Cisco 300-206 Online Practice Questions and Exam Preparation

Cisco 300-206 Online Questions & Answers

• Question 191:

  CORRECT TEXT

  

  

  Correct Answer. Check the answer below
  Check the answer below

  ---

  Answer: Please check the steps in explanation part below:

  1) Click on Service Policy Rules, then Edit the default inspection rule.

  2) Click on Rule Actions, then enable HTTP as shown here:

  

  3) Click on Configure, then add as shown here:

  

  4) Create the new map in ASDM like shown:

  

  5) Edit the policy as shown:

  

  6) Hit OK

• Question 192:

  By default, not all services in the default inspection class are inspected. Which Cisco ASA CLI command do you use to determine which inspect actions are applied to the default inspection class?

  A. show policy-map global_policy
  B. show policy-map inspection_default
  C. show class-map inspection_default
  D. show class-map default-inspection-traffic
  E. show service-policy global
  E. show service-policy global

• Question 193:

  Which Cisco ASA feature is implemented by the ip verify reverse-path interface interface_name command?

  A. uRPF
  B. TCP intercept
  C. botnet traffic filter
  D. scanning threat detection
  E. IPS (IP audit)
  A. uRPF

• Question 194:

  What is the default behavior of an access list on a Cisco ASA?

  A. It will permit or deny traffic based on the access list criteria.
  B. It will permit or deny all traffic on a specified interface.
  C. It will have no affect until applied to an interface, tunnel-group or other traffic flow.
  D. It will allow all traffic.
  C. It will have no affect until applied to an interface, tunnel-group or other traffic flow.

• Question 195:

  Which Cisco switch technology prevents traffic on a LAN from being disrupted by a broadcast, multicast, or unicast flood on a port?

  A. port security
  B. storm control
  C. dynamic ARP inspection
  D. BPDU guard
  E. root guard
  F. dot1x
  B. storm control

• Question 196:

  Which two options are limitations of using Cisco ASDM as compared to Cisco Security Manager?

  A. API-based access
  B. Limited correlation of security events
  C. Limited syslog filtering
  D. limited visibility of networks
  E. Limited remote management
  B. Limited correlation of security events
  E. Limited remote management

• Question 197:

  Best practices for hardening of management plane have been implemented on an ASA (or IOS router). Which protocols will be affected?

  A. BGP
  B. ICMP
  C. ARP
  B. ICMP

• Question 198:

  Which three statements about transparent firewall are true? ( Choose three)

  A. Transparent firewall works at Layer 2
  B. Both interfaces must be configured with private IP Addresses
  C. It can have only a management IP address
  D. It does not support dynamic routing protocols
  E. It only support PAT
  A. Transparent firewall works at Layer 2
  C. It can have only a management IP address
  D. It does not support dynamic routing protocols

• Question 199:

  Which Cisco ASA CLI command is used to enable HTTPS (Cisco ASDM) access from any inside host on the 10.1.16.0/20 subnet?

  A. http 10.1.16.0 0.0.0.0 inside
  B. http 10.1.16.0 0.0.15.255 inside
  C. http 10.1.16.0 255.255.240.0 inside
  D. http 10.1.16.0 255.255.255.255
  C. http 10.1.16.0 255.255.240.0 inside

• Question 200:

  You must configure Netflow data export on a cisco router that has a Cisco IOS Release 15MT image installed and has NetFlow Version 9 enabled.

  Which configuration steps do you perform?

  A. Define a NetFlow collector by using the ip flow-export command.
  B. Configure a class map to match interesting traffic
  C. Enable Netflow o one of the interfaces.
  D. Apply the created class map to the globally policy
  E. Configure NetFlow exporter at the interface level.
  A. Define a NetFlow collector by using the ip flow-export command.
  C. Enable Netflow o one of the interfaces.