300-206 - Implementing Cisco Edge Network Security Solutions

Go back to Cisco

Example Questions

Which URL matches the regex statement "http"*/"www.cisco.com/"*[^E]"xe"? Which product can manage licenses, updates, and a single signature policy for 15 separate IPS appliances? What can an administrator do to simultaneously capture and trace packets in a Cisco ASA? Which statement about the Cisco Security Manager 4.4 NAT Rediscovery feature is true? When you install a Cisco ASA AIP-SSM, which statement about the main Cisco ASDM home page is true? Which two options are two purposes of the packet-tracer command? (Choose two.) What is the default behavior of an access list on a Cisco ASA? When configuring a new context on a Cisco ASA device, which command creates a domain for the context? You have explicitly added the line deny ipv6 any log to the end of an IPv6 ACL on a router interface. Which two ICMPv6 packet types must you explicitly allow to enable traffic to traverse the interface? (Choose two.) A network printer has a DHCP server service that cannot be disabled. How can a layer 2 switch be configured to prevent the printer from causing network issues? Which two statements about zone-based firewalls are true? (Choose two.) Which set of commands creates a message list that includes all severity 2 (critical) messages on a Cisco security device? A network engineer is asked to configure NetFlow to sample one of every 100 packets on a router's fa0/0 interface. Which configuration enables sampling, assuming that NetFlow is already configured and running on the router's fa0/0 interface? Which command displays syslog messages on the Cisco ASA console as they occur? What is the lowest combination of ASA model and license providing 1 Gigabit Ethernet interfaces? Which two device types can Cisco Prime Security Manager manage in Multiple Device mode? (Choose two.) When you set a Cisco IOS Router as an SSH server, which command specifies the RSA public key of the remote peer when you set the SSH server to perform RSA-based authentication? You are the administrator of a Cisco ASA 9.0 firewall and have been tasked with ensuring that the Firewall Admins Active Directory group has full access to the ASA configuration. The Firewall Operators Active Directory group should have a more limited level of access. Which statement describes how to set these access levels? Which log level provides the most detail on the Cisco Web Security Appliance? A network engineer is troubleshooting and configures the ASA logging level to debugging. The logging-buffer is dominated by %ASA-6-305009 log messages. Which command suppresses those syslog messages while maintaining ability to troubleshoot? Where on a firewall does an administrator assign interfaces to contexts? Which option describes the purpose of the input parameter when you use the packet-tracer command on a Cisco device? What is the default behavior of an access list on the Cisco ASA security appliance? Which two SNMPv3 features ensure that SNMP packets have been sent securely?" Choose two. Which command configures the SNMP server group1 to enable authentication for members of the access list east? A network administrator is creating an ASA-CX administrative user account with the following parameters: The user will be responsible for configuring security policies on network devices. The user needs read-write access to policies. The account has no more rights than necessary for the job. What role will be assigned to the user? Which component does Cisco ASDM require on the host Cisco ASA 5500 Series or Cisco PIX security appliance? In IOS routers, what configuration can ensure both prevention of ntp spoofing and accurate time ensured? Which of the following would need to be created to configure an application-layer inspection of SMTP traffic operating on port 2525? Which set of commands enables logging and displays the log buffer on a Cisco ASA? Which two statements about Cisco IOS Firewall are true? (Choose two.) All 30 users on a single floor of a building are complaining about network slowness. After investigating the access switch, the network administrator notices that the MAC address table is full (10,000 entries) and all traffic is being flooded out of every port. Which action can the administrator take to prevent this from occurring? Which two features are supported when configuring clustering of multiple Cisco ASA appliances? (Choose two.) Which statement describes the correct steps to enable Botnet Traffic Filtering on a Cisco ASA version 9.0 transparent-mode firewall with an active Botnet Traffic Filtering license? Which security operations management best practice should be followed to enable appropriate network access for administrators? What is the default violation mode that is applied by port security? What is the result of the default ip ssh server authenticate user command? Which feature can suppress packet flooding in a network? What are two security features at the access port level that can help mitigate Layer 2 attacks? (Choose two.) An administrator is deploying port-security to restrict traffic from certain ports to specific MAC addresses. Which two considerations must an administrator take into account when using the switchport port-security mac-address sticky command? (Choose two.) When will a Cisco ASA that is operating in transparent firewall mode perform a routing table lookup instead of a MAC address table lookup to determine the outgoing interface of a packet? What are two reasons to implement Cisco IOS MPLS Bandwidth-Assured Layer 2 Services? (Choose two.) When a Cisco ASA is configured in multicontext mode, which command is used to change between contexts? An attacker has gained physical access to a password protected router. Which command will prevent access to the startup-config in NVRAM? What is the primary purpose of stateful pattern recognition in Cisco IPS networks? A Cisco ASA is configured in multiple context mode and has two user-defined contexts--Context_A and Context_B. From which context are device logging messages sent? Which command tests authentication with SSH and shows a generated key? Which statement about Cisco Security Manager form factors is true? Your company is replacing a high-availability pair of Cisco ASA 5550 firewalls with the newer Cisco ASA 5555-X models. Due to budget constraints, one Cisco ASA 5550 will be replaced at a time. Which statement about the minimum requirements to set up stateful failover between these two firewalls is true? Which technology provides forwarding-plane abstraction to support Layer 2 to Layer 7 network services in Cisco Nexus 1000V?

Study Guides