★ Pass on Your First TRY ★ 100% Money Back Guarantee ★ Realistic Practice Exam Questions

Free Instant Download NEW 300-206 Exam Dumps (PDF & VCE):
Available on: https://www.certleader.com/300-206-dumps.html


Proper study guides for Latest Cisco Implementing Cisco Edge Network Security Solutions certified begins with Cisco 300-206 preparation products which designed to deliver the Best Quality 300-206 questions by making you pass the 300-206 test at your first time. Try the free 300-206 demo right now.

2021 Mar 300-206 actual test

Q41. According to Cisco best practices, which two interface configuration commands help prevent VLAN hopping attacks? (Choose two.) 

A. switchport mode access 

B. switchport access vlan 2 

C. switchport mode trunk 

D. switchport access vlan 1 

E. switchport trunk native vlan 1 

F. switchport protected 

Answer: A,B 


Q42. An administrator installed a Cisco ASA that runs version 9.1. You are asked to configure the firewall through Cisco ASDM. 

When you attempt to connect to a Cisco ASA with a default configuration, which username and password grants you full access? 

A. admin / admin 

B. asaAdmin / (no password) 

C. It is not possible to use Cisco ASDM until a username and password are created via the username usernamepassword password CLI command. 

D. enable_15 / (no password) 

E. cisco / cisco 

Answer:


Q43. Which two configurations are necessary to enable password-less SSH login to an IOS router? (Choose two.) 

A. Enter a copy of the administrator's public key within the SSH key-chain 

B. Enter a copy of the administrator's private key within the SSH key-chain 

C. Generate a 512-bit RSA key to enable SSH on the router 

D. Generate an RSA key of at least 768 bits to enable SSH on the router 

E. Generate a 512-bit ECDSA key to enable SSH on the router 

F. Generate a ECDSA key of at least 768 bits to enable SSH on the router 

Answer: A,D 


Q44. Which command configures the SNMP server group1 to enable authentication for members of the access list east? 

A. snmp-server group group1 v3 auth access east 

B. snmp-server group1 v3 auth access east 

C. snmp-server group group1 v3 east 

D. snmp-server group1 v3 east access 

Answer:


Q45. Which option describes the purpose of the input parameter when you use the packet-tracer command on a Cisco device? 

A. to provide detailed packet-trace information 

B. to specify the source interface for the packet trace 

C. to display the trace capture in XML format 

D. to specify the protocol type for the packet trace 

Answer:


Renovate 300-206 free exam:

Q46. Which two TCP ports must be open on the Cisco Security Manager server to allow the server to communicate with the Cisco Security Manager client? (Choose two.) 

A. 1741 

B. 443 

C. 80 

D. 1740 

E. 8080 

Answer: A,B 


Q47. All 30 users on a single floor of a building are complaining about network slowness. After investigating the access switch, the network administrator notices that the MAC address table is full (10,000 entries) and all traffic is being flooded out of every port. Which action can the administrator take to prevent this from occurring? 

A. Configure port-security to limit the number of mac-addresses allowed on each port 

B. Upgrade the switch to one that can handle 20,000 entries 

C. Configure private-vlans to prevent hosts from communicating with one another 

D. Enable storm-control to limit the traffic rate 

E. Configure a VACL to block all IP traffic except traffic to and from that subnet 

Answer:


Q48. Which statement describes the correct steps to enable Botnet Traffic Filtering on a Cisco ASA version 9.0 transparent-mode firewall with an active Botnet Traffic Filtering license? 

A. Enable DNS snooping, traffic classification, and actions. 

B. Botnet Traffic Filtering is not supported in transparent mode. 

C. Enable the use of the dynamic database, enable DNS snooping, traffic classification, and actions. 

D. Enable the use of dynamic database, enable traffic classification and actions. 

Answer:


Q49. Which two features does Cisco Security Manager provide? (Choose two.) 

A. Configuration and policy deployment before device discovery 

B. Health and performance monitoring 

C. Event management and alerting 

D. Command line menu for troubleshooting 

E. Ticketing management and tracking 

Answer: B,C 


Q50. Which two statements about Cisco IOS Firewall are true? (Choose two.) 

A. It provides stateful packet inspection. 

B. It provides faster processing of packets than Cisco ASA devices provide. 

C. It provides protocol-conformance checks against traffic. 

D. It eliminates the need to secure routers and switches throughout the network. 

E. It eliminates the need to secure host machines throughout the network. 

Answer: A,C