Cisco Official News: Cisco 300-206 Exam Questions has already been updated recently! Braindump2go Provide you the Latest 300-206 Exam Dumps: 300-206 PDF and 300-206 VCE! Braindump2go helps you keep in step with Cisco Official Exam Center!
Exam Code: 300-206
Exam Name: Implementing Cisco Edge Network Security Solutions
Keywords: 300-206 Exam Dumps,300-206 Practice Tests,300-206 Practice Exams,300-206 Exam Questions,300-206 PDF,300-206 VCE Free,300-206 Book,300-206 E-Book,300-206 Study Guide,300-206 Braindump,300-206 Prep Guide
An administrator installed a Cisco ASA that runs version 9.1. You are asked to configure the firewall through Cisco ASDM.
When you attempt to connect to a Cisco ASA with a default configuration, which username and password grants you full access?
A. admin / admin
B. asaAdmin / (no password)
C. It is not possible to use Cisco ASDM until a username and password are created via the username usernamepassword password CLI command.
D. enable_15 / (no password)
E. cisco / cisco
Which three options are default settings for NTP parameters on a Cisco ASA? (Choose three.)
A. NTP authentication is enabled.
B. NTP authentication is disabled.
C. NTP logging is enabled.
D. NTP logging is disabled.
E. NTP traffic is not restricted.
F. NTP traffic is restricted.
Which two options are purposes of the packet-tracer command? (Choose two.)
A. to filter and monitor ingress traffic to a switch
B. to configure an interface-specific packet trace
C. to simulate network traffic through a data path
D. to debug packet drops in a production network
E. to automatically correct an ACL entry in an ASA
Refer to the exhibit. Server A is a busy server that offers these services:
– World Wide Web
Which command captures http traffic from Host A to Server A?
A. capture traffic match udp host 10.1.1.150 host 10.2.2.100
B. capture traffic match 80 host 10.1.1.150 host 10.2.2.100
C. capture traffic match ip 10.2.2.0 255.255.255.192 host 10.1.1.150
D. capture traffic match tcp host 10.1.1.150 host 10.2.2.100
E. capture traffic match tcp host 10.2.2.100 host 10.1.1.150 eq 80
Your company is replacing a high-availability pair of Cisco ASA 5550 firewalls with the newer Cisco ASA 5555-X models. Due to budget constraints, one Cisco ASA 5550 will be replaced at a time.
Which statement about the minimum requirements to set up stateful failover between these two firewalls is true?
A. You must install the USB failover cable between the two Cisco ASAs and provide a 1 Gigabit Ethernet interface for state exchange.
B. It is not possible to use failover between different Cisco ASA models.
C. You must have at least 1 Gigabit Ethernet interface between the two Cisco ASAs for state exchange.
D. You must use two dedicated interfaces. One link is dedicated to state exchange and the other link is for heartbeats.
In which two modes is zone-based firewall high availability available? (Choose two.)
A. IPv4 only
B. IPv6 only
C. IPv4 and IPv6
D. routed mode only
E. transparent mode only
F. both transparent and routed modes
You are the administrator of a multicontext transparent-mode Cisco ASA that uses a shared interface that belongs to more than one context. Because the same interface will be used within all three contexts, which statement describes how you will ensure that return traffic will reach the correct context?
A. Interfaces may not be shared between contexts in routed mode.
B. Configure a unique MAC address per context with the no mac-address auto command.
C. Configure a unique MAC address per context with the mac-address auto command.
D. Use static routes on the Cisco ASA to ensure that traffic reaches the correct context.
A rogue device has connected to the network and has become the STP root bridge, which has caused a network availability issue.
Which two commands can protect against this problem? (Choose two.)
A. switch(config)#spanning-tree portfast bpduguard default
B. switch(config)#spanning-tree portfast bpdufilter default
C. switch(config-if)#spanning-tree portfast
D. switch(config-if)#spanning-tree portfast disable
E. switch(config-if)#switchport port-security violation protect
F. switch(config-if)#spanning-tree port-priority 0
According to Cisco best practices, which two interface configuration commands help prevent VLAN hopping attacks? (Choose two.)
A. switchport mode access
B. switchport access vlan 2
C. switchport mode trunk
D. switchport access vlan 1
E. switchport trunk native vlan 1
F. switchport protected
When it is configured in accordance to Cisco best practices, the switchport port-security maximum command can mitigate which two types of Layer 2 attacks? (Choose two.)
A. rogue DHCP servers
B. ARP attacks
C. DHCP starvation
D. MAC spoofing
E. CAM attacks
F. IP spoofing
Braindump2go New Published Exam Dumps: Cisco 300-206 Practice Tests Questions, 184 Latest Questions and Answers from Official Exam Centre Guarantee You a 100% Pass! Free Download Instantly!