Cisco 300-206 Online Practice Questions and Exam Preparation

Cisco 300-206 Online Questions & Answers

• Question 211:

  An engineer must implement secure device management on a Cisco ASA. Which two actions are required? (Choose two)

  A. enable logging
  B. enable Telnet
  C. enable SSH
  D. disable login timeouts
  E. configure SNMPv3
  C. enable SSH
  E. configure SNMPv3

• Question 212:

  Which of the following that Cisco engineer must secure a current monitoring environment? (Choose Two)

  A. RSA-SIG
  B. MD5
  C. AES
  D. 3DES
  E. DES
  C. AES
  D. 3DES

• Question 213:

  CSM (or Prime Infra) Dashboards

  

  Correct Answer. Check the answer below
  Check the answer below

  ---

  Top Destinations --This report ranks the session destinations of all built/deny firewall events received by Security Manager. The report shows the destination IP address, the count of the number of events for each address, and the percentage

  of the count compared to the sum of all counts in the report. You can click on a data point in the Pie, XY, or Bar graph that represents a specific destination to see report information about the top sources and top services associated with that

  destination (see Drilling Down into Report Data).

  Top Sources --This report ranks the session sources of all built/deny firewall events received by Security Manager. The report shows the source IP address, the count of the number of events for each address, and the percentage of the count

  compared to the sum of all counts in the report. You can click on a data point in the Pie, XY, or Bar graph that represents a specific source to see report information about the top destinations and top services associated with that source (see

  Drilling Down into Report Data).

  Top Services --This report ranks the destination services of all built/deny firewall events received by Security Manager. TCP and UDP services include the port number. The report shows the service, the count of the number of events for each

  service, and the percentage of the count compared to the sum of all counts in the report. You can click on a data point in the Pie, XY, or Bar graph that represents a specific service to see report information about the top destinations and top

  sources associated with that service (see Drilling Down into Report Data).

  Top Infected Hosts --This report ranks the top infected hosts for traffic originating from infected hosts to black- or gray-listed sites based on all botnet events received by Security Manager. The report shows the IP address of the infected host

  with the firewall interface name on which the event was detected in parentheses, the count of the number of connections logged to blacklisted or gray-listed sites for each address, the count of the number of connections that were blocked

  (dropped) by botnet traffic filtering, and the percentage of the count compared to the sum of all counts in the report.

  Top Malware Ports --This report ranks the top destination ports for traffic originating from infected hosts to black or gray-listed sites based on all botnet events received by Security Manager. The report shows the destination malware port, the

  count of the number of connections logged to blacklisted or gray-listed sites for each port, the count of the number of connections that were blocked (dropped) by botnet traffic filtering, and the percentage of the count compared to the sum of

  all counts in the report.

  Top Malware Sites --This report ranks the top botnet sites (black or gray-listed sites) for all inbound and outbound sessions based on all botnet events received by Security Manager. The report shows the following information:

  IP Address--The IP address that is indicated as the malicious host in botnet events, either on the black list or the grey list.

  Malware Site--The domain name or IP address in the dynamic filter database to which the traffic was initiated.

  List Type--Whether the site is on the black list or the grey list. Connections Logged--The count of the number of connections logged or monitored for each site. Connections Blocked--The count of the number of connections that were blocked

  (dropped) by botnet traffic filtering for each site. Threat Level--The botnet threat level for the site, from very low to very high, or none. Category--The category of threat the site poses as defined in the botnet database, such as botnet, Trojan,

  spyware, and so on.

  VPN dashboards

  Top Bandwidth Users --This report ranks the VPN users who consumed the most bandwidth. The report shows the usernames, the bandwidth in total number of bytes sent and received, and the percentage of reported bandwidth used by

  each user.

  Top Duration Users --This report ranks the VPN users who remained connected to the network for the longest time. The report shows the usernames, the connection duration time in days hours:minutes:seconds format, and the percentage of

  the reported duration by each user.

  The chart shows duration in seconds.

  Top Throughput Users --This report ranks the VPN users who sent and received data at the highest throughput rate. The report shows the usernames, the throughput for each user in kbps, and the percentage of reported throughput by each

  user. The throughput is calculated as 8.0 *(bandwidth of the user in bytes)/(duration for which the user is connected in seconds*1000.0).

  Connection Profile Report --This report provides a count of user, session, and summary of the bandwidth utilization and throughput usage for each remote access connection profile. The default report contains this information for all devices

  for the previous hour. You can customize the report in several different ways.

  User Report --This report provides a summary of the bandwidth utilization, connection duration and throughput usage for each remote access VPN user. The report shows the usernames, the bandwidth in total number of bytes sent and

  received, the connection duration time in days hours:minutes:seconds format, and the throughput for each user in kbps. The throughput is throughput is calculated as 8.0*(bandwidth of the user in bytes)/(duration for which the user is

  connected in seconds*1000.0). Beginning with Security Manager 4.7, the User Report provides both user-level details and session-level details:

  User-Level Details --For a particular user, the user-level details represent the combined value of all that user's sessions: Username, Total no. of Sessions, Bandwidth, Duration, and Throughput. Session-Level Details --Expanding the tree

  displays the session-level details for each session that a particular user has a VPN connection with; the session-level details encompass the Session ID, Login Time, Logout Time, Bandwidth, Throughput, and Duration of the Session. (Here

  the logout time is calculated by using the formula Logout Time = Login Time + Duration.)

• Question 214:

  CORRECT TEXT

  You are a network security engineer for the Secure-X network. You have been tasked with implementing dynamic network object NAT with PAT on a Cisco ASA. You must configure the Cisco ASA such that the source IP addresses of all

  internal hosts are translated to a single IP address (using different ports) when the internal hosts access the Internet.

  To successfully complete this activity, you must perform the following tasks:

  Use the Cisco ASDM GUI on the Admin PC to configure dynamic network object NAT with PAT using the following parameters:

  Network object name: Internal-Networks

  IP subnet: 10.10.0.0/16

  Translated IP address: 192.0.2.100

  Source interface: inside

  Destination interface: outside

  NOTE: The object (TRANSLATED-INSIDE-HOSTS) for this translated IP address has already been created for your use in this activity.

  NOTE: Not all ASDM screens are active for this exercise.

  NOTE: Login credentials are not needed for this simulation.

  In the Cisco ASDM, display and view the auto-generated NAT rule.

  From the Employee PC, generate traffic to SP-SRV by opening a browser and navigating to http://sp-srv.sp.public.

  From the Guest PC, generate traffic to SP-SRV by opening a browser and navigating to http://sp-srv.sp.public.

  At the CLI of the Cisco ASA, display your NAT configuration. You should see the configured policy and statistics for translated packets.

  At the CLI of the Cisco ASA, display the translation table. You should see dynamic translations for the Employee PC and the Guest PC. Both inside IP addresses translate to the same IP address, but using different ports.

  You have completed this exercise when you have configured and successfully tested dynamic network object NAT with PAT.

  

  

  Correct Answer. Check the answer below
  Check the answer below

  ---

  Answer: See the explanation for detailed answer to this sim question. First, click on Add ?Network Objects on the Network Objects/Groups tab and fill in the information as shown below:

  

  Then, use the advanced tab and configure it as shown below:

  

  Then hit OK, OK again, Apply, and then Send when prompted. You can verify using the instructions provided in the question

• Question 215:

  Which option is a valid action for a port security violation ?

  A. Restrict
  B. Reject
  C. Disable
  D. Reset
  A. Restrict

• Question 216:

  On the Cisco ASA, where are the Layer 5-7 policy maps applied?

  A. inside the Layer 3-4 policy map
  B. inside the Layer 3-4 class map
  C. inside the Layer 5-7 class map
  D. inside the Layer 3-4 service policy
  E. inside the Layer 5-7 service policy
  A. inside the Layer 3-4 policy map

• Question 217:

  When a traffic storm threshold occurs on a port, into which state can traffic storm control put the port?

  A. Disabled
  B. Err-disabled
  C. Disconnected
  D. Blocked
  E. Connected
  B. Err-disabled

• Question 218:

  What is the default behavior of NAT control on Cisco ASA Software Version 8.3?

  A. NAT control has been deprecated on Cisco ASA Software Version 8.3.
  B. It will prevent traffic from traversing from one enclave to the next without proper access configuration.
  C. It will allow traffic to traverse from one enclave to the next without proper access configuration.
  D. It will deny all traffic.
  A. NAT control has been deprecated on Cisco ASA Software Version 8.3.

• Question 219:

  By default, how does the Cisco ASA authenticate itself to the Cisco ASDM users?

  A. The administrator validates the Cisco ASA by examining the factory built-in identity certificate thumbprint of the Cisco ASA.
  B. The Cisco ASA automatically creates and uses a persistent self-signed X.509 certificate to authenticate itself to the administrator.
  C. The Cisco ASA automatically creates a self-signed X.509 certificate on each reboot to authenticate itself to the administrator.
  D. The Cisco ASA and the administrator use a mutual password to authenticate each other.
  E. The Cisco ASA authenticates itself to the administrator using a one-time password.
  C. The Cisco ASA automatically creates a self-signed X.509 certificate on each reboot to authenticate itself to the administrator.

• Question 220:

  When you install a Cisco ASA AIP-SSM, which statement about the main Cisco ASDM home page is true?

  A. It is replaced by the Cisco AIP-SSM home page.
  B. It must reconnect to the NAT policies database.
  C. The administrator can manually update the page.
  D. It displays a new Intrusion Prevention panel.
  D. It displays a new Intrusion Prevention panel.