[Free] 2019(Nov) EnsurePass Cisco 300-206 Dumps with VCE and PDF 51-60

Get Full Version of the Exam

Question No.51

A Cisco ASA is configured in multiple context mode and has two user-defined contexts Context_A and Context_B. From which context are device logging messages sent?

  1. Admin

  2. Context_A

  3. Context_B

  4. System

Correct Answer: A

Question No.52

What are two primary purposes of Layer 2 detection in Cisco IPS networks? (Choose two.)

  1. identifying Layer 2 ARP attacks

  2. detecting spoofed MAC addresses and tracking 802.1X actions and data communication after a successful client association

  3. detecting and preventing MAC address spoofing in switched environments

  4. mitigating man-in-the-middle attacks

Correct Answer: AD

Question No.53

At which layer does Dynamic ARP Inspection validate packets?

  1. Layer 2

  2. Layer 3

  3. Layer 4

  4. Layer 7

Correct Answer: A

Question No.54

Your company is replacing a high-availability pair of Cisco ASA 5550 firewalls with the newer Cisco ASA 5555-X models. Due to budget constraints, one Cisco ASA 5550 will be replaced at a time. Which statement about the minimum requirements to set up stateful failover between these two firewalls is true?

  1. You must install the USB failover cable between the two Cisco ASAs and provide a 1 Gigabit Ethernet interface for state exchange.

  2. It is not possible to use failover between different Cisco ASA models.

  3. You must have at least 1 Gigabit Ethernet interface between the two Cisco ASAs for state exchange.

  4. You must use two dedicated interfaces. One link is dedicated to state exchange and the other link is for heartbeats.

Correct Answer: B

Question No.55

Which two device types can Cisco Prime Security Manager manage in Multiple Device mode? (Choose two.)

  1. Cisco ESA

  2. Cisco ASA

  3. Cisco WSA

  4. Cisco ASA CX

Correct Answer: BD

Question No.56

When configured in accordance to Cisco best practices, the ip verify source command can mitigate which two types of Layer 2 attacks? (Choose two.)

  1. rogue DHCP servers

  2. ARP attacks

  3. DHCP starvation

  4. MAC spoofing

  5. CAM attacks

  6. IP spoofing

Correct Answer: DF

Question No.57

Which three options are default settings for NTP parameters on a Cisco ASA? (Choose three.)

  1. NTP authentication is enabled.

  2. NTP authentication is disabled.

  3. NTP logging is enabled.

  4. NTP logging is disabled.

  5. NTP traffic is not restricted.

  6. NTP traffic is restricted.

Correct Answer: BDE

Question No.58

Which two parameters must be configured before you enable SCP on a router? (Choose two.)

  1. SSH

  2. authorization

  3. ACLs

  4. NTP


Correct Answer: AB

Question No.59

Which type of object group will allow configuration for both TCP 80 and TCP 443?

  1. service

  2. network

  3. time range

  4. user group

Correct Answer: A

Question No.60

A rogue device has connected to the network and has become the STP root bridge, which has caused a network availability issue. Which two commands can protect against this problem? (Choose two.)

  1. switch(config)#spanning-tree portfast bpduguard default

  2. switch(config)#spanning-tree portfast bpdufilter default

  3. switch(config-if)#spanning-tree portfast

  4. switch(config-if)#spanning-tree portfast disable

  5. switch(config-if)#switchport port-security violation protect

  6. switch(config-if)#spanning-tree port-priority 0

Correct Answer: AC

Get Full Version of the Exam
300-206 Dumps
300-206 VCE and PDF