300-206 Exam Questions - Online Test
300-206 Premium VCE File
150 Lectures, 20 Hours
Q1. A rogue device has connected to the network and has become the STP root bridge, which has caused a network availability issue.
Which two commands can protect against this problem? (Choose two.)
A. switch(config)#spanning-tree portfast bpduguard default
B. switch(config)#spanning-tree portfast bpdufilter default
C. switch(config-if)#spanning-tree portfast
D. switch(config-if)#spanning-tree portfast disable
E. switch(config-if)#switchport port-security violation protect
F. switch(config-if)#spanning-tree port-priority 0
Answer: A,C
Q2. All 30 users on a single floor of a building are complaining about network slowness. After investigating the access switch, the network administrator notices that the MAC address table is full (10,000 entries) and all traffic is being flooded out of every port. Which action can the administrator take to prevent this from occurring?
A. Configure port-security to limit the number of mac-addresses allowed on each port
B. Upgrade the switch to one that can handle 20,000 entries
C. Configure private-vlans to prevent hosts from communicating with one another
D. Enable storm-control to limit the traffic rate
E. Configure a VACL to block all IP traffic except traffic to and from that subnet
Answer: A
Q3. Which Cisco product provides a GUI-based device management tool to configure Cisco access routers?
A. Cisco ASDM
B. Cisco CP Express
C. Cisco ASA 5500
D. Cisco CP
Answer: D
Q4. Refer to the exhibit.
What traffic is being captured by the Cisco ASA adaptive security appliance?
A. UDP traffic sourced from host 10.10.0.12 on port 80
B. TCP traffic destined to host 10.10.0.12 on port 80
C. TCP traffic sourced from host 10.10.0.12 on port 80
D. UDP traffic destined to host 10.10.0.12 on port 80
Answer: C
Q5. What is the result of the default ip ssh server authenticate user command?
A. It enables the public key, keyboard, and password authentication methods. B. It enables the public key authentication method only.
C. It enables the keyboard authentication method only.
D. It enables the password authentication method only.
Answer: A
Q6. Which option is the default logging buffer size In memory of the Cisco ASA adaptive security appliance?
A. 8KB
B. 32KB
C. 2KB
D. 16KB
E. 4KB
Answer: E
Explanation:
http://www.cisco.com/c/en/us/td/docs/security/asa/asa91/configuration/general/asa_91_gen eral_c onfig/ monitor_syslog.html
Q7. Refer to the exhibit.
Which two statements about the SNMP configuration are true? (Choose two.)
A. The router's IP address is 192.168.1.1.
B. The SNMP server's IP address is 192.168.1.1.
C. Only the local SNMP engine is configured.
D. Both the local and remote SNMP engines are configured.
E. The router is connected to the SNMP server via port 162.
Answer: B,D
Q8. You are the administrator of a Cisco ASA 9.0 firewall and have been tasked with ensuring that the Firewall Admins Active Directory group has full access to the ASA configuration. The Firewall Operators Active Directory group should have a more limited level of access.
Which statement describes how to set these access levels?
A. Use Cisco Directory Agent to configure the Firewall Admins group to have privilege level 15 access. Also configure the Firewall Operators group to have privilege level 6 access.
B. Use TACACS+ for Authentication and Authorization into the Cisco ASA CLI, with ACS as the AAA server. Configure ACS CLI command authorization sets for the Firewall Operators group. Configure level 15 access to be assigned to members of the Firewall Admins group.
C. Use RADIUS for Authentication and Authorization into the Cisco ASA CLI, with ACS as the AAA server. Configure ACS CLI command authorization sets for the Firewall Operators group. Configure level 15 access to be assigned to members of the Firewall Admins group.
D. Active Directory Group membership cannot be used as a determining factor for accessing the Cisco ASA CLI.
Answer: B
Q9. Refer to the exhibit.
This command is used to configure the SNMP server on a Cisco router. Which option is the encryption password for the SNMP server?
A. Sha
B. Snmp
C. Group-1
D. Snmpv3
Answer: B
Q10. Which two VPN types can you monitor and control with Cisco Prime Security Manager? (Choose two.)
A. AnyConnect SSL
B. site-to-site
C. clientless SSL
D. IPsec remote-access
Answer: A,D
Explanation: http://www.cisco.com/c/en/us/td/docs/security/asacx/9-1/user/guide/b_User_Guide_for_ASA_CX_and_PRSM_9_1.pdf
- [2021-New] Cisco 300-209 Dumps With Update Exam Questions (81-90)
- [2021-New] Cisco 200-355 Dumps With Update Exam Questions (191-200)
- Cisco 300-430 Rapidshare 2021
- What High Value 700-150 Preparation Is
- [2021-New] Cisco 400-251 Dumps With Update Exam Questions (51-60)
- Up To Date Cisco Security Architecture For Account Managers 700-760 Practice Exam
- [2021-New] Cisco 200-355 Dumps With Update Exam Questions (1-10)
- [2021-New] Cisco 300-075 Dumps With Update Exam Questions (131-140)
- [2021-New] Cisco 210-260 Dumps With Update Exam Questions (11-20)
- [2021-New] Cisco 300-101 Dumps With Update Exam Questions (41-50)