logging list critical_messages level 2
logging console enable critical_messages
D. logging list enable critical_messages level 2
console logging critical_messages
Exact 300-206 questions pool:
Q67. According to the logging configuration on the Cisco ASA, what will happen if syslog server 10.10.2.40 fails?
A. New connections through the ASA will be blocked and debug system logs will be sent to the internal buffer.
B. New connections through the ASA will be blocked and informational system logs will be sent to the internal buffer.
C. New connections through the ASA will be blocked and system logs will be sent to server 10.10.2.41.
D. New connections through the ASA will be allowed and system logs will be sent to server 10.10.2.41.
E. New connections through the ASA will be allowed and informational system logs will be sent to the internal buffer.
F. New connections through the ASA will be allowed and debug system logs will be sent to the internal buffer.
This is shown by the following screen shot:
\\\\psf\\Home\\Desktop\\Screen Shot 2015-06-17 at 5.26.32 PM.png
Q68. hich command is the first that you enter to check whether or not ASDM is installed on the ASA?
A. Show ip
B. Show running-config asdm
C. Show running-config boot
D. Show version
E. Show route
Q69. What are three ways to add devices in Cisco Prime Infrastructure? (Choose three.)
A. Use an automated process.
B. Import devices from a CSV file.
C. Add devices manually.
D. Use RADIUS.
E. Use the Access Control Server.
F. Use Cisco Security Manager.
Q70. Which two options are purposes of the packet-tracer command? (Choose two.)
A. to filter and monitor ingress traffic to a switch
B. to configure an interface-specific packet trace
C. to simulate network traffic through a data path
D. to debug packet drops in a production network
E. to automatically correct an ACL entry in an ASA