Our Cisco 300-206 simulated tests contain every little thing you will encounter within the real exam. Ucertifys This professionals are committed to making the most precise along with original Cisco Cisco practice questions along with answers which are published with large standards regarding accuracy. All the 300-206 training materials are presented in Pdf files and Examination Engine software. Youll be able to download them on the PC for totally free. Pdf files are printable along with portable and the examination engine are downloadable.

2021 Apr 300-206 test engine

Q91. All 30 users on a single floor of a building are complaining about network slowness. After investigating the access switch, the network administrator notices that the MAC address table is full (10,000 entries) and all traffic is being flooded out of every port. Which action can the administrator take to prevent this from occurring? 

A. Configure port-security to limit the number of mac-addresses allowed on each port 

B. Upgrade the switch to one that can handle 20,000 entries 

C. Configure private-vlans to prevent hosts from communicating with one another 

D. Enable storm-control to limit the traffic rate 

E. Configure a VACL to block all IP traffic except traffic to and from that subnet 

Answer:


Q92. Refer to the exhibit. What is the effect of this configuration? 

A. The firewall will inspect IP traffic only between networks 192.168.1.0 and 192.168.2.0. 

B. The firewall will inspect all IP traffic except traffic to 192.168.1.0 and 192.168.2.0. 

C. The firewall will inspect traffic only if it is defined within a standard ACL. 

D. The firewall will inspect all IP traffic. 

Answer:


Q93. What is a required attribute to configure NTP authentication on a Cisco ASA? 

A. Key ID 

B. IPsec 

C. AAA 

D. IKEv2 

Answer:


Q94. How much storage is allotted to maintain system,configuration , and image files on the Cisco ASA 1000V during OVF template file deployment? 

A. 1GB 

B. 5GB 

C. 2GB 

D. 10GB 

Answer:


Q95. Which two options are protocols and tools that are used by the management plane when discussing Cisco ASA general management plane hardening? ( Choose two ) 

A. Unicast Reverse Path Forwarding 

B. NetFlow 

C. Routing Protocol Authentication 

D. Threat detection 

E. Syslog 

F. ICMP unreachables 

G. Cisco URL Filtering 

Answer: B,E 

Explanation: http://www.cisco.com/web/about/security/intelligence/firewall-best-practices.html 


Rebirth 300-206 vce:

Q96. Which option is a different type of secondary VLAN? 

A. Transparent 

B. Promiscuous 

C. Virtual 

D. Community 

Answer:


Q97. In your role as network security administrator, you have installed syslog server software on a server whose IP address is 10.10.2.40. According to the exhibits, why isn’t the syslog server receiving any syslog messages? 

A. Logging is not enabled globally on the Cisco ASA. 

B. The syslog server has failed. 

C. There have not been any events with a severity level of seven. 

D. The Cisco ASA is not configured to log messages to the syslog server at that IP address. 

Answer:

Explanation: By process of elimination, we know that the other answers choices are not correct so that only leaves us with the server must have failed. We can see from the following screen shots, that events are being generated with severity level of debugging and below, The 10.10.2.40 IP address has been configured as a syslog server, and that logging has been enabled globally: 

\\psf\Home\.Trash\Screen Shot 2015-06-11 at 8.38.59 PM.png 


Q98. Which feature is a limitation of a Cisco ASA 5555-X running 8.4.5 version with multiple contexts? 

A. Deep packet inspection 

B. Packet tracer 

C. IPsec 

D. Manual/auto NAT 

E. Multipolicy packet capture 

Answer:


Q99. Which action is considered a best practice for the Cisco ASA firewall? 

A. Use threat detection to determine attacks 

B. Disable the enable password 

C. Disable console logging D. Enable ICMP permit to monitor the Cisco ASA interfaces 

E. Enable logging debug-trace to send debugs to the syslog server 

Answer:


Q100. Which two statements about zone-based firewalls are true? (Choose two.) 

A. More than one interface can be assigned to the same zone. 

B. Only one interface can be in a given zone. 

C. An interface can only be in one zone. 

D. An interface can be a member of multiple zones. 

E. Every device interface must be a member of a zone. 

Answer: A,C