1. Home
  2. Cisco
  3. 300-206

Cisco 300-206 Online Practice Questions and Exam Preparation

300-206 Exam Details

  • Exam Code
    :300-206
  • Exam Name
    :Implementing Cisco Edge Network Security Solutions
  • Certification
    :Cisco Certifications
  • Vendor
    :Cisco
  • Total Questions
    :463 Q&As
  • Last Updated
    :Dec 11, 2021

Cisco 300-206 Online Questions & Answers

  • Question 131:

    An engineer has successfully captured data on an ASA (ip address 10.10.10.1) and wants to download the file to analyze offline. The filename is capin. Which option must the engineer enter to accomplish this task?

    A. https://10.10.10.1/admin/capture/capin
    B. http://10.10.10.1/admin/capture/capin/pcap
    C. https://10.10.10.1/admin/capture/capin/pcap
    D. http://10.10.10.1/admin/capture/capin

  • Question 132:

    Which two features does DNSSEC leverage for proper functionality? (Choose two.)

    A. It uses TCP to ensure reliable delivery.
    B. It uses UDP to reduce the DNS responses time.
    C. It uses EDNS to manage the larger DNS packets it requires.
    D. It uses UDP to minimize packet size.
    E. It uses AD and DO inside UDP to reduce response time.

  • Question 133:

    When configuring security contexts on the Cisco ASA, which three resource class limits can be set using a rate limit? (Choose three.)

    A. address translation rate
    B. Cisco ASDM session rate
    C. connections rate
    D. MAC-address learning rate (when in transparent mode)
    E. syslog messages rate
    F. stateful packet inspections rate

  • Question 134:

    An engineer is adding devices to Cisco prime Infrastructure using Discovery. Which protocol must be used to discover non-Cisco devices?

    A. OSPF
    B. routing table
    C. LLDP
    D. BGP

  • Question 135:

    Which statement about how the Cisco ASA supports SNMP is true?

    A. All SNMFV3 traffic on the inside interface will be denied by the global ACL
    B. The Cisco ASA and ASASM provide support for network monitoring using SNMP Versions 1,2c, and 3, but do not support the use of all three versions simultaneously.
    C. The Cisco ASA and ASASM have an SNMP agent that notifies designated management, stations if events occur that are predefined to require a notification, for example, when a link in the network goes up or down.
    D. SNMPv3 is enabled by default and SNMP v1 and 2c are disabled by default.
    E. SNMPv3 is more secure because it uses SSH as the transport mechanism.

  • Question 136:

    Which three types of multicast packets are controlled by using storm control? (Choose three.)

    A. RTP
    B. BPDU
    C. ICMP
    D. RIPv2
    E. CDP
    F. OSPF

  • Question 137:

    A engineer has configured a unified IPV6/IPV4 ACL to be used for access control on the Cisco ASA in routed mode. Which additional IPV4/IPv6 components is needed for the ACL to function properly?

    A. mixed object group
    B. network address translation
    C. explicit deny statement
    D. service object

  • Question 138:

    ACL config exibit:

    -Shows an ACL called OUTSIDE-IN controlling whether IPSEC connections are allowed -ACL has permits on it to allow IPSEC connections to and from an inside network address of 10.10.10.x to an outside IP of 198.x.x.x along with some explicit denies -Shows the ACL being applied to the outside interface using something like: access-group OUTSIDE-IN in interface outside control-plane Which direction is traffic inspected on the interface

    A. Controling IP traffic from the outside interface
    B. Controling IPsec traffic from the outside interface
    C. Controling IP traffic to the outside interface
    D. Controling IPsec traffic to the outside interface

  • Question 139:

    A security engineer must evaluate Cisco Security Manager. Which two options are benefits of using Cisco Security Manager to manage security? (Choose two)

    A. Configuration of access control plane policies on multiple Cisco ASA firewalls at once
    B. automatic software upgrades on multiple firewall devices
    C. ability to console into each firewall from centralized management
    D. configuration of ACLs on multiple Cisco VSG firewalls at once
    E. configuraion of IPS signatures on multiple Firepower sensors at once

  • Question 140:

    You are configuring a Cisco IOS Firewall on a WAN router that is operating as a Trusted Relay Point (TRP) in a voice network. Which feature must you configure to open data- channel pinholes for voice packets that are sourced from a TRP within the WAN?

    A. CAC
    B. ACL
    C. CBAC
    D. STUN

Related Exams:

Tips on How to Prepare for the Exams

Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only Cisco exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your 300-206 exam preparations and Cisco certification application, do not hesitate to visit our Vcedump.com to find your solutions here.