[Free] 2019(Nov) EnsurePass Cisco 300-206 Dumps with VCE and PDF 1-10

Get Full Version of the Exam
http://www.EnsurePass.com/300-206.html

Question No.1

Which two configurations are necessary to enable password-less SSH login to an IOS router? (Choose two.)

  1. Enter a copy of the administrator#39;s public key within the SSH key-chain

  2. Enter a copy of the administrator#39;s private key within the SSH key-chain

  3. Generate a 512-bit RSA key to enable SSH on the router

  4. Generate an RSA key of at least 768 bits to enable SSH on the router

  5. Generate a 512-bit ECDSA key to enable SSH on the router

  6. Generate a ECDSA key of at least 768 bits to enable SSH on the router

Correct Answer: AD

Question No.2

Cisco Security Manager can manage which three products? (Choose three.)

  1. Cisco IOS

  2. Cisco ASA

  3. Cisco IPS

  4. Cisco WLC

  5. Cisco Web Security Appliance

  6. Cisco Email Security Appliance

  7. Cisco ASA CX

  8. Cisco CRS

Correct Answer: ABC

Question No.3

Which three options correctly identify the Cisco ASA1000V Cloud Firewall? (Choose three.)

  1. operates at Layer 2

  2. operates at Layer 3

  3. secures tenant edge traffic

  4. secures intraswitch traffic

  5. secures data center edge traffic

  6. replaces Cisco VSG

  7. complements Cisco VSG

  8. requires Cisco VSG

Correct Answer: BCG

Question No.4

Which statement describes the correct steps to enable Botnet Traffic Filtering on a Cisco ASA version 9.0 transparent-mode firewall with an active Botnet Traffic Filtering license?

  1. Enable DNS snooping, traffic classification, and actions.

  2. Botnet Traffic Filtering is not supported in transparent mode.

  3. Enable the use of the dynamic database, enable DNS snooping, traffic classification, and actions.

  4. Enable the use of dynamic database, enable traffic classification and actions.

Correct Answer: C

Question No.5

Refer to the exhibit. Server A is a busy server that offers these services:

image

image

World Wide Web DNS

Which command captures http traffic from Host A to Server A?

image

  1. capture traffic match udp host 10.1.1.150 host 10.2.2.100

  2. capture traffic match 80 host 10.1.1.150 host 10.2.2.100

C. capture traffic match ip 10.2.2.0 255.255.255.192 host 10.1.1.150

  1. capture traffic match tcp host 10.1.1.150 host 10.2.2.100

  2. capture traffic match tcp host 10.2.2.100 host 10.1.1.150 eq 80

Correct Answer: D

Question No.6

What is the default behavior of an access list on the Cisco ASA security appliance?

  1. It will permit or deny traffic based on the access-list criteria.

  2. It will permit or deny all traffic on a specified interface.

  3. An access group must be configured before the access list will take effect for traffic control.

  4. It will allow all traffic.

Correct Answer: C

Question No.7

Which Cisco Security Manager form factor is recommended for deployments with fewer than 25 devices?

  1. only Cisco Security Manager Standard

  2. only Cisco Security Manager Professional

  3. only Cisco Security Manager UCS Server Bundle

  4. both Cisco Security Manager Standard and Cisco Security Manager Professional

Correct Answer: A

Question No.8

Refer to the exhibit. Which two statements about the SNMP configuration are true? (Choose two.)

image

  1. The router#39;s IP address is 192.168.1.1.

  2. The SNMP server#39;s IP address is 192.168.1.1.

  3. Only the local SNMP engine is configured.

  4. Both the local and remote SNMP engines are configured.

  5. The router is connected to the SNMP server via port 162.

Correct Answer: BD

Question No.9

image

image

An SNMP host is an IP address to which SNMP notifications and traps are sent. To configure SNMFV3 hosts, which option must you configure in addition to the target IP address?

  1. the Cisco ASA as a DHCP server, so the SNMFV3 host can obtain an IP address

  2. a username, because traps are only sent to a configured user

  3. SSH, so the user can connect to the Cisco ASA

  4. the Cisco ASA with a dedicated interface only for SNMP, to process the SNMP host traffic.

Correct Answer: B

Explanation:

The username can be seen here on the ASDM simulator screen shot:

image

Question No.10

Which two router commands enable NetFlow on an interface? (Choose two.)

  1. ip flow ingress

  2. ip flow egress

  3. ip route-cache flow infer-fields

  4. ip flow ingress infer-fields

  5. ip flow-export version 9

Correct Answer: AB

Get Full Version of the Exam
300-206 Dumps
300-206 VCE and PDF

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.