REAL QUESTIONS SUBMIT MATERIAL ADVERTISE
Braindumps

Microsoft

Cisco

Citrix

CIW

CompTia

CWNA

Apple

Adobe

HP

Legato

Exin

Filemaker

Brocade

Ericsson

TIA

Veritas

ISEB

SCP

IISFA

ISM

OMG

Apc

Mile2

Foundry

Huawei

McData

Symantec

TeraData

RedHat

Solar Winds

Blue Coat

Riverbed

 

 
 
Click on name of dumper to view the dump
 
Diego
 
 

 

Braindumps of 300-206
Implementing Cisco Edge Network Security Solutions

 

Exam Questions, Answers, Braindumps (300-206)

These dumps were helpful. Take it from me,you can easily clear these exams if you are thorough with the question from www.examcheats.net or www.exams.ws

 

QUESTION NO: 1

All 30 users on a single floor of a building are complaining about network slowness. After investigating the access switch, the network administrator notices that the MAC address table is full (10,000 entries) and all traffic is being flooded out of every port. Which action can the administrator take to prevent this from occurring?

A. Configure port-security to limit the number of mac-addresses allowed on each port

B. Upgrade the switch to one that can handle 20,000 entries

C. Configure private-vlans to prevent hosts from communicating with one another

D. Enable storm-control to limit the traffic rate

E. Configure a VACL to block all IP traffic except traffic to and from that subnet

ANS:A

QUESTION NO: 2

A network printer has a DHCP server service that cannot be disabled. How can a layer 2 switch be configured to prevent the printer from causing network issues?

A. Remove the ip helper-address

B. Configure a Port-ACL to block outbound TCP port 68

C. Configure DHCP snooping

D. Configure port-security

ANS:C

QUESTION NO: 3

A switch is being configured at a new location that uses statically assigned IP addresses. Which will ensure that ARP inspection works as expected?

A. Configure the 'no-dhcp' keyword at the end of the ip arp inspection command

B. Enable static arp inspection using the command 'ip arp inspection static vlan vlan-number

C. Configure an arp access-list and apply it to the ip arp inspection command

D. Enable port security

ANS:C

QUESTION NO: 4

Which of the following would need to be created to configure an application-layer inspection of SMTP traffic operating on port 2525?

A. A class-map that matches port 2525 and applying an inspect ESMTP policy-map for that class in the global inspection policy

B. A policy-map that matches port 2525 and applying an inspect ESMTP class-map for that policy

C. An access-list that matches on TCP port 2525 traffic and applying it on an interface with the inspect option

D. A class-map that matches port 2525 and applying it on an access-list using the inspect option

ANS:A

QUESTION NO: 5

Which command is used to nest objects in a pre-existing group?

A. object-group

B. network group-object

C. object-group network

D. group-object

ANS:D

QUESTION NO: 6

Which threat-detection feature is used to keep track of suspected attackers who create connections to too many hosts or ports?

A. complex threat detection

B. scanning threat detection

C. basic threat detection

D. advanced threat detection

ANS:B

QUESTION NO: 7

What is the default behavior of an access list on the Cisco ASA security appliance?

A. It will permit or deny traffic based on the access-list criteria.

B. It will permit or deny all traffic on a specified interface.

C. An access group must be configured before the access list will take effect for traffic control.

D. It will allow all traffic.

ANS:C

QUESTION NO: 8

What is the default behavior of NAT control on Cisco ASA Software Version 8.3?

A. NAT control has been deprecated on Cisco ASA Software Version 8.3.

B. It will prevent traffic from traversing from one enclave to the next without proper access configuration.

C. It will allow traffic to traverse from one enclave to the next without proper access configuration.

D. It will deny all traffic.

ANS:A

QUESTION NO: 9

Which three options are hardening techniques for Cisco IOS routers? (Choose three.)

A. limiting access to infrastructure with access control lists

B. enabling service password recovery

C. using SSH whenever possible

D. encrypting the service password

E. using Telnet whenever possible

F. enabling DHCP snooping

ANS:A,C,D

 

300-206


 

 

Braindumps Real exam questions and verified answers - 100% passing guarantee - cheap prices.

 

Free brain dumps Braindumps, notes, books for free

 

Braindumps and Exams - Instant download real exam questions - Passing guarantee.

Follow us on FaceBook
Braindumps on Facebook
 
 
 
 
 

CheckPoint

Linux

Novell

DB/2

Network Appliance

EC-Council

Nortel

McAfee

Juniper

ISACA

PMI

Sybase

EMC

HDI

SNIA

ISC

Sair

IBM

Lotus

Exam Express

3COM

BICSI

DeLL

Enterasys

Extreme Networks

Guidance Software

Computer Associates

Network General

SAS Institute

Alcatel Lucent

SeeBeyond

TruSecure

Polycom

Hyperion

Hitachi

Nokia

Fortinet

Vmware

Fujitsu

Tibco

Intel

PostgreSQLCE

BusinessObjects

RESSoftware

BlackBerry

AccessData

ICDL

Isilon

SAP

The Open Group

ACSM

Altiris

Avaya

Cognos

F5

Genesys

SDI

ACI

ASQ

Google

H3C

HIPAA

HRCI

SOA

IIBA

Zend