web analytics

100% Pass Ensure 300-206 Dumps with Free VCE and PDF (Question 61 – Question 75)

New 300-206 exam questions from PassLeader 300-206 dumps! Welcome to download the newest PassLeader 300-206 VCE and PDF dumps: http://www.passleader.com/300-206.html (223 Q&As)

P.S. Free 300-206 dumps are available on Google Drive shared by PassLeader: https://drive.google.com/open?id=0B-ob6L_QjGLpflBDRGVtd3JJR2k3ZF9sOTAyOHQ0bW1fdlJsZjFwS2xxZmx1TGVrOEdraTA

QUESTION 61
Which URL matches the regex statement “http”*/”www.cisco.com/”*[^E]”xe”?

A.    https://www.cisco.com/ftp/ios/tftpserver.exe
B.    https://cisco.com/ftp/ios/tftpserver.exe
C.    http:/www.cisco.com/ftp/ios/tftpserver.Exe
D.    https:/www.cisco.com/ftp/ios/tftpserver.EXE

Answer: A

QUESTION 62
Which two statements about Cisco IOS Firewall are true? (Choose two.)

A.    It provides stateful packet inspection.
B.    It provides faster processing of packets than Cisco ASA devices provide.
C.    It provides protocol-conformance checks against traffic.
D.    It eliminates the need to secure routers and switches throughout the network.
E.    It eliminates the need to secure host machines throughout the network.

Answer: AC

QUESTION 63
Which two VPN types can you monitor and control with Cisco Prime Security Manager? (Choose two.)

A.    AnyConnect SSL
B.    site-to-site
C.    clientless SSL
D.    IPsec remote-access

Answer: AD
Explanation:
http://www.cisco.com/c/en/us/td/docs/security/asacx/9-1/user/guide/b_User_Guide_for_ASA_CX_and_PRSM_9_1.pdf

QUESTION 64
What are three attributes that can be applied to a user account with RBAC? (Choose three.)

A.    domain
B.    password
C.    ACE tag
D.    user roles
E.    VDC group tag
F.    expiry date

Answer: BDF

QUESTION 65
Which command is used to nest objects in a pre-existing group?

A.    object-group
B.    network group-object
C.    object-group network
D.    group-object

Answer: D

QUESTION 66
Which threat-detection feature is used to keep track of suspected attackers who create connections to too many hosts or ports?

A.    complex threat detection
B.    scanning threat detection
C.    basic threat detection
D.    advanced threat detection

Answer: B

QUESTION 67
What is the default behavior of an access list on the Cisco ASA security appliance?

A.    It will permit or deny traffic based on the access-list criteria.
B.    It will permit or deny all traffic on a specified interface.
C.    An access group must be configured before the access list will take effect for traffic control.
D.    It will allow all traffic.

Answer: C

QUESTION 68
What is the default behavior of NAT control on Cisco ASA Software Version 8.3?

A.    NAT control has been deprecated on Cisco ASA Software Version 8.3.
B.    It will prevent traffic from traversing from one enclave to the next without proper access configuration.
C.    It will allow traffic to traverse from one enclave to the next without proper access configuration.
D.    It will deny all traffic.

Answer: A

QUESTION 69
Which three options are hardening techniques for Cisco IOS routers? (Choose three.)

A.    limiting access to infrastructure with access control lists
B.    enabling service password recovery
C.    using SSH whenever possible
D.    encrypting the service password
E.    using Telnet whenever possible
F.    enabling DHCP snooping

Answer: ACD

QUESTION 70
What command alters the SSL ciphers used by the Cisco Email Security Appliance for TLS sessions and HTTPS access?

A.    sslconfig
B.    sslciphers
C.    tlsconifg
D.    certconfig

Answer: A

QUESTION 71
What is the CLI command to enable SNMPv3 on the Cisco Web Security Appliance?

A.    snmpconfig
B.    snmpenable
C.    configsnmp
D.    enablesnmp

Answer: A

QUESTION 72
The Cisco Email Security Appliance can be managed with both local and external users of different privilege levels. What three external modes of authentication are supported? (Choose three.)

A.    LDAP authentication
B.    RADIUS Authentication
C.    TACAS
D.    SSH host keys
E.    Common Access Card Authentication
F.    RSA Single use tokens

Answer: ABD

QUESTION 73
When a Cisco ASA is configured in multicontext mode, which command is used to change between contexts?

A.    changeto config context
B.    changeto context
C.    changeto/config context change
D.    changeto/config context 2

Answer: B

QUESTION 74
Which statement about the Cisco Security Manager 4.4 NAT Rediscovery feature is true?

A.    It provides NAT policies to existing clients that connect from a new switch port.
B.    It can update shared policies even when the NAT server is offline.
C.    It enables NAT policy discovery as it updates shared polices.
D.    It enables NAT policy rediscovery while leaving existing shared polices unchanged.

Answer: D

QUESTION 75
When you install a Cisco ASA AIP-SSM, which statement about the main Cisco ASDM home page is true?

A.    It is replaced by the Cisco AIP-SSM home page.
B.    It must reconnect to the NAT policies database.
C.    The administrator can manually update the page.
D.    It displays a new Intrusion Prevention panel.

Answer: D


New 300-206 exam questions from PassLeader 300-206 dumps! Welcome to download the newest PassLeader 300-206 VCE and PDF dumps: http://www.passleader.com/300-206.html (223 Q&As)

P.S. Free 300-206 dumps are available on Google Drive shared by PassLeader: https://drive.google.com/open?id=0B-ob6L_QjGLpflBDRGVtd3JJR2k3ZF9sOTAyOHQ0bW1fdlJsZjFwS2xxZmx1TGVrOEdraTA