Proper study guides for Leading Cisco Implementing Cisco Edge Network Security Solutions certified begins with Cisco 300 206 senss preparation products which designed to deliver the High quality cisco 300 206 questions by making you pass the 300 206 senss test at your first time. Try the free 300 206 senss pdf demo right now.
♥♥ 2021 NEW RECOMMEND ♥♥
Free VCE & PDF File for Cisco 300-206 Real Exam (Full Version!)
★ Pass on Your First TRY ★ 100% Money Back Guarantee ★ Realistic Practice Exam Questions
Free Instant Download NEW 300-206 Exam Dumps (PDF & VCE):
Available on:
http://www.surepassexam.com/300-206-exam-dumps.html
Q81. In which two modes is zone-based firewall high availability available? (Choose two.)
A. IPv4 only
B. IPv6 only
C. IPv4 and IPv6
D. routed mode only
E. transparent mode only
F. both transparent and routed modes
Answer: C,D
Q82. What command alters the SSL ciphers used by the Cisco Email Security Appliance for TLS sessions and HTTPS access?
A. sslconfig
B. sslciphers
C. tlsconifg
D. certconfig
Answer: A
Q83. Which function in the Cisco ADSM ACL Manager pane allows an administrator to search for a specfic element?
A. Find
B. Device Management
C. Search
D. Device Setup
Answer: A
Q84. Which statement about the Cisco Security Manager 4.4 NAT Rediscovery feature is true?
A. It provides NAT policies to existing clients that connect from a new switch port.
B. It can update shared policies even when the NAT server is offline.
C. It enables NAT policy discovery as it updates shared polices.
D. It enables NAT policy rediscovery while leaving existing shared polices unchanged.
Answer: D
Q85. Which of the following would need to be created to configure an application-layer inspection of SMTP traffic operating on port 2525?
A. A class-map that matches port 2525 and applying an inspect ESMTP policy-map for that class in the global inspection policy
B. A policy-map that matches port 2525 and applying an inspect ESMTP class-map for that policy
C. An access-list that matches on TCP port 2525 traffic and applying it on an interface with the inspect option
D. A class-map that matches port 2525 and applying it on an access-list using the inspect option
Answer: A
Q86. A rogue device has connected to the network and has become the STP root bridge, which has caused a network availability issue.
Which two commands can protect against this problem? (Choose two.)
A. switch(config)#spanning-tree portfast bpduguard default
B. switch(config)#spanning-tree portfast bpdufilter default
C. switch(config-if)#spanning-tree portfast
D. switch(config-if)#spanning-tree portfast disable
E. switch(config-if)#switchport port-security violation protect
F. switch(config-if)#spanning-tree port-priority 0
Answer: A,C
Q87. What is the default violation mode that is applied by port security?
A. restrict
B. protect
C. shutdown
D. shutdown VLAN
Answer: C
Q88. To which port does a firewall send secure logging messages?
A. TCP/1500
B. UDP/1500
C. TCP/500
D. UDP/500
Answer: A
Q89. When you configure a Cisco firewall in multiple context mode, where do you allocate interfaces?
A. in the system execution space
B. in the admin context
C. in a user-defined context
D. in the global configuration
Answer: A
Q90. Which Cisco Security Manager form factor is recommended for deployments with fewer than 25 devices?
A. only Cisco Security Manager Standard
B. only Cisco Security Manager Professional
C. only Cisco Security Manager UCS Server Bundle
D. both Cisco Security Manager Standard and Cisco Security Manager Professional
Answer: A
