Latest 300-206 Exam Study Guides With New Update Exam Questions

Q1. According to the logging configuration on the Cisco ASA, what will happen if syslog server 10.10.2.40 fails? 

A. New connections through the ASA will be blocked and debug system logs will be sent to the internal buffer. 

B. New connections through the ASA will be blocked and informational system logs will be sent to the internal buffer. 

C. New connections through the ASA will be blocked and system logs will be sent to server 10.10.2.41. 

D. New connections through the ASA will be allowed and system logs will be sent to server 10.10.2.41. 

E. New connections through the ASA will be allowed and informational system logs will be sent to the internal buffer. 

F. New connections through the ASA will be allowed and debug system logs will be sent to the internal buffer. 

View Answer

Q2. Which two options are two purposes of the packet-tracer command? (Choose two.) 

A. to filter and monitor ingress traffic to a switch 

B. to configure an interface-specific packet trace 

C. to inject virtual packets into the data path 

D. to debug packet drops in a production network 

E. to correct dropped packets in a production network 

View Answer

Q3. Which set of commands enables logging and displays the log buffer on a Cisco ASA? 

A. enable logging 

show logging 

B. logging enable 

show logging 

C. enable logging int e0/1 

view logging 

D. logging enable 

logging view config 

View Answer

Q4. Which three options are hardening techniques for Cisco IOS routers? (Choose three.) 

A. limiting access to infrastructure with access control lists 

B. enabling service password recovery 

C. using SSH whenever possible 

D. encrypting the service password 

E. using Telnet whenever possible 

F. enabling DHCP snooping 

View Answer

Q5. Which statement about Cisco ASA NetFlow v9 (NSEL) is true? 

A. NSEL events match all traffic classes in parallel 

B. NSEL is has a time interval locked at 20 seconds and is not user configurable 

C. NSEL tracks flow-create, flow-teardown, and flow-denied events and generates appropriate NSEL data records 

D. You cannot disable syslog messages that have become redundant because of NSEL 

E. NSEL tracks the flow continuously and provides updates every 10 second 

F. NSEL provides stateless IP flow tracking that exports all record od a specific flow 

View Answer

Q6. In which two modes is zone-based firewall high availability available? (Choose two.) 

A. IPv4 only 

B. IPv6 only 

C. IPv4 and IPv6 

D. routed mode only 

E. transparent mode only 

F. both transparent and routed modes 

View Answer

Q7. How much storage is allotted to maintain system,configuration , and image files on the Cisco ASA 1000V during OVF template file deployment? 

A. 1GB 

B. 5GB 

C. 2GB 

D. 10GB 

View Answer

Q8. If you encounter problems logging in to the Cisco Security Manager 4.4 web server or client or backing up its databases, which account has most likely been improperly modified? 

A. admin (the default administrator account) 

B. casuser (the default service account) 

C. guest (the default guest account) 

D. user (the default user account) 

View Answer

Q9. When it is configured in accordance to Cisco best practices, the switchport port-security maximum command can mitigate which two types of Layer 2 attacks? (Choose two.) 

A. rogue DHCP servers 

B. ARP attacks 

C. DHCP starvation 

D. MAC spoofing 

E. CAM attacks 

F. IP spoofing 

View Answer

Q10. Where do you apply a control plane service policy to implement Management Plane Protection on a Cisco router? 

A. Control-plane interface management 0/0 

B. Control-plane service policy 

C. Control-plane router 

D. Control-plane host 

View Answer