300-206 Exam Questions - Online Test
300-206 Premium VCE File
150 Lectures, 20 Hours
Q1. Which statement about the configuration of Cisco ASA NetFlow v9 (NSEL) is true?
A. Use a sysopt command to enable NSEL on a specific interface.
B. To view bandwidth usage for NetFlow records, you must have QoS feature enabled
C. NSEL tracks the flow continuously and provides updates every 10 seconds.
D. You must define a flow-export event type under a policy.
E. NSEL can be used without a collector configured.
Answer: D
Explanation:
http://www.cisco.com/c/en/us/td/docs/security/asa/asa84/configuration/guide/asa_84_cli_co nfig/ monitor_nsel.html
Q2. Which feature is a limitation of a Cisco ASA 5555-X running 8.4.5 version with multiple contexts?
A. Deep packet inspection
B. Packet tracer
C. IPsec
D. Manual/auto NAT
E. Multipolicy packet capture
Answer: C
Q3. Which statement about the Cisco Security Manager 4.4 NAT Rediscovery feature is true?
A. It provides NAT policies to existing clients that connect from a new switch port.
B. It can update shared policies even when the NAT server is offline.
C. It enables NAT policy discovery as it updates shared polices.
D. It enables NAT policy rediscovery while leaving existing shared polices unchanged.
Answer: D
Q4. What command alters the SSL ciphers used by the Cisco Email Security Appliance for TLS sessions and HTTPS access?
A. sslconfig
B. sslciphers
C. tlsconifg
D. certconfig
Answer: A
Q5. What is the result of the default ip ssh server authenticate user command?
A. It enables the public key, keyboard, and password authentication methods. B. It enables the public key authentication method only.
C. It enables the keyboard authentication method only.
D. It enables the password authentication method only.
Answer: A
Q6. Which statement about Cisco ASA NetFlow v9 (NSEL) is true?
A. NSEL events match all traffic classes in parallel
B. NSEL is has a time interval locked at 20 seconds and is not user configurable
C. NSEL tracks flow-create, flow-teardown, and flow-denied events and generates appropriate NSEL data records
D. You cannot disable syslog messages that have become redundant because of NSEL
E. NSEL tracks the flow continuously and provides updates every 10 second
F. NSEL provides stateless IP flow tracking that exports all record od a specific flow
Answer: C
Explanation:
http://www.cisco.com/c/en/us/td/docs/security/asa/asa82/configuration/guide/config/monitor _nsel. Html
Q7. A Cisco ASA is configured in multiple context mode and has two user-defined contexts—Context_A and Context_B. From which context are device logging messages sent?
A. Admin
B. Context_A
C. Context_B
D. System
Answer: A
Q8. Which two features are supported when configuring clustering of multiple Cisco ASA appliances? (Choose two.)
A. NAT
B. dynamic routing
C. SSL remote access VPN
D. IPSec remote access VPN
Answer: A,B
Q9. Which feature can suppress packet flooding in a network?
A. PortFast
B. BPDU guard
C. Dynamic ARP Inspection
D. storm control
Answer: D
Q10. When you install a Cisco ASA AIP-SSM, which statement about the main Cisco ASDM home page is true?
A. It is replaced by the Cisco AIP-SSM home page.
B. It must reconnect to the NAT policies database.
C. The administrator can manually update the page.
D. It displays a new Intrusion Prevention panel.
Answer: D
- [2021-New] Cisco 300-206 Dumps With Update Exam Questions (41-50)
- [2021-New] Cisco 300-115 Dumps With Update Exam Questions (14-23)
- [2021-New] Cisco 700-020 Dumps With Update Exam Questions (3-12)
- [2021-New] Cisco 300-207 Dumps With Update Exam Questions (1-10)
- [2021-New] Cisco 300-207 Dumps With Update Exam Questions (71-80)
- [2021-New] Cisco 300-101 Dumps With Update Exam Questions (9-18)
- [2021-New] Cisco 200-105 Dumps With Update Exam Questions (1-10)
- 100% Guarantee 400-151 Exam Questions and Answers 2021
- [2021-New] Cisco 400-051 Dumps With Update Exam Questions (10-19)
- [2021-New] Cisco 400-251 Dumps With Update Exam Questions (101-110)