Cisco 300-206 Online Practice Questions and Exam Preparation

Cisco 300-206 Online Questions & Answers

• Question 91:

  Which command enables uRPF on ASA interface?

  A. ip protection source
  B. ip source guard enable
  C. ip reverse-path verify reachable-via any
  D. ip verify unicast source reachable-via interface_name
  E. ip verify reverse-path interface interface_name
  E. ip verify reverse-path interface interface_name

• Question 92:

  When a Cisco ASA is configured in transparent mode, how can ARP traffic be controlled?

  A. By enabling ARP inspection; however, it cannot be controlled by an ACL
  B. By enabling ARP inspection or by configuring ACLs
  C. By configuring ACLs; however, ARP inspection is not supported
  D. By configuring NAT and ARP inspection
  A. By enabling ARP inspection; however, it cannot be controlled by an ACL

• Question 93:

  Which option must be configured on a transparent Cisco ASA adaptive security appliance for it to be managed over Layer 3 networks?

  A. Static routes
  B. Routed interface
  C. Security context
  D. BVI
  D. BVI

• Question 94:

  Which two are main functions for application inspection on the ASA?

  A. When services are operating on nonstandard ports, the application inspection identifies the nonstandard port and allows the service to run normally.
  B. When services are load balancing, the application inspection ensures that connections are load balanced across the servers equally.
  C. When services embed IP addresses in the packet, the application inspection translates embedded addresses and updates the checksum.
  D. When services use dynamically assigned ports, the application inspection identifies dynamic ports and permits data on these ports.
  E. When services need IP options to function, the application inspection keeps IP options during the packet transition through the appliance.
  C. When services embed IP addresses in the packet, the application inspection translates embedded addresses and updates the checksum.
  D. When services use dynamically assigned ports, the application inspection identifies dynamic ports and permits data on these ports.

• Question 95:

  Refer to the exhibit. What is the effect of this firewall configuration?

  

  A. It controls IP traffic is sourced from the OUTSIDE interface.
  B. It controls IPsec packets that terminate at the firewall.
  C. It controls IP traffic to the OUTSIDE interface.
  D. It controls IPsec packets that are sourced from the firewall.
  C. It controls IP traffic to the OUTSIDE interface.

• Question 96:

  Which four are IPv6 First Hop Security technologies? (Choose four.)

  A. Send
  B. Dynamic ARP Inspection
  C. Router Advertisement Guard D. Neighbor Discovery Inspection
  E. Traffic Storm Control
  F. Port Security
  G. DHCPv6 Guard
  A. Send
  C. Router Advertisement Guard D. Neighbor Discovery Inspection
  G. DHCPv6 Guard

• Question 97:

  A web server has been configured to operate on port 1521. The web server traffic is passing through an ASA with default application inspection configured. Which application inspection affects the web server traffic?

  A. HTTP
  B. MSCP
  C. HTTPS
  D. SQL *Net
  D. SQL *Net

• Question 98:

  What command alters the SSL ciphers used by the Cisco Email Security Appliance for TLS sessions and HTTPS access?

  A. sslconfig
  B. sslciphers
  C. tlsconifg
  D. certconfig
  A. sslconfig

• Question 99:

  An engineer is asked to configure SNMP Version 3 with authentication and encryption of each SNMP packet. Which SNMP V3 mode must be configured to meet that requirement?

  A. priv
  B. auth
  C. pub
  D. encr
  B. auth

• Question 100:

  Drag and Drop

  An engineer must create an SSHv2 configuration for a remote user with a key size of 2048 on the inside network of 192.168.0.0/19 with a fully qualified domain name. Drag and drop the Cisco ASA commands on the left onto the matching function on the right.

  Select and Place: