[Free] 2017(Apr) Ensurepass Testking Cisco 300-206 Latest Dumps 1-10

Ensurepass
2017 April Cisco Official New Released 300-206 Q&As
100% Free Download! 100% Pass Guaranteed!
http://www.ensurepass.com/300-206.html

Implementing Cisco Edge Network Security Solutions

QUESTION 1

Which two configurations are necessary to enable password-less SSH login to an IOS router? (Choose two.)

 

A.

Enter a copy of the administrator’s public key within the SSH key-chain

B.

Enter a copy of the administrator’s private key within the SSH key-chain

C.

Generate a 512-bit RSA key to enable SSH on the router

D.

Generate an RSA key of at least 768 bits to enable SSH on the router

E.

Generate a 512-bit ECDSA key to enable SSH on the router


F.

Generate a ECDSA key of at least 768 bits to enable SSH on the router

 

Correct Answer: AD

 

 

QUESTION 2

Cisco Security Manager can manage which three products? (Choose three.)

 

A.

Cisco IOS

B.

Cisco ASA

C.

Cisco IPS

D.

Cisco WLC

E.

Cisco Web Security Appliance

F.

Cisco Email Security Appliance

G.

Cisco ASA CX

H.

Cisco CRS

 

Correct Answer: ABC

 

 

QUESTION 3

Which three options correctly identify the Cisco ASA1000V Cloud Firewall? (Choose three.)

 

A.

operates at Layer 2

B.

operates at Layer 3

C.

secures tenant edge traffic

D.

secures intraswitch traffic

E.

secures data center edge traffic

F.

replaces Cisco VSG

G.

complements Cisco VSG

H.

requires Cisco VSG

 

Correct Answer: BCG

 

 

QUESTION 4

Which statement describes the correct steps to enable Botnet Traffic Filtering on a Cisco ASA version 9.0 transparent-mode firewall with an active Botnet Traffic Filtering license?

 

A.

Enable DNS snooping, traffic classification, and actions.

B.

Botnet Traffic Filtering is not supported in transparent mode.

C.

Enable the use of the dynamic database, enable DNS snooping, traffic classification, and actions.

D.

Enable the use of dynamic database, enable traffic classification and actions.

Correct Answer: < span lang="EN-US" style="font-family: ; mso-font-kerning: 0pt; mso-no-proof: yes">C

 

 

QUESTION 5

Refer to the exhibit. Server A is a busy server that offers these services:

 

clip_image002World Wide Web

clip_image002[1]DNS

 

Which command captures http traffic from Host A to Server A?

 

clip_image003

 

A.

capture traffic match udp host 10.1.1.150 host 10.2.2.100

B.

capture traffic match 80 host 10.1.1.150 host 10.2.2.100

C.

capture traffic match ip 10.2.2.0 255.255.255.192 host 10.1.1.150

D.

capture traffic match tcp host 10.1.1.150 host 10.2.2.100

E.

capture traffic match tcp host 10.2.2.100 host 10.1.1.150 eq 80

 

Correct Answer: D

 

 

QUESTION 6

What is the default behavior of an access list on the Cisco ASA security appliance?

 

A.

It will permit or deny traffic based on the access-list criteria.

B.

It will permit or deny all traffic on a specified interface.

C.

An access group must be configured before the access list will take effect for traffic control.

D.

It will allow all traffic.

 

Correct Answer: C

 

 

 

 

 

QUESTION 7

Which Cisco Security Manager form factor is recommended for deployments with fewer than 25 devices?

 

A.

only Cisco Security Manager Standard

B.

only Cisco Security Manager Professional

C.

only Cisco Security Manager UCS Server Bundle

D.

both Cisco Security Manager Standard and Cisco Security Manager Professional

 

Correct Answer: A

 

 

QUESTION 8

Refer to the exhibit. Which two statements about the SNMP configuration are true? (Choose two.)

 

clip_image004

 

A.

The router’s IP address is 192.168.1.1.

B.

The SNMP server’s IP address is 192.168.1.1.

C.

Only the local SNMP engine is configured.

D.

Both the local and remote SNMP engines are configured.

E.

The router is connected to the SNMP server via port 162.

 

Correct Answer: BD

 

 

QUESTION 9

clip_image006

clip_image008

clip_image010

 

An SNMP host is an IP address to which SNMP notifications and traps are sent. To configure SNMFV3 hosts, which option must you configure in addition to the target IP address?

 

A.

the Cisco ASA as a DHCP server, so the SNMFV3 host can obtain an IP address

B.

a username, because traps are only sent to a configured user

C.

SSH, so the user can connect to the Cisco ASA

D.

the Cisco ASA with a dedicated interface only for SNMP, to process the SNMP host traffic.

 

Correct Answer: B

Explanation:

The username can be seen here on the ASDM simulator screen shot:

 

clip_image012

 

 

QUESTION 10

Which two router commands enable NetFlow on an interface? (Choose two.)

 

A.

ip flow ingress

B.

ip flow egress

C.

ip route-cache flow infer-fields

D.

ip flow ingress infer-fields

E.

ip flow-export version 9

 

Correct Answer: AB

100% Free Download!
—Download Free Demo:300-206 Demo PDF
100% Pass Guaranteed!
Download 2017 Ensurepass 300-206 Full Exam PDF and VCE Q&As:222
—Get 10% off your purchase! Copy it:8GTC-8UIE-M1SC [2017.04.01-2017.04.30]

Ensurepass ExamCollection Testking
Lowest Price Guarantee Yes No No
Up-to-Dated Yes No No
Real Questions Yes No No
Explanation Yes No No
PDF + VCE Yes No No
Free VCE Simulator Yes No No
Instant Download Yes No No

2017 Ensurepass IT Certification PDF and VCE

HOT EXAM!
Proudly powered by WordPress   Premium Style Theme by www.gopiplus.com