we provide Download Cisco 300 206 senss pdf test engine which are the best for clearing 300 206 senss test, and to get certified by Cisco Implementing Cisco Edge Network Security Solutions. The 300 206 dumps Questions & Answers covers all the knowledge points of the real ccnp security senss 300 206 official cert guide pdf exam. Crack your Cisco ccnp security senss 300 206 official cert guide pdf Exam with latest dumps, guaranteed!
Q111. If you disable PortFast on switch ports that are connected to a Cisco ASA and globally turn on BPDU filtering, what is the effect on the switch ports?
A. The switch ports are prevented from going into an err-disable state if a BPDU is received.
B. The switch ports are prevented from going into an err-disable state if a BPDU is sent.
C. The switch ports are prevented from going into an err-disable state if a BPDU is received and sent.
D. The switch ports are prevented from forming a trunk.
Answer: C
Q112. Cisco Security Manager can manage which three products? (Choose three.)
A. Cisco IOS
B. Cisco ASA
C. Cisco IPS
D. Cisco WLC
E. Cisco Web Security Appliance
F. Cisco Email Security Appliance
G. Cisco ASA CX
H. Cisco CRS
Answer: A,B,C
Q113. A rogue device has connected to the network and has become the STP root bridge, which has caused a network availability issue.
Which two commands can protect against this problem? (Choose two.)
A. switch(config)#spanning-tree portfast bpduguard default
B. switch(config)#spanning-tree portfast bpdufilter default
C. switch(config-if)#spanning-tree portfast
D. switch(config-if)#spanning-tree portfast disable
E. switch(config-if)#switchport port-security violation protect
F. switch(config-if)#spanning-tree port-priority 0
Answer: A,C
Q114. When configured in accordance to Cisco best practices, the ip verify source command can mitigate which two types of Layer 2 attacks? (Choose two.)
A. rogue DHCP servers
B. ARP attacks
C. DHCP starvation
D. MAC spoofing
E. CAM attacks
F. IP spoofing
Answer: D,F
Q115. Which two voice protocols can the Cisco ASA inspect? (Choose two.)
A. MGCP
B. IAX
C. Skype
D. CTIQBE
Answer: A,D
Q116. Which two features block traffic that is sourced from non-topological IPv6 addresses? (Choose two.)
A. DHCPv6 Guard
B. IPv6 Prefix Guard
C. IPv6 RA Guard
D. IPv6 Source Guard
Answer: B,D
Q117. Which two features does Cisco Security Manager provide? (Choose two.)
A. Configuration and policy deployment before device discovery
B. Health and performance monitoring
C. Event management and alerting
D. Command line menu for troubleshooting
E. Ticketing management and tracking
Answer: B,C
Q118. Which set of commands enables logging and displays the log buffer on a Cisco ASA?
A. enable logging
show logging
B. logging enable
show logging
C. enable logging int e0/1
view logging
D. logging enable
logging view config
Answer: B
Q119. Which kind of Layer 2 attack targets the STP root bridge election process and allows an attacker to control the flow of traffic?
A. man-in-the-middle
B. denial of service
C. distributed denial of service
D. CAM overflow
Answer: A
Q120. Which technology can be deployed with a Cisco ASA 1000V to segregate Layer 2 access within a virtual cloud environment?
A. Cisco Nexus 1000V
B. Cisco VSG
C. WSVA
D. ESVA
Answer: A