[Free] 2017(Apr) Ensurepass Testking Cisco 300-206 Latest Dumps 141-150

Ensurepass
2017 April Cisco Official New Released 300-206 Q&As
100% Free Download! 100% Pass Guaranteed!
http://www.ensurepass.com/300-206.html

Implementing Cisco Edge Network Security Solutions

QUESTION 141

Refer to the exhibit. What type of attack is being mitigated on the Cisco ASA appliance?

 

clip_image002

 

A.

HTTP and POST flood attack

B.

HTTP Compromised-Key Attack

C.

HTTP Shockwave Flash exploit

D.

HTTP SQL injection attack

 

Correct Answer: D

 

 

QUESTION 142

Which component does Cisco ASDM require on the host Cisco ASA 5500 Series or Cisco PIX security appliance?

 

A.

a DES or 3DES license

B.

a NAT policy server

C.

a SQL database

D.

a Kerberos key

E.

a digital certificate

 

Correct Answer: A

 

 

QUESTION 143

You are a network security engineer for the Secure-X network. You have been tasked with implementing dynamic network object NAT with PAT on a Cisco ASA. You must configure the Cisco ASA such that the source IP addresses of all internal hosts are translated to a single IP address (using different ports) when the internal hosts access the Internet.

 

To successfully complete this activity, you must perform the following tasks:

 

clip_image004Use the Cisco ASDM GUI on the Admin PC to configure dynamic network object NAT with PAT using the following parameters:

clip_image004[1]Network object name: Internal-Networks

clip_image004[2]IP subnet: 10.10.0.0/16

clip_image004[3]Translated IP address: 192.0.2.100

clip_image004[4]Source interface: inside

clip_image004[5]Destination interface: outside

 

NOTE: The object (TRANSLATED-INSIDE-HOSTS) for this translated IP address has already been created for your use in this activity.

NOTE: Not all ASDM screens are active for this exercise.

NOTE: Login credentials are not needed for this simulation.

 

clip_image004[6]In the Cisco ASDM, display and view the auto-generated NAT rule.

clip_image004[7]From the Employee PC, generate traffic to SP-SRV by opening a browser and navigating to http://sp-srv.sp.public.

clip_image004[8]From the Guest PC, generate traffic to SP-SRV by opening a browser and navigating to http://sp-srv.sp.public.

clip_image004[9]At the CLI of the Cisco ASA, display your NAT configuration. You should see the configured policy and statistics for translated packets.

clip_image004[10]At the CLI of the Cisco ASA, display the translation table. You should see dynamic translations for the Employee PC and the
Guest PC. Both inside IP addresses translate to the same IP address, but using different ports.

 

You have completed this exercise when you have configured and successfully tested dynamic network object NAT with PAT.

 

clip_image006

clip_image008

clip_image010

clip_image012

 

Correct Answer:

Explanation:

First, click on Add – Network Objects on the Network Objects/Groups tab and fill in the information as shown below:

 

clip_image014

Then, use the advanced tab and configure it as shown below:

 

clip_image016

 

Then hit OK, OK again, Apply, and then Send when prompted. You can verify using the instructions provided in the question.

 

 

QUESTION 144

If you encounter problems logging in to the Cisco Security Manager 4.4 web server or client or backing up its databases, which account has most likely been improperly modified?

 

A.

admin (the default administrator account)

B.

casuser (the default service account)

C.

guest (the default guest account)

D.

user (the default user account)

 

Correct Answer: B

 

 

 

 

 

 

 

 

 

QUESTION 145

Refer to the exhibit. Which type of ACL is shown in this configuration?

 

clip_image017

 

A.

IPv4

B.

IPv6

C.

unified

D.

IDFW

 

Correct Answer: C

 

 

QUESTION 146

What are three ways to add devices in Cisco Prime Infrastructure? (Choose three.)

 

A.

Use an automated process.

B.

Import devices from a CSV file.

C.

Add devices manually.

D.

Use RADIUS.

E.

Use the Access Control Server.

F.

Use Cisco Security Manager.

 

Correct Answer: ABC

 

 

QUESTION 147

When you configure a Botnet Traffic Filter on a Cisco firewall, what are two optional tasks? (Choose two.)

 

A.

Enable the use of dynamic databases.

B.

Add static entr
ies to the database.

C.

Enable DNS snooping.

D.

Enable traffic classification and actions.

E.

Block traffic manually based on its syslog information.

 

Correct Answer: BE

 

 

QUESTION 148

In which way are management packets classified on a firewall that operates in multiple context mode?

 

A.

by their interface IP address

B.

by the routing table

C.

by NAT

D.

by their MAC addresses

 

Correct Answer: A

QUESTION 149

Which three commands can be used to harden a switch? (Choose three.)

 

A.

switch(config-if)# spanning-tree bpdufilter enable

B.

switch(config)# ip dhcp snooping

C.

switch(config)# errdisable recovery interval 900

D.

switch(config-if)# spanning-tree guard root

E.

switch(config-if)# spanning-tree bpduguard disable

F.

switch(config-if)# no cdp enable

 

Correct Answer: BDF

 

 

QUESTION 150

Which three logging methods are supported by Cisco routers? (Choose three.)

 

A.

console logging

B.

TACACS+ logging

C.

terminal logging

D.

syslog logging

E.

ACL logging

F.

RADIUS logging

 

Correct Answer: ACD

100% Free Download!
—Download Free Demo:300-206 Demo PDF
100% Pass Guaranteed!
Download 2017 Ensurepass 300-206 Full Exam PDF and VCE Q&As:222
—Get 10% off your purchase! Copy it:8GTC-8UIE-M1SC [2017.04.01-2017.04.30]

Ensurepass ExamCollection Testking
Lowest Price Guarantee Yes No No
Up-to-Dated Yes No No
Real Questions Yes No No
Explanation Yes No No
PDF + VCE Yes No No
Free VCE Simulator Yes No No
Instant Download Yes No No

2017 Ensurepass IT Certification PDF and VCE

HOT EXAM!
Proudly powered by WordPress   Premium Style Theme by www.gopiplus.com