[Free] 2017(Apr) Ensurepass Testking Cisco 300-206 Latest Dumps 131-140

Ensurepass
2017 April Cisco Official New Released 300-206 Q&As
100% Free Download! 100% Pass Guaranteed!
http://www.ensurepass.com/300-206.html

Implementing Cisco Edge Network Security Solutions

QUESTION 131

What are two security features at the access port level that can help mitigate Layer 2 attacks? (Choose two.)

 

A.

DHCP snooping

B.

IP Source Guard

C.

Telnet

D.

Secure Shell

E.

SNMP

 

Correct Answer: AB

 

 

QUESTION 132

What are two enhancements of SSHv2 over SSHv1? (Choose two.)

 

A.

VRF-aware SSH support

B.

DH group exchange support

C.

RSA support

D.

keyboard-interactive authentication

E.

SHA support

 

Correct Answer: AB

 

 

QUESTION 133

clip_image002

clip_image004

clip_image006

clip_image008

 

According to the logging configuration on the Cisco ASA, what will happen if syslog server 10.10.2.40 fails?

A.

New connections through the ASA will be blocked and debug system logs will be sent to the internal buffer.

B.

New connections through the ASA will be blocked and informational system logs will be sent to the internal buffer.

C.

New connections through the ASA will be blocked and system logs will be sent to server 10.10.2.41.

D.

New connections through the ASA will be allowed and system logs will be sent to server 10.10.2.41.

E.

New connections through the ASA will be allowed and informational system logs will be sent to the internal buffer.

F.

New connections through the ASA will be allowed and debug system logs will be sent to the internal buffer.

 

Correct Answer: B

Explanation:

This is shown by the following screen shot:

 

clip_image010

 

 

QUESTION 134

Enabling what security mechanism can prevent an attacker from gaining network topology information from CDP?

 

A.

MACsec

B.

Flex VPN

C.

Control Plane Protection

D.

Dynamic Arp Inspection

 

Correct Answer: A

 

QUESTION 135

Which URL matches the regex statement “http”*/”www.cisco.com/”*[^E]”xe”?

 

A.

https://www.cisco.com/ftp/ios/tftpserver.exe

B.

https://cisco.com/ftp/ios/tftpserver.exe

C.

http:/www.cisco.com/ftp/ios/tftpserver.Exe

D.

https:/www.cisco.com/ftp/ios/tftpserver.EXE

 

Correct Answer: A

 

 

QUESTION 136

Which command is used to nest objects in a pre-existing group?

 

A.

object-group

B.

network group-object

C.

object-group network

D.

group-object

 

Correct Answer: D

 

 

QUESTION 137

Which technology can be deployed with a Cisco ASA 1000V to segregate Layer 2 access within a virtual cloud environment?

 

A.

Cisco Nexus 1000V

B.

Cisco VSG

C.

WSVA

D.

ESVA

 

Correct Answer: A

 

 

QUESTION 138

Enabling what security mechanism can prevent an attacker from gaining network topology information from CDP via a man-in-the-middle attack?

 

A.

MACsec

B.

Flex VPN

C.

Control Plane Protection

D.

Dynamic Arp Inspection

 

Correct Answer: A

 

 

QUESTION 139

You have explicitly added the line deny ipv6 any log to the end of an IPv6 ACL on a router interface. Which two ICMPv6 packet types must you explicitly allow to enable traffic to traverse the interface? (Choose two.)

 

neighbor solicitation

A.

router solicitation

B.

router advertisement

C.

D.

neighbor advertisement

E.

redirect

 

Correct Answer: CD

 

 

QUESTION 140

When you install a Cisco ASA AIP-SSM, which statement about the main Cisco ASDM home page is true?

 

A.

It is replaced by the Cisco AIP-SSM home page.

B.

It must reconnect to the NAT policies database.

C.

The administrator can manually update the page.

D.

It displays a new Intrusion Prevention panel.

 

Correct Answer: D

100% Free Download!
—Download Free Demo:300-206 Demo PDF
100% Pass Guaranteed!
Download 2017 Ensurepass 300-206 Full Exam PDF and VCE Q&As:222
—Get 10% off your purchase! Copy it:8GTC-8UIE-M1SC [2017.04.01-2017.04.30]

Ensurepass ExamCollection Testking
Lowest Price Guarantee Yes No No
Up-to-Dated Yes No No
Real Questions Yes No No
Explanation Yes No No
PDF + VCE Yes No No
Free VCE Simulator Yes No No
Instant Download Yes No No

2017 Ensurepass IT Certification PDF and VCE

HOT EXAM!
Proudly powered by WordPress   Premium Style Theme by www.gopiplus.com