300-206 Exam Details
-
Exam Code
:300-206 -
Exam Name
:Implementing Cisco Edge Network Security Solutions -
Certification
:Cisco Certifications -
Vendor
:Cisco -
Total Questions
:463 Q&As -
Last Updated
:Dec 11, 2021
Cisco 300-206 Online Questions & Answers
-
Question 121:
Which statement about traffic zoning in cisco ASA?
A. you can create a maximum of 512 zones
B. you can add failover interface to zone
C. an interface can be member of more than one zone
D. you can up to eight interface per zone -
Question 122:
Drag and Drop
Drag and drop the function on the left onto the matching packet capture configuration types on th right. Not all options are used.
Select and Place:
-
Question 123:
You configure DHCP snooping in VLAN 10. Which two configuration commands do you implement on the switch to enable Dynamic ARP inspection in VLAN 10?
A. Switch (config)# ip arp inspection
B. Switch (config)# int fa1/010 switch (config-if_# arp inspection untrust
C. Switch (config) # int fa10./10 switch (config)# ip aro inspection trust
D. Switch (config)# ip arp inspection vlan 10
E. Switch (config)# int fa1/10 switch (config-if) ip arp inspection vlan 10 -
Question 124:
With the crypto key generate rsa command, how many bits minimum must the RSA key size be to enable SSH2 on a router?
A. 512 bits
B. 768 bits
C. 1024 bits
D. 2048 bits -
Question 125:
You must restrict the interface on which management traffic can be received by the routers on your network. Which feature do you enable?
A. MPP
B. extended ACL on all of the interfaces
C. CPP with a port filter
D. AAA -
Question 126:
Refer to the exhibit. Which option describes the expected result of the capture ACL?
A. The capture is applied, but we cannot see any packets in the capture
B. The capture does not get applied and we get an error about mixed policy.
C. The capture is applied and we can see the packets in the capture
D. The capture is not applied because we must have a host IP as the source -
Question 127:
What are two reasons to implement Cisco IOS MPLS Bandwidth-Assured Layer 2 Services? (Choose two.)
A. guaranteed bandwidth and peak rates as well as low cycle periods, regardless of which systems access the device
B. increased resiliency through MPLS FRR for AToM circuits and better bandwidth utilization through MPLS TE
C. enabled services over an IP/MPLS infrastructure, for enhanced MPLS Layer 2 functionality
D. provided complete proactive protection against frame and device spoofing -
Question 128:
What does BTF do when it receives a DNS reply from a domain?
A. It checks the domain against its BTF database
B. It queries a BTF server
C. It drops DNS reply
D. It verifies DNS reply using its own DNS server -
Question 129:
A network administrator is creating an ASA-CX administrative user account with the following parameters:
-The user will be responsible for configuring security policies on networkdevices.
-The user needs read-write access to policies.
-The account has no more rights than necessary for the job.
What role will be assigned to the user?
A. Administrator
B. Security administrator
C. System administrator
D. Root Administrator
E. Exec administrator -
Question 130:
Refer to the Following.
NTP authentication-key 10 md5 cisco123
ntp trusted-key 10
A network engineer is testing NTP authentication, and realizes that any device can synchronize time with this router and that NTP authentication is not enforced. Which option is likely the issue?
A. Only SHA-1 is allowed as a hashing algorithm for NTP authentication.
B. The key must be configured in hashed format, not plain text.
C. NTP authentication needs to be specifically enabled.
D. The router must be rebooted before NTP can update.
Related Exams:
-
300-745
Designing Cisco Security Infrastructure (300-745 SDSI) v1.0 -
350-101
Implementing and Operating Cisco Wireless Core Technologies (350-101 WLCOR)v1.0 -
352-011
Cisco Certified Design Expert Practical -
500-052
Cisco Unified Contact Center Express -
500-173
Designing the FlexPod Solution (FPDESIGN) -
500-201
Deploying Cisco Service Provider Mobile Backhaul Solutions -
500-210
SP Optical Technology Field Engineer Representative -
500-220
Engineering Cisco Meraki Solutions (ECMS) v2.2 -
500-230
Cisco Service Provider Routing Field Engineer -
500-240
Cisco Mobile Backhaul for Field Engineers
Tips on How to Prepare for the Exams
Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only Cisco exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your 300-206 exam preparations and Cisco certification application, do not hesitate to visit our Vcedump.com to find your solutions here.