Cisco 300-206 Online Practice Questions and Exam Preparation

Cisco 300-206 Online Questions & Answers

• Question 381:

  Which credentials are used by Prime Infrastructure to access the devices via web? (Choose two)

  A. SSH
  B. Telnet
  C. Serial console
  D. RADIUS
  E. 802.1X
  A. SSH
  B. Telnet

• Question 382:

  Which two VPN types can you monitor and control with Cisco Prime Security Manager? (Choose two.)

  A. AnyConnect SSL
  B. site-to-site
  C. clientless SSL
  D. IPsec remote-access
  A. AnyConnect SSL
  D. IPsec remote-access

• Question 383:

  Refer to the exhibit. Which option describes the role of the filter rule on this cisco ASA firewall?

  

  A. to discard http traffic destined to a proxy server
  B. to define allowed traffic when the URL filtering server is unavailable
  C. to perform deep packet inspection on all http traffic crossing the Cisco ASA
  D. to send http traffic to a defined URL filtering server
  D. to send http traffic to a defined URL filtering server

• Question 384:

  Which two features block traffic that is sourced from non-topological IPv6 addresses? (Choose two.)

  A. DHCPv6 Guard
  B. IPv6 Prefix Guard
  C. IPv6 RA Guard
  D. IPv6 Source Guard
  B. IPv6 Prefix Guard
  D. IPv6 Source Guard

• Question 385:

  An engineer is configuring Cisco ASA 1000V Cloud Firewall. Which element allows for application of a security policy based on a class of VMs instead of based on IP addresses?

  A. port profiles
  B. port groups
  C. security groups
  D. security profiles
  A. port profiles

• Question 386:

  Which two features does Cisco Security Manager provide? (Choose two.)

  A. Configuration and policy deployment before device discovery
  B. Health and performance monitoring
  C. Event management and alerting
  D. Command line menu for troubleshooting
  E. Ticketing management and tracking
  B. Health and performance monitoring
  C. Event management and alerting

• Question 387:

  An engineer is hardening the management plane for an ASA. Which protocol is affected by this hardening?

  A. BGP
  B. IKE
  C. ICMP
  D. ARP
  C. ICMP

• Question 388:

  Where are database files for BTF stored on the ASA?

  A. Flash
  B. NVRAM
  C. running memory
  D. ASA-CX module memory
  C. running memory

• Question 389:

  Which statement about traffic storm control behavior is true?

  A. Traffic storm control cannot determine if the packet is unicast or broadcast.
  B. If you enable broadcast and multicast traffic storm control and the combined broadcast and multicast traffic exceeds the level within a 1 second traffic storm interval, storm control drops all broadcast and multicast traffic until the end of the storm interval
  C. Traffic storm control uses the Individual/Group bit in the packet source address to determine if the packet is unicast or broadcast.
  D. Traffic storm control monitors incoming traffic levels over a 10 second traffic storm control interval
  B. If you enable broadcast and multicast traffic storm control and the combined broadcast and multicast traffic exceeds the level within a 1 second traffic storm interval, storm control drops all broadcast and multicast traffic until the end of the storm interval

• Question 390:

  According to Cisco best practices, which two interface configuration commands help prevent VLAN hopping attacks? (Choose two.)

  A. switchport mode access
  B. switchport access vlan 2
  C. switchport mode trunk
  D. switchport access vlan 1
  E. switchport trunk native vlan 1
  F. switchport protected
  A. switchport mode access
  B. switchport access vlan 2