[Free] 2017(Nov) Dumps4cert Testinsides Cisco 300-206 Dumps with VCE and PDF Download 61-70

Dumps4cert 2017 Nov Cisco Official New Released 300-206
100% Free Download! 100% Pass Guaranteed!
http://www.Dumps4cert.com/300-206.html

Implementing Cisco Edge Network Security Solutions

Question No: 61

A Cisco ASA is configured for TLS proxy. When should the security appliance force remote IP phones connecting to the phone proxy through the internet to be in secured mode?

  1. When the Cisco Unified Communications Manager cluster is in non-secure mode

  2. When the Cisco Unified Communications Manager cluster is in secure mode only

  3. When the Cisco Unified Communications Manager is not part of a cluster

  4. When the Cisco ASA is configured for IPSec VPN

Answer: A

Question No: 62

What is a required attribute to configure NTP authentication on a Cisco ASA?

  1. Key ID

  2. IPsec

  3. AAA

  4. IKEv2

Answer: A

Question No: 63

Which two VPN types can you monitor and control with Cisco Prime Security Manager? (Choose two.)

  1. AnyConnect SSL

  2. site-to-site

  3. clientless SSL

  4. IPsec remote-access

Answer: A,D Explanation:

http://www.cisco.com/c/en/us/td/docs/security/asacx/9-1/user/guide/ b_User_Guide_for_ASA_CX_and_PRSM_9_1.pdf

Question No: 64

Which action is needed to set up SSH on the Cisco ASA firewall?

  1. Create an ACL to aloew the SSH traffic to the Cisco ASA.

  2. Configure DHCP for the client that will connect via SSH.

  3. Generate a crypto key

  4. Specify the SSH version level as either 1 or 2.

  5. Enable the HTTP server to allow authentication.

Answer: C

Question No: 65

An administrator installed a Cisco ASA that runs version 9.1. You are asked to configure the firewall through Cisco ASDM.

When you attempt to connect to a Cisco ASA with a default configuration, which username and password grants you full access?

  1. admin / admin

  2. asaAdmin / (no password)

  3. It is not possible to use Cisco ASDM until a username and password are created via the usernameusernamepassword password CLI command.

  4. enable_15 / (no password)

  5. cisco / cisco

Answer: D

Question No: 66

Which option is the default logging buffer size In memory of the Cisco ASA adaptive security appliance?

  1. 8KB

  2. 32KB

  3. 2KB

  4. 16KB

  5. 4KB

Answer: E Explanation:

http://www.cisco.com/c/en/us/td/docs/security/asa/asa91/configuration/general/asa_91_gen eral_config/ monitor_syslog.html

Question No: 67

Which command tests authentication with SSH and shows a generated key?

  1. show key mypubkey rsa

  2. show crypto key mypubkey rsa

  3. show crypto key

  4. show key mypubkey

Answer: B

Question No: 68

A network engineer is asked to configure NetFlow to sample one of every 100 packets on a router#39;s fa0/0 interface. Which configuration enables sampling, assuming that NetFlow is already configured and running on the router#39;s fa0/0 interface?

  1. flow-sampler-map flow1mode random one-out-of 100 interface fas0/0 flow-sampler flow1

  2. flow monitor flow1mode random one-out-of 100 interface fas0/0 ip flow monitor flow1

  3. flow-sampler-map flow1one-out-of 100 interface fas0/0 flow-sampler flow1

  4. ip flow-export source fas0/0 one-out-of 100

Answer: A

Question No: 69

What are two reasons for implementing NIPS at enterprise Internet edges? (Choose two.)

  1. Internet edges typically have a lower volume of traffic and threats are easier to detect.

  2. Internet edges typically have a higher volume of traffic and threats are more difficult to detect.

  3. Internet edges provide connectivity to the Internet and other external networks.

  4. Internet edges are exposed to a larger array of threats.

  5. NIPS is more optimally designed for enterprise Internet edges than for internal network configurations.

Answer: C,D

Question No: 70

When you configure a Cisco firewall in multiple context mode, where do you allocate

interfaces?

  1. in the system execution space

  2. in the admin context

  3. in a user-defined context

  4. in the global configuration

Answer: A

100% Free Download!
Download Free Demo:300-206 Demo PDF
100% Pass Guaranteed!
Download 2017 Dumps4cert 300-206 Full Exam PDF and VCE

Dumps4cert ExamCollection Testking
Lowest Price Guarantee Yes No No
Up-to-Dated Yes No No
Real Questions Yes No No
Explanation Yes No No
PDF VCE Yes No No
Free VCE Simulator Yes No No
Instant Download Yes No No

2017 Dumps4cert IT Certification PDF and VCE