[2017 New] Easily Pass 300-206 Exam By Training Lead2pass Latest VCE Dumps (151-175)

2017 August Cisco Official New Released 300-206 Dumps in Lead2pass.com!

100% Free Download! 100% Pass Guaranteed!

2017 get prepared with fully updated Cisco 300-206 real exam questions and accurate answers for 300-206 exam. Lead2pass IT experts review the 300-206 newly added questions and offer correct Cisco 300-206 exam questions answers. 100% pass easily!

Following questions and answers are all new published by Cisco Official Exam Center: https://www.lead2pass.com/300-206.html

QUESTION 151
Which two TCP ports must be open on the Cisco Security Manager server to allow the server to communicate with the Cisco Security Manager client? (Choose two.)

A.    1741
B.    443
C.    80
D.    1740
E.    8080

Answer: AB

QUESTION 152
Which command enables the HTTP server daemon for Cisco ASDM access?

A.    http server enable
B.    http server enable 443
C.    crypto key generate rsa modulus 1024
D.    no http server enable

Answer: A

QUESTION 153
Which function in the Cisco ADSM ACL Manager pane allows an administrator to search for a specfic element?

A.    Find
B.    Device Management
C.    Search
D.    Device Setup

Answer: A

QUESTION 154
Which two router commands enable NetFlow on an interface? (Choose two.)

A.    ip flow ingress
B.    ip flow egress
C.    ip route-cache flow infer-fields
D.    ip flow ingress infer-fields
E.    ip flow-export version 9

Answer: AB

QUESTION 155
Refer to the exhibit. Which two statements about the SNMP configuration are true? (Choose two.)

A.    The router's IP address is 192.168.1.1.
B.    The SNMP server's IP address is 192.168.1.1.
C.    Only the local SNMP engine is configured.
D.    Both the local and remote SNMP engines are configured.
E.    The router is connected to the SNMP server via port 162.

Answer: BD

QUESTION 156
To which port does a firewall send secure logging messages?

A.    TCP/1500
B.    UDP/1500
C.    TCP/500
D.    UDP/500

Answer: A

QUESTION 157
What is a required attribute to configure NTP authentication on a Cisco ASA?

A.    Key ID
B.    IPsec
C.    AAA
D.    IKEv2

Answer: A

QUESTION 158
Which function does DNSSEC provide in a DNS infrastructure?

A.    It authenticates stored information.
B.    It authorizes stored information.
C.    It encrypts stored information.
D.    It logs stored security information.

Answer: A

QUESTION 159
Refer to the exhibit. Which two statements about this firewall output are true? (Choose two.)

A.    The output is from a packet tracer debug.
B.    All packets are allowed to 192.168.1.0 255.255.0.0.
C.    All packets are allowed to 192.168.1.0 255.255.255.0.
D.    All packets are denied.
E.    The output is from a debug all command.

Answer: AC

QUESTION 160
Which utility can you use to troubleshoot and determine the timeline of packet changes in a data path within a Cisco firewall?

A.    packet tracer
B.    ping
C.    traceroute
D.    SNMP walk

Answer: A

QUESTION 161
What can an administrator do to simultaneously capture and trace packets in a Cisco ASA?

A.    Install a Cisco ASA virtual appliance.
B.    Use the trace option of the capture command.
C.    Use the trace option of the packet-tracer command.
D.    Install a switch with a code that supports capturing, and configure a trunk to the Cisco ASA.

Answer: B

QUESTION 162
Refer to the exhibit. Which command can produce this packet tracer output on a firewall?

A.    packet-tracer input INSIDE tcp 192.168.1.100 88 192.168.2.200 3028
B.    packet-tracer output INSIDE tcp 192.168.1.100 88 192.168.2.200 3028
C.    packet-tracer input INSIDE tcp 192.168.2.200 3028 192.168.1.100 88
D.    packet-tracer output INSIDE tcp 192.168.2.200 3028 192.168.1.100 88

Answer: A

QUESTION 163
At which firewall severity level will debugs appear on a Cisco ASA?

A.    7
B.    6
C.    5
D.    4

Answer: A

QUESTION 164
A Cisco ASA is configured in multiple context mode and has two user-defined contexts--Context_A and Context_B. From which context are device logging messages sent?

A.    Admin
B.    Context_A
C.    Context_B
D.    System

Answer: A

QUESTION 165
Which three statements about the software requirements for a firewall failover configuration are true? (Choose three.)

A.    The firewalls must be in the same operating mode.
B.    The firewalls must have the same major and minor software version.
C.    The firewalls must be in the same context mode.
D.    The firewalls must have the same major software version but can have different minor versions.
E.    The firewalls can be in different context modes.
F.    The firewalls can have different Cisco AnyConnect images.

Answer: ABC

QUESTION 166
What can you do to enable inter-interface firewall communication for traffic that flows between two interfaces of the same security level?

A.    Run the command same-security-traffic permit inter-interface globally.
B.    Run the command same-security-traffic permit intra-interface globally.
C.    Configure both interfaces to have the same security level.
D.    Run the command same-security-traffic permit inter-interface on the interface with the highest security level.

Answer: A

QUESTION 167
How many bridge groups are supported on a firewall that operate in transparent mode?

A.    8
B.    16
C.    10
D.    6

Answer: A

QUESTION 168
In which way are management packets classified on a firewall that operates in multiple context mode?

A.    by their interface IP address
B.    by the routing table
C.    by NAT
D.    by their MAC addresses

Answer: A

QUESTION 169
Where on a firewall does an administrator assign interfaces to contexts?

A.    in the system execution space
B.    in the admin context
C.    in a user-defined context
D.    in the console

Answer: A

QUESTION 170
Which kind of Layer 2 attack targets the STP root bridge election process and allows an attacker to control the flow of traffic?

A.    man-in-the-middle
B.    denial of service
C.    distributed denial of service
D.    CAM overflow

Answer: A

QUESTION 171
Which Layer 2 security feature validates ARP packets?

A.    DAI
B.    DHCP server
C.    BPDU guard
D.    BPDU filtering

Answer: A

QUESTION 172
If you disable PortFast on switch ports that are connected to a Cisco ASA and globally turn on BPDU filtering, what is the effect on the switch ports?

A.    The switch ports are prevented from going into an err-disable state if a BPDU is received.
B.    The switch ports are prevented from going into an err-disable state if a BPDU is sent.
C.    The switch ports are prevented from going into an err-disable state if a BPDU is received and sent.
D.    The switch ports are prevented from forming a trunk.

Answer: C

QUESTION 173
In a Cisco ASAv failover deployment, which interface is preconfigured as the failover interface?

A.    GigabitEthernet0/2
B.    GigabitEthernet0/4
C.    GigabitEthernet0/6
D.    GigabitEthernet0/8

Answer: D

QUESTION 174
What are the three types of private VLAN ports? (Choose three.)

A.    promiscuous
B.    isolated
C.    community
D.    primary
E.    secondary
F.    trunk

Answer: ABC

QUESTION 175
Which VTP mode supports private VLANs on a switch?

A.    transparent
B.    server
C.    client
D.    off

Answer: A

Latest 300-206 questions and answers from Cisco Exam Center offered by Lead2pass for free share now! Read and remember all real questions answers, Guarantee pass 300-206 real test 100% or full money back!

300-206 new questions on Google Drive: https://drive.google.com/open?id=0B3Syig5i8gpDQ3hFS2lmMTdVb3c

2017 Cisco 300-206 exam dumps (All 251 Q&As) from Lead2pass:

https://www.lead2pass.com/300-206.html [100% Exam Pass Guaranteed]