[Free] 2017(Apr) Ensurepass Testking Cisco 300-206 Latest Dumps 51-60

Ensurepass
2017 April Cisco Official New Released 300-206 Q&As
100% Free Download! 100% Pass Guaranteed!
http://www.ensurepass.com/300-206.html

Implementing Cisco Edge Network Security Solutions

QUESTION 51

A Cisco ASA is configured in multiple context mode and has two user-defined contexts–Context_A and Context_B. From which context are device logging messages sent?

 

A.

Admin

B.

Context_A

C.

Context_B

D.

System

 

Correct Answer: A

 

 

QUESTION 52

What are two primary purposes of Layer 2 detection in Cisco IPS networks? (Choose two.)

 

A.

identifying Layer 2 ARP attacks

B.

detecting spoofed MAC addresses and tracking 802.1X actions and data communication after a successful client association

C.

detecting and preventing MAC address spoofing in switched environments

D.

mitigating man-in-the-middle attacks

 

Correct Answer: AD

 

 

QUESTION 53

At which layer does Dynamic ARP Inspection validate packets?

 

A.

Layer 2

B.

Layer 3

C.

Layer 4

D.

Layer 7

 

Correct Answer: A

 

 

QUESTION 54

Your company is replacing a high-availability pair of Cisco ASA 5550 firewalls with the newer Cisco ASA 5555-X models. Due to budget constraints, one Cisco ASA 5550 will be replaced at a time. Which statement about the minimum requirements to set up stateful failover between these two firewalls is true?

 

A.

You must install the USB failover cable between the two Cisco ASAs and provide a 1 Gigabit Ethernet interface for state exchange.

B.

It is not possible to use failover between different Cisco ASA models.

C.

You must have at least 1 Gigabit Ethernet interface between the two Cisco ASAs for state exchange.

D.

You must use two dedicated interfaces. One link is dedicated to state exchange and the other link is for heartbeats.

 

Correct Answer: B

 

 

QUESTION 55

Which two device types can Cisco Prime Security Manager manage in Multiple Device mode? (Choose two.)

 

A.

Cisco ESA

B.

Cisco ASA

C.

Cisco WSA

D.

Cisco ASA CX

 

Correct Answer: BD

 

 

QUESTION 56

When configured in accordance to Cisco best practices, the ip verify source command can mitigate which two types of Layer 2 attacks? (Choose two.)

 

A.

rogue DHCP servers

B.

ARP attacks

C.

DHCP starvation

D.

MAC spoofing

E.

CAM attacks

F.

IP spoofing

 

Correct Answer: DF

 

 

QUESTION 57

Which three options are default settings for NTP parameters on a Cisco ASA? (Choose three.)

 

A.

NTP authentication is enabled.

B.

NTP authentication is disabled.

C.

NTP logging is enabled.

D.

NTP logging is disabled.

E.

NTP traffic is not restricted.

F.

NTP traffic is restricted.

 

Correct Answer: BDE

 

 

QUESTION 58

Which two parameters must be configured before you enable SCP on a router? (Choose two.)

 

A.

SSH

B.

authorization

C.

ACLs

D.

NTP

E.

TACACS+

 

Correct Answer: AB

 

 

QUESTION 59

Which type of object group will allow configuration for both TCP 80 and TCP 443?

 

A.

service

B.

network

C.

time range

D.

user group

 

Correct Answer: A

 

 

QUESTION 60

A rogue device has connected to the network and has become the STP root bridge, which has caused a network availability issue. Which two commands can protect against this problem? (Choose two.)

 

A.

switch(config)#spanning-tree portfast bpduguard default

B.

switch(config)#spanning-tree portfast bpdufilter default

C.

switch(config-if)#spanning-tree portfast

D.

switch(config-if)#spanning-tree portfast disable

E.

switch(config-if)#switchport port-security violation protect

F.

switch(config-if)#spanning-tree port-priority 0

 

Correct Answer: AC

100% Free Download!
—Download Free Demo:300-206 Demo PDF
100% Pass Guaranteed!
Download 2017 Ensurepass 300-206 Full Exam PDF and VCE Q&As:222
—Get 10% off your purchase! Copy it:8GTC-8UIE-M1SC [2017.04.01-2017.04.30]

Ensurepass ExamCollection Testking
Lowest Price Guarantee Yes No No
Up-to-Dated Yes No No
Real Questions Yes No No
Explanation Yes No No
PDF + VCE Yes No No
Free VCE Simulator Yes No No
Instant Download Yes No No

2017 Ensurepass IT Certification PDF and VCE

HOT EXAM!
Proudly powered by WordPress   Premium Style Theme by www.gopiplus.com