Act now and download your Cisco 300-206 test today! Do not waste time for the worthless Cisco 300-206 tutorials. Download Refresh Cisco Implementing Cisco Edge Network Security Solutions exam with real questions and answers and begin to learn Cisco 300-206 with a classic professional.
2021 Apr 300-206 answers
Q71. Which of the following would need to be created to configure an application-layer inspection of SMTP traffic operating on port 2525?
A. A class-map that matches port 2525 and applying an inspect ESMTP policy-map for that class in the global inspection policy
B. A policy-map that matches port 2525 and applying an inspect ESMTP class-map for that policy
C. An access-list that matches on TCP port 2525 traffic and applying it on an interface with the inspect option
D. A class-map that matches port 2525 and applying it on an access-list using the inspect option
Answer: A
Q72. Which component does Cisco ASDM require on the host Cisco ASA 5500 Series or Cisco PIX security appliance?
A. a DES or 3DES license
B. a NAT policy server
C. a SQL database
D. a Kerberos key
E. a digital certificate
Answer: A
Q73. Which option is the Cisco ASA on-box graphical management solution?
A. SSH
B. ASDM
C. Console
D. CSM
Answer: B
Q74. Which command is used to nest objects in a pre-existing group?
A. object-group
B. network group-object
C. object-group network
D. group-object
Answer: D
Q75. Which statement about how the Cisco ASA supports SNMP is true?
A. All SNMFV3 traffic on the inside interface will be denied by the global ACL
B. The Cisco ASA and ASASM provide support for network monitoring using SNMP Versions 1,2c, and 3, but do not support the use of all three versions simultaneously.
C. The Cisco ASA and ASASM have an SNMP agent that notifies designated management ,. stations if events occur that are predefined to require a notification, for example, when a link in the network goes up or down.
D. SNMPv3 is enabled by default and SNMP v1 and 2c are disabled by default.
E. SNMPv3 is more secure because it uses SSH as the transport mechanism.
Answer: C
Explanation:
This can be verified by this ASDM screen shot:
Leading 300-206 practice test:
Q76. A network printer has a DHCP server service that cannot be disabled. How can a layer 2 switch be configured to prevent the printer from causing network issues?
A. Remove the ip helper-address
B. Configure a Port-ACL to block outbound TCP port 68
C. Configure DHCP snooping
D. Configure port-security
Answer: C
Q77. CORRECT TEXT
Answer: Please check the steps in explanation part below:
Q78. What are two reasons for implementing NIPS at enterprise Internet edges? (Choose two.)
A. Internet edges typically have a lower volume of traffic and threats are easier to detect.
B. Internet edges typically have a higher volume of traffic and threats are more difficult to detect.
C. Internet edges provide connectivity to the Internet and other external networks.
D. Internet edges are exposed to a larger array of threats.
E. NIPS is more optimally designed for enterprise Internet edges than for internal network configurations.
Answer: C,D
Q79. Prior to a software upgrade, which Cisco Prime Infrastructure feature determines if
the devices being upgraded have sufficient RAM to support te new software ?
A. Software Upgrade Report
B. Image Management Report
C. Upgrade Analysis Report
D. Image Analysis Report
Answer: C
Q80. Which two statements about Cisco IDS are true? (Choose two.)
A. It is preferred for detection-only deployment.
B. It is used for installations that require strong network-based protection and that include sensor tuning.
C. It is used to boost sensor sensitivity at the expense of false positives.
D. It is used to monitor critical systems and to avoid false positives that block traffic.
E. It is used primarily to inspect egress traffic, to filter outgoing threats.
Answer: A,D