Get all latest (August) Cisco 300-206 Actual Test 101-110

By | August 8, 2015

Ensurepass

 

QUESTION 101

At which layer does MACsec provide encryption?

 

A.

Layer 1

B.

Layer 2

C.

Layer 3

D.

Layer 4

 

Correct Answer: B

 

 

QUESTION 102

Which log level provides the most detail on the Cisco Web Security Appliance?

 

A.

Debug

B.

Critical

C.

Trace

D.

Informational

 

Correct Answer: C

 

 

QUESTION 103

A Cisco ASA is configured for TLS proxy. When should the security appliance force remote IP phones connecting to the phone proxy through the internet to be in secured mode?

 

A.

When the Cisco Unified Communications Manager cluster is in non-secure mode

B.

When the Cisco Unified Communications Manager cluster is in secure mode only

C.

When the Cisco Unified Communications Manager is not part of a cluster

D.

When the Cisco ASA is configured for IPSec VPN

 

Correct Answer: A

 

 

QUESTION 104

A network engineer is asked to configure NetFlow to sample one of every 100 packets on a router’s fa0/0 interface. Which configuration enables sampling, assuming that NetFlow is already configured and running on the router’s fa0/0 interface?

 

A.

flow-sampler-map flow1

mode random one-out-of 100

interface fas0/0

flow-sampler flow1

B.

flow monitor flow1

mode random one-out-of 100

interface fas0/0

ip flow monitor flow1

C.

flow-sampler-map flow1

one-out-of 100

interface fas0/0

flow-sampler flow1

D.

ip flow-export source fas0/0 one-out-of 100

 

Correct Answer: A

 

 

QUESTION 105

Which two features are supported when configuring clustering of multiple Cisco ASA appliances? (Choose two.)

 

A.

NAT

B.

dynamic routing

C.

SSL remote access VPN

D.

IPSec remote access VPN

 

Correct Answer: AB

 

 

 

 

 

QUESTION 106

Refer to the exhibit. What is the effect of this configuration?

 

clip_image002

 

A.

The firewall will inspect IP traffic only between networks 192.168.1.0 and 192.168.2.0.

B.

The firewall will inspect all IP traffic except traffic to 192.168.1.0 and 192.168.2.0.

C.

The firewall will inspect traffic only if it is defined within a standard ACL.

D.

The firewall will inspect all IP traffic.

 

< p class="MsoNormal" style="cursor: auto; margin: 0cm 0cm 0pt; line-height: normal; text-autospace: ; mso-layout-grid-align: none" align="left">Correct Answer: A

 

 

QUESTION 107

An administrator is deploying port-security to restrict traffic from certain ports to specific MAC addresses. Which two considerations must an administrator take into account when using the switchport port-security mac-address sticky command? (Choose two.)

 

A.

The configuration will be updated with MAC addresses from traffic seen ingressing the port. The configuration will automatically be saved to NVRAM if no other changes to the configuration have been made.

B.

The configuration will be updated with MAC addresses from traffic seen ingressing the port. The configuration will not automatically be saved to NVRAM.

C.

Only MAC addresses with the 5th most significant bit of the address (the ‘sticky’ bit) set to 1 will be learned.

D.

If configured on a trunk port without the ‘vlan’ keyword, it will apply to all vlans.

E.

If configured on a trunk port without the ‘vlan’ keyword, it will apply only to the native vlan.

 

Correct Answer: BE

 

 

QUESTION 108

What is the default behavior of an access list on a Cisco ASA?

 

A.

It will permit or deny traffic based on the access list criteria.

B.

It will permit or deny all traffic on a specified interface.

C.

It will have no affect until applied to an interface, tunnel-group or other traffic flow.

D.

It will allow all traffic.

 

Correct Answer: C

 

 

QUESTION 109

What are three of the RBAC views within Cisco IOS Software? (Choose three.)

 

A.

Admin

B.

CLI

C.

Root

D.

Super Admin

E.

Guest

F.

Super

 

Correct Answer: BCF

 

 

QUESTION 110

Which Cisco product provides a GUI-based device management tool to configure Cisco access routers?

 

A.

Cisco ASDM

B.

Cisco CP Express

C.

Cisco ASA 5500

D.

Cisco CP

 

Correct Answer: D

 

Free VCE & PDF File for Cisco 300-206 Real Exam

Instant Access to Free VCE Files: CCNA | CCNP | CCIE …
Instant Access to Free PDF Files: CCNA | CCNP | CCIE …