How to Pass Cisco 300-206 Exam In First Try?

Implementing Cisco Edge Network Security Solutions: 300-206 Exam
300-206 Questions & Answers
Exam Code: 300-206
Exam Name: Implementing Cisco Edge Network Security Solutions
Q & A: 95 Q&As

QUESTION 1
A network administrator is creating an ASA-CX administrative user account with the following
parameters:
– The user will be responsible for configuring security policies on
network devices.
– The user needs read-write access to policies.
– The account has no more rights than necessary for the job.
What role will be assigned to the user?
A. Administrator
B. Security administrator
C. System administrator
D. Root Administrator
E. Exec administrator
Answer: B

QUESTION 2
Which tool provides the necessary information to determine hardware lifecycle and compliance
details for deployed network devices?
A. Prime Infrastructure
B. Prime Assurance
C. Prime Network Registrar
D. Prime Network Analysis Module
Answer: A

QUESTION 3
Which three compliance and audit report types are available in Cisco Prime Infrastructure?
(Choose three.)
A. Service
B. Change Audit
C. Vendor Advisory
D. TAC Service Request
E. Validated Design
F. Smart Business Architecture
Answer: ABC

QUESTION 4
Cisco Security Manager can manage which three products? (Choose three.)
A. Cisco IOS
B. Cisco ASA
C. Cisco IPS
D. Cisco WLC E. Cisco Web Security Appliance
F. Cisco Email Security Appliance
G. Cisco ASA CX
H. Cisco CRS
Answer: ABC

QUESTION 5
Which two web browsers are supported for the Cisco ISE GUI? (Choose two.)
A. HTTPS-enabled Mozilla Firefox version 3.x
B. Netscape Navigator version 9
C. Microsoft Internet Explorer version 8 in Internet Explorer 8-only mode
D. Microsoft Internet Explorer version 8 in all Internet Explorer modes
E. Google Chrome (all versions)
Answer: AC

QUESTION 6
When a Cisco ASA is configured in multicontext mode, which command is used to change
between contexts?
A. changeto config context
B. changeto context
C. changeto/config context change
D. changeto/config context 2
Answer: B

QUESTION 7
Which statement about the Cisco Security Manager 4.4 NAT Rediscovery feature is true?
A. It provides NAT policies to existing clients that connect from a new switch port.
B. It can update shared policies even when the NAT server is offline.
C. It enables NAT policy discovery as it updates shared polices.
D. It enables NAT policy rediscovery while leaving existing shared polices unchanged.
Answer: D

QUESTION 8
When you install a Cisco ASA AIP-SSM, which statement about the main Cisco ASDM home
page is true?
A. It is replaced by the Cisco AIP-SSM home page.
B. It must reconnect to the NAT policies database.
C. The administrator can manually update the page.
D. It displays a new Intrusion Prevention panel.
Answer: D

QUESTION 9
Which Cisco product provides a GUI-based device management tool to configure Cisco access
routers?
A. Cisco ASDM
B. Cisco CP Express
C. Cisco ASA 5500
D. Cisco CP
Answer: D

QUESTION 10
Which statement about Cisco IPS Manager Express is true?
A. It provides basic device management for large-scale deployments.
B. It provides a GUI for configuring IPS sensors and security modules.
C. It enables communication with Cisco ASA devices that have no administrative access.
D. It provides greater security than simple ACLs.
Answer: B

QUESTION 11
Which three options describe how SNMPv3 traps can be securely configured to be sent by IOS?
(Choose three.)
A. An SNMPv3 group is defined to configure the read and write views of the group.
B. An SNMPv3 user is assigned to SNMPv3 group and defines the encryption and authentication credentials.
C. An SNMPv3 host is configured to define where the SNMPv3 traps will be sent.
D. An SNMPv3 host is used to configure the encryption and authentication credentials for SNMPv3 traps.
E. An SNMPv3 view is defined to configure the address of where the traps will be sent.
F. An SNMPv3 group is used to configure the OIDs that will be reported.
Answer: ABC

QUESTION 12
A network engineer is asked to configure NetFlow to sample one of every 100 packets on a
router’s fa0/0 interface. Which configuration enables sampling, assuming that NetFlow is already
configured and running on the router’s fa0/0 interface?
A. flow-sampler-map flow1
mode random one-out-of 100
interface fas0/0
flow-sampler flow1
B. flow monitor flow1
mode random one-out-of 100
BrainDumps.com 11
Cisco 300-206 Exam
interface fas0/0 ip flow monitor flow1
C. flow-sampler-map flow1
one-out-of 100
interface fas0/0
flow-sampler flow1
D. ip flow-export source fas0/0 one-out-of 100
Answer: A

QUESTION 13
What is the default log level on the Cisco Web Security Appliance?
A. Trace
B. Debug
C. Informational
D. Critical
Answer: C

QUESTION 14
Which command sets the source IP address of the NetFlow exports of a device?
A. ip source flow-export
B. ip source netflow-export
C. ip flow-export source
D. ip netflow-export source
Answer: C

QUESTION 15
Which two SNMPv3 features ensure that SNMP packets have been sent securely?” Choose two.
A. host authorization
B. authentication
C. encryption
D. compression
Answer: BC

…go to http://www.lead2pass.com/300-206.html to download the full version Q&As.

admin
Author

admin