★ Pass on Your First TRY ★ 100% Money Back Guarantee ★ Realistic Practice Exam Questions
Free Instant Download NEW 300-206 Exam Dumps (PDF & VCE):
Available on:
https://www.certleader.com/300-206-dumps.html
Want to know Testking 300-206 Exam practice test features? Want to lear more about Cisco Implementing Cisco Edge Network Security Solutions certification experience? Study Vivid Cisco 300-206 answers to Renew 300-206 questions at Testking. Gat a success with an absolute guarantee to pass Cisco 300-206 (Implementing Cisco Edge Network Security Solutions) test on your first attempt.
2021 Sep cisco 300-206 study guide:
Q61. To which port does a firewall send secure logging messages?
A. TCP/1500
B. UDP/1500
C. TCP/500
D. UDP/500
Answer: A
Q62. Which two VPN types can you monitor and control with Cisco Prime Security Manager? (Choose two.)
A. AnyConnect SSL
B. site-to-site
C. clientless SSL
D. IPsec remote-access
Answer: A,D
Explanation: http://www.cisco.com/c/en/us/td/docs/security/asacx/9-1/user/guide/b_User_Guide_for_ASA_CX_and_PRSM_9_1.pdf
Q63. When configured in accordance to Cisco best practices, the ip verify source command can mitigate which two types of Layer 2 attacks? (Choose two.)
A. rogue DHCP servers
B. ARP attacks
C. DHCP starvation
D. MAC spoofing
E. CAM attacks
F. IP spoofing
Answer: D,F
Q64. Which three logging methods are supported by Cisco routers? (Choose three.)
A. console logging
B. TACACS+ logging
C. terminal logging
D. syslog logging
E. ACL logging
F. RADIUS logging
Answer: A,C,D
Q65. Which feature can suppress packet flooding in a network?
A. PortFast
B. BPDU guard
C. Dynamic ARP Inspection
D. storm control
Answer: D
Far out cisco ccnp security 300-206 senss:
Q66. Refer to the exhibit.
Which statement about this access list is true?
A. This access list does not work without 6to4 NAT
B. IPv6 to IPv4 traffic permitted on the Cisco ASA by default
C. This access list is valid and works without additional configuration
D. This access list is not valid and does not work at all
E. We can pass only IPv6 to IPv6 and IPv4 to IPv4 traffic
Answer: A
Q67. Which technology can be deployed with a Cisco ASA 1000V to segregate Layer 2 access within a virtual cloud environment?
A. Cisco Nexus 1000V
B. Cisco VSG
C. WSVA
D. ESVA
Answer: A
Q68. Which security operations management best practice should be followed to enable appropriate network access for administrators?
A. Provide full network access from dedicated network administration systems
B. Configure the same management account on every network device
C. Dedicate a separate physical or logical plane for management traffic
D. Configure switches as terminal servers for secure device access
Answer: C
Q69. Which command sets the source IP address of the NetFlow exports of a device?
A. ip source flow-export
B. ip source netflow-export
C. ip flow-export source
D. ip netflow-export source
Answer: C
Q70. Which two configurations are necessary to enable password-less SSH login to an IOS router? (Choose two.)
A. Enter a copy of the administrator's public key within the SSH key-chain
B. Enter a copy of the administrator's private key within the SSH key-chain
C. Generate a 512-bit RSA key to enable SSH on the router
D. Generate an RSA key of at least 768 bits to enable SSH on the router
E. Generate a 512-bit ECDSA key to enable SSH on the router
F. Generate a ECDSA key of at least 768 bits to enable SSH on the router
Answer: A,D