Download New Latest (May) Cisco 300-206 Actual Tests 11-20

By | May 15, 2015

Ensurepass

 

QUESTION 11

Which option describes the purpose of the input parameter when you use the packet-tracer command on a Cisco device?

 

A.

to provide detailed packet-trace information

B.

to specify the source interface for the packet trace

C.

to display the trace capture in XML format

D.

to specify the protocol type for the packet trace

 

Answer: B

 

 

QUESTION 12

Which threat-detection feature is used to keep track of suspected attackers who create connections to too many hosts or ports?

 

A.

complex threat detection

B.

scanning threat detection

C.

basic threat detection

D.

advanced threat detection

 

Answer: B

 

 

QUESTION 13

A Cisco ASA is configured for TLS proxy. When should the security appliance force remote IP phones connecting to the phone proxy through the internet to be in secured mode?

 

A.

When the Cisco Unified Communications Manager cluster is in non-secure mode

B.

When the Cisco Unified Communications Manager cluster is in secure mode only

C.

When the Cisco Unified Communications Manager is not part of a cluster

D.

When the Cisco ASA is configured for IPSec VPN

 

Answer: A

 

 

QUESTION 14

What are three features of the Cisco ASA 1000V? (Choose three.)

 

A.

cloning the Cisco ASA 1000V

B.

dynamic routing

C.

the Cisco VNMC policy agent

D.

IPv6

E.

active/standby failover

F.

QoS

 

Answer: ACE

 

 

QUESTION 15

Which three commands can be used to harden a switch? (Choose three.)

 

A.

switch(config-if)# spanning-tree bpdufilter enable

B.

switch(config)# ip dhcp snooping

C.

switch(config)# errdisable recovery interval 900

D.

switch(config-if)# spanning-tree guard root

E.

switch(config-if)# spanning-tree bpduguard disable

F.

switch(config-if)# no cdp enable

 

Answer: BDF

 

 

QUESTION 16

Which statement about Cisco IPS Manager Express is true?

 

A.

It provides basic device management for large-scale deployments.

B.

It provides a GUI for configuring IPS sensors and security modules.

C.

It enables communication with Cisco ASA devices that have no administrative access.

D.

It provides greater security than simple ACLs.

 

Answer: B

 

 

QUESTION 17

What are two reasons to implement Cisco IOS MPLS Bandwidth-Assured Layer 2 Services? (Choose two.)

 

A.

guaranteed bandwidth and peak rates as well as low cycle periods, regardless of which systems access the device

B.

increased resiliency through MPLS FRR for AToM circuits and better bandwidth utilization through MPLS TE

C.

enabled services over an IP/MPLS infrastructure, for enhanced MPLS Layer 2 functionality

D.

provided complete proactive protection against frame and device spoofing

 

Answer: BC

 

 

QUESTION 18

What is the primary purpose of stateful pattern recognition in Cisco IPS networks?

 

A.

mitigating man-in-the-middle attacks

B.

using multipacket inspection across all protocols to identify vulnerability-based attacks and to thwart attacks that hide within a data stream

C.

detecting and preventing MAC address spoofing in switched environments

D.

identifying Layer 2 ARP attacks

 

Answer: B

 

 

QUESTION 19

To which interface on a Cisco ASA 1000V firewall should a security profile be applied when a VM sits behind it?

 

< font style="font-size: 10pt" color="#000000">A.

outside

B.

inside

C.

management

D.

DMZ

 

Answer: B

 

 

QUESTION 20

What is the default behavior of NAT control on Cisco ASA Software Version 8.3?

 

A.

NAT control has been deprecated on Cisco ASA Software Version 8.3.

B.

It will prevent traffic from traversing from one enclave to the next without proper access configuration.

C.

It will allow traffic to traverse from one enclave to the next without proper access configuration.

D.

It will deny all traffic.

 

Answer: A

Free VCE & PDF File for Cisco 300-206 Real Exam

Instant Access to Free VCE Files: CCNA | CCNP | CCIE …
Instant Access to Free PDF Files: CCNA | CCNP | CCIE …