Exam Code: 300-206 (Practice Exam Latest Test Questions VCE PDF)
Exam Name: Implementing Cisco Edge Network Security Solutions
Certification Provider: Cisco
Free Today! Guaranteed Training- Pass 300-206 Exam.
2016 May 300-206 Study Guide Questions:
Q31. Which security operations management best practice should be followed to enable appropriate network access for administrators?
A. Provide full network access from dedicated network administration systems
B. Configure the same management account on every network device
C. Dedicate a separate physical or logical plane for management traffic
D. Configure switches as terminal servers for secure device access
Q32. A rogue device has connected to the network and has become the STP root bridge, which has caused a network availability issue.
Which two commands can protect against this problem? (Choose two.)
A. switch(config)#spanning-tree portfast bpduguard default
B. switch(config)#spanning-tree portfast bpdufilter default
C. switch(config-if)#spanning-tree portfast
D. switch(config-if)#spanning-tree portfast disable
E. switch(config-if)#switchport port-security violation protect
F. switch(config-if)#spanning-tree port-priority 0
Q33. IPv6 addresses in an organization's network are assigned using Stateless Address Autoconfiguration. What is a security concern of using SLAAC for IPv6 address assignment?
A. Man-In-The-Middle attacks or traffic interception using spoofed IPv6 Router Advertisements
B. Smurf or amplification attacks using spoofed IPv6 ICMP Neighbor Solicitations
C. Denial of service attacks using TCP SYN floods
D. Denial of Service attacks using spoofed IPv6 Router Solicitations
Updated cisco ccnp security 300-206 senses:
Q34. To which interface on a Cisco ASA 1000V firewall should a security profile be applied when a VM sits behind it?
Q35. When you configure a Cisco firewall in multiple context mode, where do you allocate interfaces?
A. in the system execution space
B. in the admin context
C. in a user-defined context
D. in the global configuration
Q36. Which two SNMPv3 features ensure that SNMP packets have been sent securely? (Choose two.)
A. host authorization
Precise cisco asa nat for ccnp security (300-206) senss:
Q37. What are three features of the Cisco ASA 1000V? (Choose three.)
A. cloning the Cisco ASA 1000V
B. dynamic routing
C. the Cisco VNMC policy agent
E. active/standby failover
Q38. Which command tests authentication with SSH and shows a generated key?
A. show key mypubkey rsa
B. show crypto key mypubkey rsa
C. show crypto key
D. show key mypubkey
Q39. Which command enables the HTTP server daemon for Cisco ASDM access?
A. http server enable
B. http server enable 443
C. crypto key generate rsa modulus 1024
D. no http server enable
Q40. Which function in the Cisco ADSM ACL Manager pane allows an administrator to search for a specfic element?
B. Device Management
D. Device Setup
see more 300-206 dumps