[Free] 2017(Apr) Ensurepass Testking Cisco 300-206 Latest Dumps 121-130

Ensurepass
2017 April Cisco Official New Released 300-206 Q&As
100% Free Download! 100% Pass Guaranteed!
http://www.ensurepass.com/300-206.html

Implementing Cisco Edge Network Security Solutions

QUESTION 121

Which tool provides the necessary information to determine hardware lifecycle and compliance details for deployed network devices?

 

A.

Prime Infrastructure

B.

Prime Assurance

C.

Prime Network Registrar

D.

Prime Network Analysis Module

 

Correct Answer: A

 

 

QUESTION 122

Where on a firewall does an administrator assign interfaces to contexts?

 

A.

in the system execution space

B.

in the admin context

C.

in a user-defined context

D.

in the console

 

Correct Answer: A

 

 

QUESTION 123

Which three options are hardening techniques for Cisco IOS routers? (Choose three.)

 

A.

limiting access to infrastructure with access control lists

B.

enabling service password recovery

C.

using SSH whenever possible

D.

encrypting the service password

E.

using Telnet whenever possible

F.

enabling DHCP snooping

 

Correct Answer: ACD

 

 

QUESTION 124

What is the best description of a unified ACL on a Cisco firewall?

 

A.

An ACL with both IPv4 and IPv6 functionality.

B.

An IPv6 ACL with IPv4 backwards compatibility.

C.

An IPv4 ACL with IPv6 support.

D.

An ACL that supports EtherType in addition to IPv6.

 

Correct Answer: A

 

 

 

QUESTION 125

A network administrator is creating an ASA-CX administrative user account with the following parameters:

 

clip_image002The user will be responsible for configuring security policies on network devices.

clip_image002[1]The user needs read-write access to policies.

clip_image002[2]The account has no more rights than necessary for the job.

 

What role will the administrator assign to the user?

 

A.

Administrator

B.

Security administrator

C.

System administrator

D.

Root Administrator

E.

Exec administrator

 

Correct Answer: B

 

 

QUESTION 126

You are the administrator of a Cisco ASA 9.0 firewall and have been tasked with ensuring that the Firewall Admins Active Directory group has full access to the ASA configuration. The Firewall Operators Active Directory group should have a more limited level of access. Which statement describes how to set these access levels?

 

A.

Use Cisco Directory Agent to configure the Firewall Admins group to have privilege level 15 access. Also configure the Firewall Operators group to have privilege level 6 access.

B.

Use TACACS+ for Authentication and Authorization into the Cisco ASA CLI, with ACS as the AAA server. Configure ACS CLI command authorization sets for the Firewall Operators group. Configure level 15 access to be assigned to members of the Firewall Admins group.

C.

Use RADIUS for Authentication and Authorization into the Cisco ASA CLI, with ACS as the AAA server. Configure ACS CLI command authorization sets for the Firewall Operators group. Configure level 15 access to be assigned to members of the Firewall Admins group.

D.

Active Directory Group membership cannot be used as a determining factor for accessing the Cisco ASA CLI.

 

Correct Answer: B

 

 

QUESTION 127

Which technology provides forwarding-plane abstraction to support Layer 2 to Layer 7 network services in Cisco Nexus 1000V?

 

A.

Virtual Service Node

B.

Virtual Service Gateway

C.

Virtual Service Data Path

D.

Virtual Service Agent

 

Correct Answer: C

 

 

 

 

QUESTION 128

Refer to the exhibit. Which command can produce this packet tracer output on a firewall?

 

clip_image004

 

A.

packet-tracer input INSIDE tc
p 192.168.1.100 88 192.168.2.200 3028

B.

packet-tracer output INSIDE tcp 192.168.1.100 88 192.168.2.200 3028

C.

packet-tracer input INSIDE tcp 192.168.2.200 3028 192.168.1.100 88

D.

packet-tracer output INSIDE tcp 192.168.2.200 3028 192.168.1.100 88

 

Correct Answer: A

 

 

QUESTION 129

All 30 users on a single floor of a building are complaining about network slowness. After investigating the access switch, the network administrator notices that the MAC address table is full (10,000 entries) and all traffic is being flooded out of every port. Which action can the administrator take to prevent this from occurring?

 

A.

Configure port-security to limit the number of mac-addresses allowed on each port

B.

Upgrade the switch to one that can handle 20,000 entries

C.

Configure private-vlans to prevent hosts from communicating with one another

D.

Enable storm-control to limit the traffic rate

E.

Configure a VACL to block all IP traffic except traffic to and from that subnet

 

Correct Answer: A

 

 

QUESTION 130

On an ASA running version 9.0, which command is used to nest objects in a pre-existing group?

 

A.

object-group

B.

network group-object

C.

object-group network

D.

group-object

 

Correct Answer: D

100% Free Download!
—Download Free Demo:300-206 Demo PDF
100% Pass Guaranteed!
Download 2017 Ensurepass 300-206 Full Exam PDF and VCE Q&As:222
—Get 10% off your purchase! Copy it:8GTC-8UIE-M1SC [2017.04.01-2017.04.30]

Ensurepass ExamCollection Testking
Lowest Price Guarantee Yes No No
Up-to-Dated Yes No No
Real Questions Yes No No
Explanation Yes No No
PDF + VCE Yes No No
Free VCE Simulator Yes No No
Instant Download Yes No No

2017 Ensurepass IT Certification PDF and VCE

HOT EXAM!
Proudly powered by WordPress   Premium Style Theme by www.gopiplus.com