Nest 0 Cart
Nest Account
Popular Exams
All Categories...
Nest
Nest 0
Contact
Log In / Sign Up
Copyright 2024 © store. All rights reserved.
Home Cisco® 300-206

Cisco® 300-206 Exam Practice Questions (P. 5)

  • Full Access (368 questions)
  • Six months of Premium Access
  • Access to one million comments
  • Seamless ChatGPT Integration
  • Ability to download PDF files
  • Anki Flashcard files for revision
  • No Captcha & No AdSense
  • Advanced Exam Configuration
Get Contributor Access
Question #41
A Cisco ASA is configured for TLS proxy. When should the security appliance force remote IP phones connecting to the phone proxy through the internet to be in secured mode?
  1. A
    When the Cisco Unified Communications Manager cluster is in non-secure mode
  2. B
    When the Cisco Unified Communications Manager cluster is in secure mode only
  3. C
    When the Cisco Unified Communications Manager is not part of a cluster
  4. D
    When the Cisco ASA is configured for IPSec VPN

Correct Answer:
A

Question #42
Which two features are supported when configuring clustering of multiple Cisco ASA appliances? (Choose two.)
  1. A
    NAT
  2. B
    dynamic routing
  3. C
    SSL remote access VPN
  4. D
    IPSec remote access VPN

Correct Answer:
AB

Question #43
When a Cisco ASA is configured in transparent mode, how can ARP traffic be controlled?
  1. A
    By enabling ARP inspection; however, it cannot be controlled by an ACL
  2. B
    By enabling ARP inspection or by configuring ACLs
  3. C
    By configuring ACLs; however, ARP inspection is not supported
  4. D
    By configuring NAT and ARP inspection

Correct Answer:
A

Question #44
What are two primary purposes of Layer 2 detection in Cisco IPS networks? (Choose two.)
  1. A
    identifying Layer 2 ARP attacks
  2. B
    detecting spoofed MAC addresses and tracking 802.1X actions and data communication after a successful client association
  3. C
    detecting and preventing MAC address spoofing in switched environments
  4. D
    mitigating man-in-the-middle attacks

Correct Answer:
AD

Question #45
What is the primary purpose of stateful pattern recognition in Cisco IPS networks?
  1. A
    mitigating man-in-the-middle attacks
  2. B
    using multipacket inspection across all protocols to identify vulnerability-based attacks and to thwart attacks that hide within a data stream
  3. C
    detecting and preventing MAC address spoofing in switched environments
  4. D
    identifying Layer 2 ARP attacks

Correct Answer:
B

Question #46
What are two reasons to implement Cisco IOS MPLS Bandwidth-Assured Layer 2 Services? (Choose two.)
  1. A
    guaranteed bandwidth and peak rates as well as low cycle periods, regardless of which systems access the device
  2. B
    increased resiliency through MPLS FRR for AToM circuits and better bandwidth utilization through MPLS TE
  3. C
    enabled services over an IP/MPLS infrastructure, for enhanced MPLS Layer 2 functionality
  4. D
    provided complete proactive protection against frame and device spoofing

Correct Answer:
BC

Question #47
What is the maximum jumbo frame size for IPS standalone appliances with 1G and 10G fixed or add-on interfaces?
  1. A
    1024 bytes
  2. B
    1518 bytes
  3. C
    2156 bytes
  4. D
    9216 bytes

Correct Answer:
D

Question #48
Which two statements about Cisco IDS are true? (Choose two.)
  1. A
    It is preferred for detection-only deployment.
  2. B
    It is used for installations that require strong network-based protection and that include sensor tuning.
  3. C
    It is used to boost sensor sensitivity at the expense of false positives.
  4. D
    It is used to monitor critical systems and to avoid false positives that block traffic.
  5. E
    It is used primarily to inspect egress traffic, to filter outgoing threats.

Correct Answer:
AD

Question #49
What are two reasons for implementing NIPS at enterprise Internet edges? (Choose two.)
  1. A
    Internet edges typically have a lower volume of traffic and threats are easier to detect.
  2. B
    Internet edges typically have a higher volume of traffic and threats are more difficult to detect.
  3. C
    Internet edges provide connectivity to the Internet and other external networks.
  4. D
    Internet edges are exposed to a larger array of threats.
  5. E
    NIPS is more optimally designed for enterprise Internet edges than for internal network configurations.

Correct Answer:
CD

Question #50
Which four are IPv6 First Hop Security technologies? (Choose four.)
  1. A
    Send
  2. B
    Dynamic ARP Inspection
  3. C
    Router Advertisement Guard
  4. D
    Neighbor Discovery Inspection
  5. E
    Traffic Storm Control
  6. F
    Port Security
  7. G
    DHCPv6 Guard

Correct Answer:
ACDG

Previous Questions Next Questions

All Pages