[Free] 2017(Apr) Ensurepass Testking Cisco 300-206 Latest Dumps 101-110

Ensurepass
2017 April Cisco Official New Released 300-206 Q&As
100% Free Download! 100% Pass Guaranteed!
http://www.ensurepass.com/300-206.html

Implementing Cisco Edge Network Security Solutions

QUESTION 101

At which layer does MACsec provide encryption?

 

A.

Layer 1

B.

Layer 2

C.

Layer 3

D.

Layer 4

 

Correct Answer: B

 

 

QUESTION 102

Which log level provides the most detail on the Cisco Web Security Appliance?

 

A.

Debug

B.

Critical

C.

Trace

D.

Informational

 

Correct Answer: C

 

 

QUESTION 103

A Cisco ASA is configured for TLS proxy. When should the security appliance force remote IP phones connecting to the phone proxy through the internet to be in secured mode?

 

A.

When the Cisco Unified Communications Manager cluster is in non-secure mode

B.

When the Cisco Unified Communications Manager cluster is in secure mode only

C.

When the Cisco Unified Communications Manager is not part of a cluster

D.

When the Cisco ASA is configured for IPSec VPN

 

Correct Answer: A

 

 

QUESTION 104

A network engineer is asked to configure NetFlow to sample one of every 100 packets on a router’s fa0/0 interface. Which configuration enables sampling, assuming that NetFlow is already configured and running on the router’s fa0/0 interface?

 

A.

flow-sampler-map flow1

mode random one-out-of 100

interface fas0/0

flow-sampler flow1

B.

flow monitor flow1

mode random one-out-of 100

interface fas0/0

ip flow monitor flow1

C.

flow-sampler-map flow1

one-out-of 100

interface fas0/0

flow-sampler flow1

D.

ip flow-export source fas0/0 one-out-of 100

 

Correct Answer: A

 

 

QUESTION 105

Which two features are supported when configuring clustering of multiple Cisco ASA appliances? (Choose two.)

 

A.

NAT

B.

dynamic routing

C.

SSL remote access VPN

D.

IPSec remote access VPN

 

Correct Answer: AB

 

 

 

 

 

QUESTION 106

Refer to the exhibit. What is the effect of this configuration?

 

clip_image002

 

A.

The firewall will inspect IP traffic only between networks 192.168.1.0 and 192.168.2.0.

B.

The firewall will inspect all IP traffic except traffic to 192.168.1.0 and 192.168.2.0.

C.

The firewall will inspect traffic only if it is defined within a standard ACL.

D.

The firewall will inspect all IP traffic.

 

Correct Answer: A

 

 

QUESTION 107

An administrator is deploying port-security to restrict traffic from certain ports to specific MAC addresses. Which two considerations must an administrator take into account when using the switchport port-security mac-address sticky command? (Choose two.)

 

A.

The configuration will be updated with MAC addresses from traffic seen ingressing the port. The configuration will automatically be saved to NVRAM if no other changes to the configuration have been made.

B.

The configuration will be updated with MAC addresses from traffic seen ingressing the port. The configuration will not automatically be saved to NVRAM.

C.

Only MAC addresses with the 5th most significant bit of the address (the ‘sticky’ bit) set to 1 will be learned.

D.

If configured on a trunk port without the ‘vlan’ keyword, it will apply to all vlans.

E.

If configured on a trunk port without the ‘vlan’ keyword, it will apply only to the native vlan.

 

Correct Answer: BE

 

 

QUESTION 108

What is the default behavior of an access list on a Cisco ASA?

 

A.

It will permit or deny traffic based on the access list criteria.

B.

It will permit or deny all traffic on a specified interface.

C.

It will have no affect until applied to an interface, tunnel-group or other traffic flow.

D.

It will allow all traffic.

 

Correct Answer: C

 

 

QUESTION 109

What are three of the RBAC views within Cisco IOS Software? (Choose three.)

 

A.

Admin

B.

CLI

C.

Root

D.

Super Admin

E.

Guest

F.

Super

 

Correct Answer: BCF

 

 

QUESTION 110

Which Cisco product provides a GUI-based device management tool to configure Cisco access routers?

 

A.

Cisco ASDM

B.

Cisco CP Express

C.

Cisco ASA 5500

D.

Cisco CP

 

Correct Answer: D

100% Free Download!
—Download Free Demo:300-206 Demo PDF
100% Pass Guaranteed!
Download 2017 Ensurepass 300-206 Full Exam PDF and VCE Q&As:222
—Get 10% off your purchase! Copy it:8GTC-8UIE-M1SC [2017.04.01-2017.04.30]

Ensurepass ExamCollection Testking
Lowest Price Guarantee Yes No No
Up-to-Dated Yes No No
Real Questions Yes No No
Explanation Yes No No
PDF + VCE Yes No No
Free VCE Simulator Yes No No
Instant Download Yes No No

2017 Ensurepass IT Certification PDF and VCE

HOT EXAM!
Proudly powered by WordPress   Premium Style Theme by www.gopiplus.com