[Free] 2019(Nov) EnsurePass Cisco 300-206 Dumps with VCE and PDF 21-30

Get Full Version of the Exam
http://www.EnsurePass.com/300-206.html

Question No.21

Which option describes the purpose of the input parameter when you use the packet-tracer command on a Cisco device?

  1. to provide detailed packet-trace information

  2. to specify the source interface for the packet trace

  3. to display the trace capture in XML format

  4. to specify the protocol type for the packet trace

Correct Answer: B

Question No.22

You are the network security engineer for the Secure-X network. The company has recently detected Increase of traffic to malware Infected destinations. The Chief Security Officer deduced that some PCs in the internal networks are infected with malware and communicate with malware infected destinations.

The CSO has tasked you with enable Botnet traffic filter on the Cisco ASA to detect and deny further connection attempts from infected PCs to malware destinations. You are also required to test your configurations by initiating connections through the Cisco ASA and then display and observe the Real-Time Log Viewer in ASDM.

To successfully complete this activity, you must perform the following tasks:

* Download the dynamic database and enable use of it.

image

image

Enable the ASA to download of the dynamic database Enable the ASA to download of the dynamic database.

image

Enable DNS snooping for existing DNS inspection service policy rules.

image

Enable Botnet Traffic Filter classification on the outside interface for All Traffic.

image

Configure the Botnet Traffic Filter to drop blacklisted traffic on the outside interface. Use the default Threat Level settings

NOTE: The database files are stored in running memory; they are not stored in flash memory. NOTE: DNS is enabled on the inside interface and set to the HQ-SRV (10.10.3.20).

NOTE: Not all ASDM screens are active for this exercise.

Verify that the ASA indeed drops traffic to blacklisted destinations by doing the following:

image

From the Employee PC, navigate to http://www.google.com to make sure that access to the Internet is working.

image

From the Employee PC, navigate to http://bot-sparta.no-ip.org. This destination is classified as malware destination by the Cisco SIO database.

image

From the Employee PC, navigate to http://superzarabotok-gid.ru/. This destination is classified as malware destination by the Cisco SIO database.

image

From Admin PC, launch ASDM to display and observe the Real-Time Log Viewer.

You have completed this exercise when you have configured and successfully tested Botnet traffic filter on the Cisco ASA.

image

image

image

Explanation:

First, click on both boxes on the Botnet Database as shown below and hit apply:

image

Click Yes to send the commands when prompted.

Then, click on the box on the DNS Snooping page as shown below and hit apply:

image

Click Yes to send the commands when prompted.

Then, click on the box on the Traffic Settings tab as shown:

image

At which point this pop-up box will appear when you click on the Add button:

image

Click OK. Then Apply. Then Send when prompted.

Then verify that all is working according to the instructions given in the question.

Question No.23

Which two TCP ports must be open on the Cisco Security Manager server to allow the server to communicate with the Cisco Security Manager client? (Choose two.)

A.

1741

B.

443

C.

80

D.

1740

E.

8080

Correct Answer: AB

Question No.24

The Cisco Email Security Appliance can be managed with both local and external users of different privilege levels. What three external modes of authentication are supported? (Choose three.)

  1. LDAP authentication

  2. RADIUS Authentication

  3. TACAS

  4. SSH host keys

  5. Common Access Card Authentication

  6. RSA Single use tokens

Correct Answer: ABD

Question No.25

image

image

Which statement is true of the logging configuration on the Cisco ASA?

  1. The contents of the internal buffer will be saved to an FTP server before the buffer is overwritten.

  2. The contents of the internal buffer will be saved to flash memory before the buffer is overwritten.

  3. System log messages with a severity level of six and higher will be logged to the internal buffer.

  4. System log messages with a severity level of six and lower will be logged to the internal buffer.

Correct Answer: C

Explanation:

image

Question No.26

Which utility can you use to troubleshoot and determine the timeline of packet changes in a data path within a Cisco firewall?

  1. packet tracer

  2. ping

  3. traceroute

  4. SNMP walk

Correct Answer: A

Question No.27

Which command sets the source IP address of the NetFlow exports of a device?

  1. ip source flow-export

  2. ip source netflow-export

  3. ip flow-export source

  4. ip netflow-export source

Correct Answer: C

Question No.28

What is the default log level on the Cisco Web Security Appliance?

  1. Trace

  2. Debug

  3. Informational

  4. Critical

Correct Answer: C

Question No.29

Which statement about Cisco Security Manager form factors is true?

  1. Cisco Security Manager Professional and Cisco Security Manager UCS Server Bundles support FWSMs.

  2. Cisco Security Manager Standard and Cisco Security Manager Professional support FWSMs.

  3. Only Cisco Security Manager Professional supports FWSMs.

  4. Only Cisco Security Manager Standard supports FWSMs.

Correct Answer: A

Question No.30

Which ASA feature is used to keep track of suspected attackers who create connections to too many hosts or ports?

  1. complex threat detection

  2. scanning threat detection

  3. basic threat detection

  4. advanced threat detection

Correct Answer: B

Get Full Version of the Exam
300-206 Dumps
300-206 VCE and PDF

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.