DumpsSchool has comprehensive Cisco 300-206 exam questions for stronger preparation of CCNP Security
300-206 certification exam.
Try it Latest DumpsSchool 300-206 Exam dumps. Buy Full File here: https://www.dumpsschool.com/300-206-exam-dumps.html (430 As Dumps)
Download the DumpsSchool 300-206 braindumps from Google Drive: https://drive.google.com/file/d/1EMLvhFrYAykLS9r0FMJtmIBQ9_6i7_YC/view (FREE VERSION!!!)
Question No. 1
Which statement about the configuration of the Cisco ASA NetFlow v9 (NSEL) is true ?
A. To view bandwidth usage for the NetFlow record, you must enable QoS features
B. Use sysopt command to enable NSEL on a specific interface
C. NSEL can be used without a collector configured
D. NSEL tracks the flow continuously and provides updates every 10 seconds
E. You must define a flow-export event type under a policy
Question No. 2
Refer to the exhibit.
To protect Host A and Host B from communicating with each other, which type of PVLAN port should be used for each host?
A. Host A on a promiscuous port and Host B on a community port
B. Host A on a community port and Host B on a promiscuous port
C. Host A on an isolated port and Host B on a promiscuous port
D. Host A on a promiscuous port and Host B on a promiscuous port
E. Host A on an isolated port and host B on an isolated port
F. Host A on a community port and Host B on a community port
Question No. 3
You are a security engineer at a large multinational retailer. Your Chief Information Officer recently attended a security conference and has asked you to secure the network infrastructure from VLAN hopping. Which statement describes how VLAN hopping can be avoided?
A. There is no such thing as VLAN hopping because VLANs are completely isolated.
B. VLAN hopping can be avoided by using IEEE 802.1X to dynamically assign the access VLAN to all endpoints and setting the default access VLAN to an unused VLAN ID.
C. VLAN hopping is avoided by configuring the native (untagged) VLAN on both sides of an ISL trunk to an unused VLAN ID.
D. VLAN hopping is avoided by configuring the native (untagged) VLAN on both sides of an IEEE 802.1Q trunk to an unused VLAN ID.
Question No. 4
Which two mandatory policies are needed to support a regular IPsec VPN in a Cisco Security Manager
environment? (Choose two.)
A. GRE modes
B. IKE proposal
C. group encryption
D. server load balance
B, C Answer:
Question No. 5
Which statement is true of the logging configuration on the Cisco ASA?
A. The contents of the internal buffer will be saved to an FTP server before the buffer is overwritten.
B. The contents of the internal buffer will be saved to flash memory before the buffer is overwritten.
C. System log messages with a severity level of six and higher will be logged to the internal buffer.
D. System log messages with a severity level of six and lower will be logged to the internal buffer.
Question No. 6
Which option is the default logging buffer size In memory of the Cisco ASA adaptive security appliance?
Question No. 7
Which two configurations are the minimum needed to enable EIGRP on the Cisco ASA appliance? (Choose two.)
A. Enable the EIGRP routing process and specify the AS number.
B. Define the EIGRP default-metric.
C. Configure the EIGRP router ID.
D. Use the neighbor command(s) to specify the EIGRP neighbors.
E. Use the network command(s) to enable EIGRP on the Cisco ASA interface(s).
A, E Answer:
Question No. 8
Which two tasks must you perform to configure SNMPv3 on the Cisco ASA? Choose two.)
A. Configure a local user to manage the ASA
B. Configure an SNMP group
C. Configure a recipient for SNMP notifications
D. Configure the SNMP listening port
E. Configure a local user with privileges to use the SNMP only
B, C Answer:
Question No. 9
Which action can be taken as a preventive measure against VLAN hopping attacks?
A. Configure an uplink to another switch as access port
B. Set an unused VLAN as native VLAN on a trunk port
C. Limit number of MAC addresses on a trunk port
D. Configure port security on all switch ports
Question No. 10
An engineer has downloaded the database files for botnet traffic filtering on an ASA. Where are these
database files stored?
A. flash memory
B. SSD drive
D. running memory
300-206 Dumps Google Drive: (Limited Version!!!)
Exam Vendor: Cisco dumps