aiotestking uk

300-206 Exam Questions - Online Test


300-206 Premium VCE File

Learn More 100% Pass Guarantee - Dumps Verified - Instant Download
150 Lectures, 20 Hours

Q1. Which statement about the configuration of Cisco ASA NetFlow v9 (NSEL) is true? 

A. Use a sysopt command to enable NSEL on a specific interface. 

B. To view bandwidth usage for NetFlow records, you must have QoS feature enabled 

C. NSEL tracks the flow continuously and provides updates every 10 seconds. 

D. You must define a flow-export event type under a policy. 

E. NSEL can be used without a collector configured. 

Answer:

Explanation: 

http://www.cisco.com/c/en/us/td/docs/security/asa/asa84/configuration/guide/asa_84_cli_co nfig/ monitor_nsel.html 

Q2. Which feature is a limitation of a Cisco ASA 5555-X running 8.4.5 version with multiple contexts? 

A. Deep packet inspection 

B. Packet tracer 

C. IPsec 

D. Manual/auto NAT 

E. Multipolicy packet capture 

Answer:

Q3. Which statement about the Cisco Security Manager 4.4 NAT Rediscovery feature is true? 

A. It provides NAT policies to existing clients that connect from a new switch port. 

B. It can update shared policies even when the NAT server is offline. 

C. It enables NAT policy discovery as it updates shared polices. 

D. It enables NAT policy rediscovery while leaving existing shared polices unchanged. 

Answer:

Q4. What command alters the SSL ciphers used by the Cisco Email Security Appliance for TLS sessions and HTTPS access? 

A. sslconfig 

B. sslciphers 

C. tlsconifg 

D. certconfig 

Answer:

Q5. What is the result of the default ip ssh server authenticate user command? 

A. It enables the public key, keyboard, and password authentication methods. B. It enables the public key authentication method only. 

C. It enables the keyboard authentication method only. 

D. It enables the password authentication method only. 

Answer:

Q6. Which statement about Cisco ASA NetFlow v9 (NSEL) is true? 

A. NSEL events match all traffic classes in parallel 

B. NSEL is has a time interval locked at 20 seconds and is not user configurable 

C. NSEL tracks flow-create, flow-teardown, and flow-denied events and generates appropriate NSEL data records 

D. You cannot disable syslog messages that have become redundant because of NSEL 

E. NSEL tracks the flow continuously and provides updates every 10 second 

F. NSEL provides stateless IP flow tracking that exports all record od a specific flow 

Answer:

Explanation: 

http://www.cisco.com/c/en/us/td/docs/security/asa/asa82/configuration/guide/config/monitor _nsel. Html 

Q7. A Cisco ASA is configured in multiple context mode and has two user-defined contexts—Context_A and Context_B. From which context are device logging messages sent? 

A. Admin 

B. Context_A 

C. Context_B 

D. System 

Answer:

Q8. Which two features are supported when configuring clustering of multiple Cisco ASA appliances? (Choose two.) 

A. NAT 

B. dynamic routing 

C. SSL remote access VPN 

D. IPSec remote access VPN 

Answer: A,B 

Q9. Which feature can suppress packet flooding in a network? 

A. PortFast 

B. BPDU guard 

C. Dynamic ARP Inspection 

D. storm control 

Answer:

Q10. When you install a Cisco ASA AIP-SSM, which statement about the main Cisco ASDM home page is true? 

A. It is replaced by the Cisco AIP-SSM home page. 

B. It must reconnect to the NAT policies database. 

C. The administrator can manually update the page. 

D. It displays a new Intrusion Prevention panel. 

Answer: