300-206 Real PDF Exam Material
Test Information:
Total Questions: 202
Test Number: 300-206
Vendor Name: CISCO
Cert Name: CCNP Security
Test Name: Implementing Cisco Edge Network Security Solutions (SENSS)
Official Site:http://www.examsboost.com
For More Details: http://www.examsboost.com/test/300-206/Question: 1
Which statement about Cisco ASA multicast routing support is true?
A. The Cisco ASA appliance supports PIM dense mode, sparse mode, and BIDIR-PIM.
B. The Cisco ASA appliance supports only stub multicast routing by forwarding IGMP messages from multicastreceivers to the upstream multicast router.
C. The Cisco ASA appliance supports DVMRP and PIM.
D. The Cisco ASA appliance supports either stub multicast routing or PIM, but both cannot be enabled at thesame time.
E. The Cisco ASA appliance supports only IGMP v1.
Answer: D
Question: 2
How many interfaces can a Cisco ASA bridge group support and how many bridge groups can a Cisco ASA appliance support?
A. up to 2 interfaces per bridge group and up to 4 bridge groups per Cisco ASA appliance
B. up to 2 interfaces per bridge group and up to 8 bridge groups per Cisco ASA appliance
C. up to 4 interfaces per bridge group and up to 4 bridge groups per Cisco ASA appliance
D. up to 4 interfaces per bridge group and up to 8 bridge groups per Cisco ASA appliance
E. up to 8 interfaces per bridge group and up to 4 bridge groups per Cisco ASA appliance
F. up to 8 interfaces per bridge group and up to 8 bridge groups per Cisco ASA appliance
Answer: D
Question: 3
Which addresses are considered "ambiguous addresses" and are put on the greylist by the Cisco ASA botnet traffic filter feature?
A. addresses that are unknown
B. addresses that are on the greylist identified by the dynamic database
C. addresses that are blacklisted by the dynamic database but also are identified by the static whitelist
D. addresses that are associated with multiple domain names, but not all of these domain names are on the blacklist
Answer: D
Question: 4
For which purpose is the Cisco ASA CLI command aaa authentication match used?
A. Enable authentication for SSH and Telnet connections to the Cisco ASA appliance.
B. Enable authentication for console connections to the Cisco ASA appliance.
C. Enable authentication for connections through the Cisco ASA appliance.
D. Enable authentication for IPsec VPN connections to the Cisco ASA appliance.
E. Enable authentication for SSL VPN connections to the Cisco ASA appliance.
F. Enable authentication for Cisco ASDM connections to the Cisco ASA appliance.
Answer: C
Question: 5
A network engineer is asked to configure NetFlow to sample one of every 100 packets on a router's fa0/0 interface. Which configuration enables sampling, assuming that NetFlow is already configured and running on the router's fa0/0 interface?
A. flow-sampler-map flow1mode random one-out-of 100 interface fas0/0 flow-sampler flow1
B. flow monitor flow1mode random one-out-of 100 interface fas0/0 ip flow monitor flow1
C. flow-sampler-map flow1one-out-of 100 interface fas0/0 flow-sampler flow1
D. ip flow-export source fas0/0 one-out-of 100
Answer: A
Question: 6
What is the default log level on the Cisco Web Security Appliance?
A. Trace
B. Debug
C. Informational
D. Critical
Answer: C
Question: 7
Which command sets the source IP address of the NetFlow exports of a device?
A. ip source flow-export
B. ip source netflow-export
C. ip flow-export source
D. ip netflow-export source
Answer: C
Question: 8
Which two SNMPv3 features ensure that SNMP packets have been sent securely?" Choose two.
A. host authorization
B. authentication
C. encryption
D. compression
Answer: BC
Question: 9
Which three logging methods are supported by Cisco routers? (Choose three.)
A. console logging
B. TACACS+ logging
C. terminal logging
D. syslog logging
E. ACL logging
F. RADIUS logging
Answer: ACD
Question: 10
Post Your Ad Here
Comments