aiotestking uk

300-206 Exam Questions - Online Test


300-206 Premium VCE File

Learn More 100% Pass Guarantee - Dumps Verified - Instant Download
150 Lectures, 20 Hours

Q1. A rogue device has connected to the network and has become the STP root bridge, which has caused a network availability issue. 

Which two commands can protect against this problem? (Choose two.) 

A. switch(config)#spanning-tree portfast bpduguard default 

B. switch(config)#spanning-tree portfast bpdufilter default 

C. switch(config-if)#spanning-tree portfast 

D. switch(config-if)#spanning-tree portfast disable 

E. switch(config-if)#switchport port-security violation protect 

F. switch(config-if)#spanning-tree port-priority 0 

Answer: A,C 

Q2. All 30 users on a single floor of a building are complaining about network slowness. After investigating the access switch, the network administrator notices that the MAC address table is full (10,000 entries) and all traffic is being flooded out of every port. Which action can the administrator take to prevent this from occurring? 

A. Configure port-security to limit the number of mac-addresses allowed on each port 

B. Upgrade the switch to one that can handle 20,000 entries 

C. Configure private-vlans to prevent hosts from communicating with one another 

D. Enable storm-control to limit the traffic rate 

E. Configure a VACL to block all IP traffic except traffic to and from that subnet 

Answer:

Q3. Which Cisco product provides a GUI-based device management tool to configure Cisco access routers? 

A. Cisco ASDM 

B. Cisco CP Express 

C. Cisco ASA 5500 

D. Cisco CP 

Answer:

Q4. Refer to the exhibit. 

What traffic is being captured by the Cisco ASA adaptive security appliance? 

A. UDP traffic sourced from host 10.10.0.12 on port 80 

B. TCP traffic destined to host 10.10.0.12 on port 80 

C. TCP traffic sourced from host 10.10.0.12 on port 80 

D. UDP traffic destined to host 10.10.0.12 on port 80 

Answer:

Q5. What is the result of the default ip ssh server authenticate user command? 

A. It enables the public key, keyboard, and password authentication methods. B. It enables the public key authentication method only. 

C. It enables the keyboard authentication method only. 

D. It enables the password authentication method only. 

Answer:

Q6. Which option is the default logging buffer size In memory of the Cisco ASA adaptive security appliance? 

A. 8KB 

B. 32KB 

C. 2KB 

D. 16KB 

E. 4KB 

Answer:

Explanation: 

http://www.cisco.com/c/en/us/td/docs/security/asa/asa91/configuration/general/asa_91_gen eral_c onfig/ monitor_syslog.html 

Q7. Refer to the exhibit. 

Which two statements about the SNMP configuration are true? (Choose two.) 

A. The router's IP address is 192.168.1.1. 

B. The SNMP server's IP address is 192.168.1.1. 

C. Only the local SNMP engine is configured. 

D. Both the local and remote SNMP engines are configured. 

E. The router is connected to the SNMP server via port 162. 

Answer: B,D 

Q8. You are the administrator of a Cisco ASA 9.0 firewall and have been tasked with ensuring that the Firewall Admins Active Directory group has full access to the ASA configuration. The Firewall Operators Active Directory group should have a more limited level of access. 

Which statement describes how to set these access levels? 

A. Use Cisco Directory Agent to configure the Firewall Admins group to have privilege level 15 access. Also configure the Firewall Operators group to have privilege level 6 access. 

B. Use TACACS+ for Authentication and Authorization into the Cisco ASA CLI, with ACS as the AAA server. Configure ACS CLI command authorization sets for the Firewall Operators group. Configure level 15 access to be assigned to members of the Firewall Admins group. 

C. Use RADIUS for Authentication and Authorization into the Cisco ASA CLI, with ACS as the AAA server. Configure ACS CLI command authorization sets for the Firewall Operators group. Configure level 15 access to be assigned to members of the Firewall Admins group. 

D. Active Directory Group membership cannot be used as a determining factor for accessing the Cisco ASA CLI. 

Answer:

Q9. Refer to the exhibit. 

This command is used to configure the SNMP server on a Cisco router. Which option is the encryption password for the SNMP server? 

A. Sha 

B. Snmp 

C. Group-1 

D. Snmpv3 

Answer:

Q10. Which two VPN types can you monitor and control with Cisco Prime Security Manager? (Choose two.) 

A. AnyConnect SSL 

B. site-to-site 

C. clientless SSL 

D. IPsec remote-access 

Answer: A,D 

Explanation: http://www.cisco.com/c/en/us/td/docs/security/asacx/9-1/user/guide/b_User_Guide_for_ASA_CX_and_PRSM_9_1.pdf