2016 October Cisco Official New Released 300-206 Dumps in Lead2pass.com!
100% Free Download! 100% Pass Guaranteed!
I was recommended by one of my friend, he used the Lead2pass 300-206 dumps and said they are helpful. He was right! I passed my Cisco 300-206 exam yesterday. I was lucky, all my questions in the exams were from Lead2pass dumps.
Following questions and answers are all new published by Cisco Official Exam Center: http://www.lead2pass.com/300-206.html
QUESTION 61
Which URL matches the regex statement “http”*/”www.cisco.com/”*[^E]”xe”?
A. https://www.cisco.com/ftp/ios/tftpserver.exe
B. https://cisco.com/ftp/ios/tftpserver.exe
C. http:/www.cisco.com/ftp/ios/tftpserver.Exe
D. https:/www.cisco.com/ftp/ios/tftpserver.EXE
Answer: A
QUESTION 62
Which two statements about Cisco IOS Firewall are true? (Choose two.)
A. It provides stateful packet inspection.
B. It provides faster processing of packets than Cisco ASA devices provide.
C. It provides protocol-conformance checks against traffic.
D. It eliminates the need to secure routers and switches throughout the network.
E. It eliminates the need to secure host machines throughout the network.
Answer: AC
QUESTION 63
Which two VPN types can you monitor and control with Cisco Prime Security Manager? (Choose two.)
A. AnyConnect SSL
B. site-to-site
C. clientless SSL
D. IPsec remote-access
Answer: AD
Explanation:
http://www.cisco.com/c/en/us/td/docs/security/asacx/9-1/user/guide/b_User_Guide_for_ASA_CX_and_PRSM_9_1.pdf
QUESTION 64
What are three attributes that can be applied to a user account with RBAC? (Choose three.)
A. domain
B. password
C. ACE tag
D. user roles
E. VDC group tag
F. expiry date
Answer: BDF
QUESTION 65
Which command is used to nest objects in a pre-existing group?
A. object-group
B. network group-object
C. object-group network
D. group-object
Answer: D
QUESTION 66
Which threat-detection feature is used to keep track of suspected attackers who create connections to too many hosts or ports?
A. complex threat detection
B. scanning threat detection
C. basic threat detection
D. advanced threat detection
Answer: B
QUESTION 67
What is the default behavior of an access list on the Cisco ASA security appliance?
A. It will permit or deny traffic based on the access-list criteria.
B. It will permit or deny all traffic on a specified interface.
C. An access group must be configured before the access list will take effect for traffic control.
D. It will allow all traffic.
Answer: C
QUESTION 68
What is the default behavior of NAT control on Cisco ASA Software Version 8.3?
A. NAT control has been deprecated on Cisco ASA Software Version 8.3.
B. It will prevent traffic from traversing from one enclave to the next without proper access configuration.
C. It will allow traffic to traverse from one enclave to the next without proper access configuration.
D. It will deny all traffic.
Answer: A
QUESTION 69
Which three options are hardening techniques for Cisco IOS routers? (Choose three.)
A. limiting access to infrastructure with access control lists
B. enabling service password recovery
C. using SSH whenever possible
D. encrypting the service password
E. using Telnet whenever possible
F. enabling DHCP snooping
Answer: ACD
QUESTION 70
What command alters the SSL ciphers used by the Cisco Email Security Appliance for TLS sessions and HTTPS access?
A. sslconfig
B. sslciphers
C. tlsconifg
D. certconfig
Answer: A
QUESTION 71
What is the CLI command to enable SNMPv3 on the Cisco Web Security Appliance?
A. snmpconfig
B. snmpenable
C. configsnmp
D. enablesnmp
Answer: A
QUESTION 72
The Cisco Email Security Appliance can be managed with both local and external users of different privilege levels. What three external modes of authentication are supported? (Choose three.)
A. LDAP authentication
B. RADIUS Authentication
C. TACAS
D. SSH host keys
E. Common Access Card Authentication
F. RSA Single use tokens
Answer: ABD
QUESTION 73
When a Cisco ASA is configured in multicontext mode, which command is used to change between contexts?
A. changeto config context
B. changeto context
C. changeto/config context change
D. changeto/config context 2
Answer: B
QUESTION 74
Which statement about the Cisco Security Manager 4.4 NAT Rediscovery feature is true?
A. It provides NAT policies to existing clients that connect from a new switch port.
B. It can update shared policies even when the NAT server is offline.
C. It enables NAT policy discovery as it updates shared polices.
D. It enables NAT policy rediscovery while leaving existing shared polices unchanged.
Answer: D
QUESTION 75
When you install a Cisco ASA AIP-SSM, which statement about the main Cisco ASDM home page is true?
A. It is replaced by the Cisco AIP-SSM home page.
B. It must reconnect to the NAT policies database.
C. The administrator can manually update the page.
D. It displays a new Intrusion Prevention panel.
Answer: D
QUESTION 76
Which Cisco product provides a GUI-based device management tool to configure Cisco access routers?
A. Cisco ASDM
B. Cisco CP Express
C. Cisco ASA 5500
D. Cisco CP
Answer: D
QUESTION 77
Which statement about Cisco IPS Manager Express is true?
A. It provides basic device management for large-scale deployments.
B. It provides a GUI for configuring IPS sensors and security modules.
C. It enables communication with Cisco ASA devices that have no administrative access.
D. It provides greater security than simple ACLs.
Answer: B
QUESTION 78
Which three options describe how SNMPv3 traps can be securely configured to be sent by IOS? (Choose three.)
A. An SNMPv3 group is defined to configure the read and write views of the group.
B. An SNMPv3 user is assigned to SNMPv3 group and defines the encryption and authentication credentials.
C. An SNMPv3 host is configured to define where the SNMPv3 traps will be sent.
D. An SNMPv3 host is used to configure the encryption and authentication credentials for SNMPv3 traps.
E. An SNMPv3 view is defined to configure the address of where the traps will be sent.
F. An SNMPv3 group is used to configure the OIDs that will be reported.
Answer: ABC
QUESTION 79
Cisco Security Manager can manage which three products? (Choose three.)
A. Cisco IOS
B. Cisco ASA
C. Cisco IPS
D. Cisco WLC
E. Cisco Web Security Appliance
F. Cisco Email Security Appliance
G. Cisco ASA CX
H. Cisco CRS
Answer: ABC
QUESTION 80
When a Cisco ASA is configured in transparent mode, how can ARP traffic be controlled?
A. By enabling ARP inspection; however, it cannot be controlled by an ACL
B. By enabling ARP inspection or by configuring ACLs
C. By configuring ACLs; however, ARP inspection is not supported
D. By configuring NAT and ARP inspection
Answer: A
I think Lead2pass dumps are very good for the people who do not have much time for their Cisco 300-206 exam preparation. You can easily pass the exam only by memorize Lead2pass exam questions. Believe or not, I did so and I passed my 300-206 exam.
300-206 new questions on Google Drive: https://drive.google.com/open?id=0B3Syig5i8gpDWFY3cWxuWnJKQ28
2016 Cisco 300-206 exam dumps (All 223 Q&As) from Lead2pass:
http://www.lead2pass.com/300-206.html [100% Exam Pass Guaranteed]