[Free] Download New Updated (April 2016) Cisco 300-206 Actual Tests 81-90

Ensurepass

QUESTION 81

To which port does a firewall send secure logging messages?

 

A.

TCP/1500

B.

UDP/1500

C.

TCP/500

D.

UDP/500

 

Correct Answer: A

 

 

QUESTION 82

Which product can manage licenses, updates, and a single signature policy for 15 separate IPS appliances?

 

A.

Cisco Security Manager

B.

Cisco IPS Manager Express

C.

Cisco IPS Device Manager

D.

Cisco Adaptive Security Device Manager

 

Correct Answer: A

 

 

QUESTION 83

Refer to the exhibit. Which two statements about this firewall output are true? (Choose two.)

 

clip_image002

 

A.

The output is from a packet tracer debug.

B.

All packets are allowed to 192.168.1.0 255.255.0.0.

C.

All packets are allowed to 192.168.1.0 255.255.255.0.

D.

All packets are denied.

E.

The output is from a debug all command.

 

Correct Answer: AC

 

 

QUESTION 84

You are the administrator of a multicontext transparent-mode Cisco ASA that uses a shared interface that belongs to more than one context. Because the same interface will be used within all three contexts, which statement describes how you will ensure that return traffic will reach the correct context?

 

A.

Interfaces may not be shared between contexts in routed mode.

B.

Configure a unique MAC address per context with the no mac-address auto command.

C.

Configure a unique MAC address per context with the mac-address auto command.

D.

Use static routes on the Cisco ASA to ensure that traffic reaches the correct context.

 

Correct Answer: C

 

 

QUESTION 85

Which two options are purposes of the packet-tracer command? (Choose two.)

 

A.

to filter and monitor ingress traffic to a switch

B.

to configure an interface-specific packet trace

C.

to simulate network traffic through a data path

D.

to debug packet drops in a production network

E.

to automatically correct an ACL entry in an ASA

 

Correct Answer: CD

 

 

 

 

 

QUESTION 86

Which four are IPv6 First Hop Security technologies? (Choose four.)

 

F.

A.

Send

B.

Dynamic ARP Inspection

C.

Router Advertisement Guard

D.

Neighbor Discovery Inspection

E.

Traffic Storm Control

Port Security

G.

DHCPv6 Guard

 

Correct Answer: ACDG

 

 

QUESTION 87

Which command tests authentication with SSH and shows a generated key?

 

A.

show key mypubkey rsa

B.

show crypto key mypubkey rsa

C.

show crypto key

D.

show key mypubkey

 

Correct Answer: B

 

 

QUESTION 88

To which interface on a Cisco ASA 1000V firewall should a security profile be applied when a VM sits behind it?

 

A.

outside

B.

inside

C.

management

D.

DMZ

 

Correct Answer: B

 

 

QUESTION 89

Which three statements about the software requirements for a firewall failover configuration are true? (Choose three.)

 

A.

The firewalls must be in the same operating mode.

B.

The firewalls must have the same major and minor software version.

C.

The firewalls must be in the same context mode.

D.

The firewalls must
have the same major software version but can have different minor versions.

E.

The firewalls can be in different context modes.

F.

The firewalls can have different Cisco AnyConnect images.

 

Correct Answer: ABC

 

 

 

 

QUESTION 90

When you configure a Cisco firewall in multiple context mode, where do you allocate interfaces?

 

A.

in the system execution space

B.

in the admin context

C.

in a user-defined context

D.

in the global configuration

 

Correct Answer: A

 

Free VCE & PDF File for Cisco 300-206 Real Exam

Instant Access to Free VCE Files: CCNA | CCNP | CCIE …
Instant Access to Free PDF Files: CCNA | CCNP | CCIE …