Our pass rate is high to 98.9% and the similarity percentage between our 300 206 senss study guide and real exam is 90% based on our seven-year educating experience. Do you want achievements in the Cisco 300 206 dumps exam in just one try? I am currently studying for the Cisco ccnp security senss 300 206 official cert guide exam. Latest Cisco 300 206 dumps Test exam practice questions and answers, Try Cisco ccnp security senss 300 206 official cert guide Brain Dumps First.
Q31. When configured in accordance to Cisco best practices, the ip verify source command can mitigate which two types of Layer 2 attacks? (Choose two.)
A. rogue DHCP servers
B. ARP attacks
C. DHCP starvation
D. MAC spoofing
E. CAM attacks
F. IP spoofing
Answer: D,F
Q32. Which two VPN types can you monitor and control with Cisco Prime Security Manager? (Choose two.)
A. AnyConnect SSL
B. site-to-site
C. clientless SSL
D. IPsec remote-access
Answer: A,D
Explanation: http://www.cisco.com/c/en/us/td/docs/security/asacx/9-1/user/guide/b_User_Guide_for_ASA_CX_and_PRSM_9_1.pdf
Q33. Which four are IPv6 First Hop Security technologies? (Choose four.)
A. Send
B. Dynamic ARP Inspection
C. Router Advertisement Guard
D. Neighbor Discovery Inspection
E. Traffic Storm Control
F. Port Security
G. DHCPv6 Guard
Answer: A,C,D,G
Q34. Which.URL downloads a copy of packet-capture named "security" residing on a Cisco ASA adaptive security appliance with IP 10.10.100.11?
A. https://10.10.100.11/capture/security/pcap
B. https://10.10.100.11/capture/security.pcap
C. https://10.10.100.11/security.pcap/download
D. https://10.10.100.11/asa/security/pcap
Answer: A
Q35. Which two TCP ports must be open on the Cisco Security Manager server to allow the server to communicate with the Cisco Security Manager client? (Choose two.)
A. 1741
B. 443
C. 80
D. 1740
E. 8080
Answer: A,B
Q36. Which option lists cloud deployment models?
A. Private, public, hybrid, shared
B. Private, public, hybrid
C. IaaS, PaaS, SaaS
D. Private, public, hybrid, community
Answer: D
Explanation: https://www.ibm.com/developerworks/community/blogs/722f6200-f4ca-4eb3-9d64-8d2b58b2d4e8/entry/4_Types_of_Cloud_Computing_Deployment_Model_You_Need_to_K now1 ?lang=en
Q37. When a Cisoc ASA CX module is managed by Cisco prime Security Manager in Multiple Device Mode , which mode does the firewall use?
A. Multi mode
B. Unmanaged mode
C. Single mode
D. Managed mode
Answer: D
Explanation: http://www.cisco.com/c/en/us/td/docs/security/asacx/9-1/user/guide/b_User_Guide_for_ASA_CX_and_PRSM_9_1b_User_Guide_for_ASA_CX_a nd_PR SM_9_1_chapter_011 0.html#task_7E648F43AD724DA2983699B12E92A528
Q38. Which Cisco prime Infrastructure features allows you to assign templates to a group of wireless LAN controllers with similar configuration requirements?
A. Lightweight access point configuration template
B. Composite template
C. Controller configuration group
D. Shared policy object
Answer: C
Q39. Which three commands can be used to harden a switch? (Choose three.)
A. switch(config-if)# spanning-tree bpdufilter enable
B. switch(config)# ip dhcp snooping
C. switch(config)# errdisable recovery interval 900
D. switch(config-if)# spanning-tree guard root
E. switch(config-if)# spanning-tree bpduguard disable
F. switch(config-if)# no cdp enable
Answer: B,D,F
Q40. Which three statements about transparent firewall are true? ( Choose three)
A. It does not support any type of VPN.
B. Both interfaces must be configured with private IP addresses.
C. It can have only a management IP address.
D. It does not support dynamic routing protocols.
E. It only supports PAT.
F. Transparent firewall works at Layer 2.
Answer: C,D,F
Q41. Cisco Security Manager can manage which three products? (Choose three.)
A. Cisco IOS
B. Cisco ASA
C. Cisco IPS
D. Cisco WLC
E. Cisco Web Security Appliance
F. Cisco Email Security Appliance
G. Cisco ASA CX
H. Cisco CRS
Answer: A,B,C
Q42. What is the default behavior of an access list on a Cisco ASA?
A. It will permit or deny traffic based on the access list criteria.
B. It will permit or deny all traffic on a specified interface.
C. It will have no affect until applied to an interface, tunnel-group or other traffic flow.
D. It will allow all traffic.
Answer: C
Q43. Which log level provides the most detail on the Cisco Web Security Appliance?
A. Debug
B. Critical
C. Trace
D. Informational
Answer: C
Q44. What are two security features at the access port level that can help mitigate Layer 2 attacks? (Choose two.)
A. DHCP snooping
B. IP Source Guard
C. Telnet
D. Secure Shell
E. SNMP
Answer: A,B
Q45. Which VTP mode supports private VLANs on a switch?
A. transparent
B. server
C. client
D. off
Answer: A