300-206 Exam Questions - Online Test
300-206 Premium VCE File
150 Lectures, 20 Hours
Q1. Which two options are purposes of the packet-tracer command? (Choose two.)
A. to filter and monitor ingress traffic to a switch
B. to configure an interface-specific packet trace
C. to simulate network traffic through a data path
D. to debug packet drops in a production network
E. to automatically correct an ACL entry in an ASA
Answer: C,D
Q2. CORRECT TEXT
Answer: Please check the steps in explanation part below:
Q3. A switch is being configured at a new location that uses statically assigned IP addresses. Which will ensure that ARP inspection works as expected?
A. Configure the 'no-dhcp' keyword at the end of the ip arp inspection command
B. Enable static arp inspection using the command 'ip arp inspection static vlan vlan-number
C. Configure an arp access-list and apply it to the ip arp inspection command
D. Enable port security
Answer: C
Q4. What are two reasons for implementing NIPS at enterprise Internet edges? (Choose two.)
A. Internet edges typically have a lower volume of traffic and threats are easier to detect.
B. Internet edges typically have a higher volume of traffic and threats are more difficult to detect.
C. Internet edges provide connectivity to the Internet and other external networks.
D. Internet edges are exposed to a larger array of threats.
E. NIPS is more optimally designed for enterprise Internet edges than for internal network configurations.
Answer: C,D
Q5. A network engineer is troubleshooting and configures the ASA logging level to debugging. The logging-buffer is dominated by %ASA-6-305009 log messages. Which command suppresses those syslog messages while maintaining ability to troubleshoot?
A. no logging buffered 305009
B. message 305009 disable
C. no message 305009 logging
D. no logging message 305009
Answer: D
Q6. At which layer does MACsec provide encryption?
A. Layer 1
B. Layer 2
C. Layer 3
D. Layer 4
Answer: B
Q7. Which function does DNSSEC provide in a DNS infrastructure?
A. It authenticates stored information.
B. It authorizes stored information.
C. It encrypts stored information.
D. It logs stored security information.
Answer: A
Q8. Which configuration keyword will configure SNMPv3 with authentication but no encryption?
A. Auth
B. Priv
C. No auth
D. Auth priv
Answer: A
Q9. Which option is the default logging buffer size In memory of the Cisco ASA adaptive security appliance?
A. 8KB
B. 32KB
C. 2KB
D. 16KB
E. 4KB
Answer: E
Explanation:
http://www.cisco.com/c/en/us/td/docs/security/asa/asa91/configuration/general/asa_91_gen eral_c onfig/ monitor_syslog.html
Q10. Refer to the exhibit.
Which type of ACL is shown in this configuration?
A. IPv4
B. IPv6
C. unified
D. IDFW
Answer: C
- [2021-New] Cisco 640-916 Dumps With Update Exam Questions (81-87)
- [2021-New] Cisco 300-320 Dumps With Update Exam Questions (131-140)
- [2021-New] Cisco 300-320 Dumps With Update Exam Questions (61-70)
- [2021-New] Cisco 400-201 Dumps With Update Exam Questions (101-110)
- [2021-New] Cisco 300-115 Dumps With Update Exam Questions (5-15)
- [2021-New] Cisco 300-206 Dumps With Update Exam Questions (101-110)
- [2021-New] Cisco 300-207 Dumps With Update Exam Questions (61-70)
- [2021-New] Cisco 300-075 Dumps With Update Exam Questions (131-140)
- [2021-New] Cisco 300-115 Dumps With Update Exam Questions (1-10)
- [2021-New] Cisco 352-001 Dumps With Update Exam Questions (31-40)