300-206 Exam Questions - Online Test

300-206 Premium VCE File

Learn More 100% Pass Guarantee - Dumps Verified - Instant Download
150 Lectures, 20 Hours

Proper study guides for Far out Cisco Implementing Cisco Edge Network Security Solutions certified begins with Cisco 300 206 senss pdf preparation products which designed to deliver the Simulation 300 206 dumps questions by making you pass the ccnp security senss 300 206 official cert guide pdf test at your first time. Try the free 300 206 senss pdf demo right now.

Q51. In IOS routers, what configuration can ensure both prevention of ntp spoofing and accurate time ensured? 

A. ACL permitting udp 123 from ntp server 

B. ntp authentication 

C. multiple ntp servers 

D. local system clock 

Answer: B 

Q52. Which Cisco prime Infrastructure features allows you to assign templates to a group of wireless LAN controllers with similar configuration requirements? 

A. Lightweight access point configuration template 

B. Composite template 

C. Controller configuration group 

D. Shared policy object 

Answer: C 

Q53. Which cloud characteristic is used to describes the sharing of physical resource between various 

entities ? 

A. Elasticity 

B. Ubiquitous access 

C. Multitenancy 

D. Resiliency 

Answer: D 

Explanation: 

http://www.cisco.com/web/about/ac123/ac147/archived_issues/ipj_12-3/123_cloud1.html 

Q54. Refer to the exhibit. 

Which two statements about the SNMP configuration are true? (Choose two.) 

A. The router's IP address is 192.168.1.1. 

B. The SNMP server's IP address is 192.168.1.1. 

C. Only the local SNMP engine is configured. 

D. Both the local and remote SNMP engines are configured. 

E. The router is connected to the SNMP server via port 162. 

Answer: B,D 

Q55. What is the default behavior of an access list on the Cisco ASA security appliance? 

A. It will permit or deny traffic based on the access-list criteria. 

B. It will permit or deny all traffic on a specified interface. 

C. An access group must be configured before the access list will take effect for traffic control. 

D. It will allow all traffic. 

Answer: C 

Q56. Which two statements about Cisco IDS are true? (Choose two.) 

A. It is preferred for detection-only deployment. 

B. It is used for installations that require strong network-based protection and that include sensor tuning. 

C. It is used to boost sensor sensitivity at the expense of false positives. 

D. It is used to monitor critical systems and to avoid false positives that block traffic. 

E. It is used primarily to inspect egress traffic, to filter outgoing threats. 

Answer: A,D 

Q57. Which command sets the source IP address of the NetFlow exports of a device? 

A. ip source flow-export 

B. ip source netflow-export 

C. ip flow-export source 

D. ip netflow-export source 

Answer: C 

Q58. Which statement about how the Cisco ASA supports SNMP is true? 

A. All SNMFV3 traffic on the inside interface will be denied by the global ACL 

B. The Cisco ASA and ASASM provide support for network monitoring using SNMP Versions 1,2c, and 3, but do not support the use of all three versions simultaneously. 

C. The Cisco ASA and ASASM have an SNMP agent that notifies designated management ,. stations if events occur that are predefined to require a notification, for example, when a link in the network goes up or down. 

D. SNMPv3 is enabled by default and SNMP v1 and 2c are disabled by default. 

E. SNMPv3 is more secure because it uses SSH as the transport mechanism. 

Answer: C 

Explanation: 

This can be verified by this ASDM screen shot: 

Q59. If you disable PortFast on switch ports that are connected to a Cisco ASA and globally turn on BPDU filtering, what is the effect on the switch ports? 

A. The switch ports are prevented from going into an err-disable state if a BPDU is received. 

B. The switch ports are prevented from going into an err-disable state if a BPDU is sent. 

C. The switch ports are prevented from going into an err-disable state if a BPDU is received and sent. 

D. The switch ports are prevented from forming a trunk. 

Answer: C 

Q60. A network engineer is asked to configure NetFlow to sample one of every 100 packets on a router's fa0/0 interface. Which configuration enables sampling, assuming that NetFlow is already configured and running on the router's fa0/0 interface? 

A. flow-sampler-map flow1 

mode random one-out-of 100 

interface fas0/0 

flow-sampler flow1 

B. flow monitor flow1 

mode random one-out-of 100 

interface fas0/0 

ip flow monitor flow1 

C. flow-sampler-map flow1 

one-out-of 100 

interface fas0/0 

flow-sampler flow1 

D. ip flow-export source fas0/0 one-out-of 100 

Answer: A