1. Home
  2. Cisco
  3. 300-206

Cisco 300-206 Online Practice Questions and Exam Preparation

300-206 Exam Details

  • Exam Code
    :300-206
  • Exam Name
    :Implementing Cisco Edge Network Security Solutions
  • Certification
    :Cisco Certifications
  • Vendor
    :Cisco
  • Total Questions
    :463 Q&As
  • Last Updated
    :Dec 11, 2021

Cisco 300-206 Online Questions & Answers

  • Question 331:

    Which command tests authentication with SSH and shows a generated key?

    A. show key mypubkey rsa
    B. show crypto key mypubkey rsa
    C. show crypto key
    D. show key mypubkey

  • Question 332:

    Which statement about Cisco ASA multicast routing support is true?

    A. The Cisco ASA appliance supports PIM dense mode, sparse mode, and BIDIR-PIM.
    B. The Cisco ASA appliance supports only stub multicast routing by forwarding IGMP messages from multicast receivers to the upstream multicast router.
    C. The Cisco ASA appliance supports DVMRP and PIM.
    D. The Cisco ASA appliance supports either stub multicast routing or PIM, but both cannot be enabled at the same time.
    E. The Cisco ASA appliance supports only IGMP v1.

  • Question 333:

    Host cannot communicate with server. Traffic goes through ASA. Which cli command can confirm if ASA is blocking traffic or not?

    A. Capture

  • Question 334:

    A rogue device has connected to the network and has become the STP root bridge, which has caused a network availability issue. Which two commands can protect against this problem? (Choose two.)

    A. switch(config)#spanning-tree portfast bpduguard default
    B. switch(config)#spanning-tree portfast bpdufilter default
    C. switch(config-if)#spanning-tree portfast
    D. switch(config-if)#spanning-tree portfast disable
    E. switch(config-if)#switchport port-security violation protect
    F. switch(config-if)#spanning-tree port-priority 0

  • Question 335:

    Which option is a Cisco best practice when configuring traffic storm control?

    A. Configure 100 percent level to suppress all traffic.
    B. Configure on the port channel interface of an EtherChannel.
    C. Configure traffic storm control on ports that are members of an EtherChannel.
    D. Configure additional capacity as port speed increase.

  • Question 336:

    How to set up that incoming traffic is going via same interface as outgoing traffic?

    A. Intra-interface-anytime an ASA receives traffic on an interface and it is to route the traffic back out the same interface (same-security-traffic permit intra-interface)
    B. Inter-interface-anytime an ASA receives traffic on an interface and is to route the traffic out another interface of equal security level. (same-security-traffic permit inter-interface)

  • Question 337:

    Which Cisco Security Manager form factor is recommended for deployments with fewer than 25 devices?

    A. only Cisco Security Manager Standard
    B. only Cisco Security Manager Professional
    C. only Cisco Security Manager UCS Server Bundle
    D. both Cisco Security Manager Standard and Cisco Security Manager Professional

  • Question 338:

    You need to increase the level of security for the management traffic accessing a Cisco router. You plan to enable HTTPS.

    Which action do you take on the router?

    A. Disable TCP port 23.
    B. Generate an RSA key.
    C. Enable SCP.
    D. Enable TLS.

  • Question 339:

    Which protocol is used by Prime Infrastructure to discover the devices via web? (Choose three)

    A. ARP
    B. OSPF
    C. SNMP
    D. BGP
    E. NetFlow

  • Question 340:

    An administrator is deploying port-security to restrict traffic from certain ports to specific MAC addresses. Which two considerations must an administrator take into account when using the switchport port-security mac-address sticky command? (Choose two.)

    A. The configuration will be updated with MAC addresses from traffic seen ingressing the port. The configuration will automatically be saved to NVRAM if no other changes to the configuration have been made.
    B. The configuration will be updated with MAC addresses from traffic seen ingressing the port. The configuration will not automatically be saved to NVRAM.
    C. Only MAC addresses with the 5th most significant bit of the address (the 'sticky' bit) set to 1 will be learned.
    D. If configured on a trunk port without the 'vlan' keyword, it will apply to all vlans.
    E. If configured on a trunk port without the 'vlan' keyword, it will apply only to the native vlan.

Related Exams:

Tips on How to Prepare for the Exams

Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only Cisco exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your 300-206 exam preparations and Cisco certification application, do not hesitate to visit our Vcedump.com to find your solutions here.