[Free] 2017(Nov) Dumps4cert Testinsides Cisco 300-206 Dumps with VCE and PDF Download 11-20

Dumps4cert 2017 Nov Cisco Official New Released 300-206
100% Free Download! 100% Pass Guaranteed!
http://www.Dumps4cert.com/300-206.html

Implementing Cisco Edge Network Security Solutions

Question No: 11

What command alters the SSL ciphers used by the Cisco Email Security Appliance for TLS sessions and HTTPS access?

  1. sslconfig

  2. sslciphers

  3. tlsconifg

  4. certconfig

Answer: A

Question No: 12

When it is configured in accordance to Cisco best practices, the switchport port-security maximum command can mitigate which two types of Layer 2 attacks? (Choose two.)

  1. rogue DHCP servers

  2. ARP attacks

  3. DHCP starvation

  4. MAC spoofing

  5. CAM attacks

  6. IP spoofing

Answer: C,E

Question No: 13

How many bridge groups are supported on a firewall that operate in transparent mode?

  1. 8

  2. 16

  3. 10

  4. 6

Answer: A

Question No: 14

Which statement about traffic storm control behavior is true?

  1. Traffic storm control cannot determine if the packet is unicast or broadcast.

  2. If you enable broadcast and multicast traffic storm control and the combined broadcast and multicast trafficexceeds the level within a 1 second traffic storm interval, storm control drops all broadcast and multicast traffic until the end of the storm interval

  3. Traffic storm control uses the Individual/Group bit in the packet source address to determine if the packet isunicast or broadcast.

  4. Traffic storm control monitors incoming traffic levels over a 10 second traffic storm control interval

Answer: B

Question No: 15

Which statement about the Cisco Security Manager 4.4 NAT Rediscovery feature is true?

  1. It provides NAT policies to existing clients that connect from a new switch port.

  2. It can update shared policies even when the NAT server is offline.

  3. It enables NAT policy discovery as it updates shared polices.

  4. It enables NAT policy rediscovery while leaving existing shared polices unchanged.

Answer: D

Question No: 16

What is the best description of a unified ACL on a Cisco Firewall

  1. An Ipv4 ACL with Ipv4 support

  2. An ACL the support EtherType in additional Ipv6

  3. An ACL with both Ipv4 and Ipv6 functionality

  4. An Ipv6 ACL with Ipv4 backward compatitiblity

Answer: C Explanation:

http://www.cisco.com/c/en/us/td/docs/security/asa/asa90/configuration/guide/asa_90_cli_co nfig/intro_intro.html

Question No: 17

The Cisco ASA must support dynamic routing and terminating VPN traffic. Which three Cisco ASA options will not support these requirements? (Choose three.)

  1. transparent mode

  2. multiple context mode

  3. active/standby failover mode

  4. active/active failover mode

  5. routed mode

  6. no NAT-control

Answer: A,B,D

Question No: 18

Which configuration on a switch would be unsuccessful in preventing a DHCP starvation attack?

  1. DHCP snooping

  2. Port security

  3. Source Guard

  4. Rate Limiting

Answer: C

Question No: 19

To which port does a firewall send secure logging messages?

  1. TCP/1500

  2. UDP/1500

  3. TCP/500

  4. UDP/500

Answer: A

Question No: 20

At which layer does MACsec provide encryption?

  1. Layer 1

  2. Layer 2

  3. Layer 3

  4. Layer 4

Answer: B

100% Free Download!
Download Free Demo:300-206 Demo PDF
100% Pass Guaranteed!
Download 2017 Dumps4cert 300-206 Full Exam PDF and VCE

Dumps4cert ExamCollection Testking
Lowest Price Guarantee Yes No No
Up-to-Dated Yes No No
Real Questions Yes No No
Explanation Yes No No
PDF VCE Yes No No
Free VCE Simulator Yes No No
Instant Download Yes No No

2017 Dumps4cert IT Certification PDF and VCE