300-206 Exam Details
-
Exam Code
:300-206 -
Exam Name
:Implementing Cisco Edge Network Security Solutions -
Certification
:Cisco Certifications -
Vendor
:Cisco -
Total Questions
:463 Q&As -
Last Updated
:Dec 11, 2021
Cisco 300-206 Online Questions & Answers
-
Question 261:
Which two statements about managing ACLs with ASDM are true? (Choose two)
A. It can manage interface access rules and global access rules.
B. It enables global access rules to override interface access rules.
C. It can add new access rules before and after existing access rules.
D. It can import and export existing access lists.
E. It can define interface access rules without them to an individual interface
F. It can delete access lists without deleting individual access rules. -
Question 262:
Which two types of addresses can be blocked by configuring botnet traffic filtering on an ASA? (Choose two.)
A. spyware
B. instant messaging
C. P2P
D. games
E. ads -
Question 263:
At which layer does MACsecprovide encryption?
A. Layer 1
B. Layer 2
C. Layer 3
D. Layer 4 -
Question 264:
Which Cisco TrustSec role does a Cisco ASA firewall serve within an identity architecture?
A. Access Requester
B. Policy Decision Point
C. Policy Information Point
D. Policy Administration Point
E. Policy Enforcement Point -
Question 265:
Which option is the default logging buffer size In memory of the Cisco ASA adaptive security appliance?
A. 8KB
B. 32KB
C. 2KB
D. 16KB
E. 4KB -
Question 266:
To which interface on a Cisco ASA 1000V firewall should a security profile be applied when a VM sits behind it?
A. outside
B. inside
C. management
D. DMZ -
Question 267:
Hotspot Question In your role as network security administrator, you have installed syslog server software on a server whose IP address is 10.10.2.40. According to the exhibits, why isn't the syslog server receiving any syslog messages?
A. Logging is not enabled globally on the Cisco ASA.
B. The syslog server has failed.
C. There have not been any events with a severity level of seven.
D. The Cisco ASA is not configured to log messages to the syslog server at that IP address. -
Question 268:
Which activity is performed by the switch when DAI inspection is configured?
A. It drops all ARP responses on untrusted ports
B. It monitors DHCP messages and compares host MAC addresses with addresses in ARP frames
C. It intercepts all ARP requests and response on untrusted ports
D. It drops all traffic except ARP messages -
Question 269:
You are the administrator of a Cisco ASA 9.0 firewall and have been tasked with ensuring that the Firewall Admins Active Directory group has full access to the ASA configuration. The Firewall Operators Active Directory group should have a
more limited level of access.
Which statement describes how to set these access levels?
A. Use Cisco Directory Agent to configure the Firewall Admins group to have privilege level 15 access. Also configure the Firewall Operators group to have privilege level 6 access.
B. Use TACACS+ for Authentication and Authorization into the Cisco ASA CLI, with ACS as the AAA server. Configure ACS CLI command authorization sets for the Firewall Operators group. Configure level 15 access to be assigned to members of the Firewall Admins group.
C. Use RADIUS for Authentication and Authorization into the Cisco ASA CLI, with ACS as the AAA server. Configure ACS CLI command authorization sets for the Firewall Operators group. Configure level 15 access to be assigned to members of the Firewall Admins group.
D. Active Directory Group membership cannot be used as a determining factor for accessing the Cisco ASA CLI. -
Question 270:
Which ASA feature is used to keep track of suspected attackers who create connections to too many hosts or ports?
A. complex threat detection
B. scanning threat detection
C. basic threat detection
D. advanced threat detection
Related Exams:
-
300-745
Designing Cisco Security Infrastructure (300-745 SDSI) v1.0 -
350-101
Implementing and Operating Cisco Wireless Core Technologies (350-101 WLCOR)v1.0 -
352-011
Cisco Certified Design Expert Practical -
500-052
Cisco Unified Contact Center Express -
500-173
Designing the FlexPod Solution (FPDESIGN) -
500-201
Deploying Cisco Service Provider Mobile Backhaul Solutions -
500-210
SP Optical Technology Field Engineer Representative -
500-220
Engineering Cisco Meraki Solutions (ECMS) v2.2 -
500-230
Cisco Service Provider Routing Field Engineer -
500-240
Cisco Mobile Backhaul for Field Engineers
Tips on How to Prepare for the Exams
Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only Cisco exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your 300-206 exam preparations and Cisco certification application, do not hesitate to visit our Vcedump.com to find your solutions here.