web analytics

[11-Oct-2018] New 300-206 Dumps with VCE and PDF from PassLeader (Update Questions)

New 300-206 exam questions from PassLeader 300-206 dumps! Welcome to download the newest PassLeader 300-206 VCE and PDF dumps: https://www.passleader.com/300-206.html (359 Q&As –> 413 Q&As)

P.S. New 300-206 dumps are available on Google Drive shared by PassLeader: https://drive.google.com/open?id=0B-ob6L_QjGLpflBDRGVtd3JJR2k3ZF9sOTAyOHQ0bW1fdlJsZjFwS2xxZmx1TGVrOEdraTA

NEW QUESTION 316
Prime Infrastructure admin discovers the network and wants to use Web Services Management Agent for configuring devices. Which protocol allows use of WSMA?

A.    Telnet
B.    SSHv2
C.    SNMPv2
D.    SNMPv3

Answer: B
Explanation:
Prime Infrastructure mainly uses the CLI method (over Telnet or SSHv2) to configure the devices. You can use WSMA (over SSHv2) for configuring specific features on the ASR and ISR devices. Cisco Web Services Management Agent is a more efficient and more robust method to configure the devices. Prime Infrastructure supports Zone Based Firewall and Application Visibility configuration via WSMA on the ASR and ISR devices.
https://www.cisco.com/c/en/us/td/docs/net_mgmt/prime/infrastructure/3-4/user/guide/bk_CiscoPrimeInfrastructure_3_4_0_UserGuide/bk_CiscoPrimeInfrastructure_3_4_0_UserGuide_chapter_0100011.html

NEW QUESTION 317
Which credentials are used by Prime Infrastructure to access the devices via web? (Choose two.)

A.    SSH
B.    Telnet
C.    Serial console
D.    RADIUS
E.    802.1X

Answer: AB
Explanation:
Choose one of the following options from the Action drop-down list at the top right of the device 360° view.
* Alarm Browser — Launches the Alarm Browser. See Monitoring Alarms for more information.
* Device Details — Displays device details.
* Support Community — Launches the Cisco Support Community. See Launching the Cisco Support Community.
* Support Request — Allows you to open a support case. See Opening a Support Case for more information.
* Ping — Allows you to ping the device.
* Traceroute — Allows you to perform a traceroute on the device.
* Connect to Device — Allows you to connect to the device using Telnet, SSH, HTTP, and HTTPS protocols.
* Sync Now — Allows you to synchronize the device with the configuration stored in the Prime Infrastructure database.
https://www.cisco.com/c/en/us/td/docs/net_mgmt/prime/infrastructure/3-1/user/guide/pi_ug/ui.pdf

NEW QUESTION 318
Which protocol is used by Prime Infrastructure to discover the devices via web? (Choose three.)

A.    ARP
B.    OSPF
C.    SNMP
D.    BGP
E.    NetFlow

Answer: BCD
Explanation:
Preparing the Network for Discovery:
* Devices must be configured with Cisco Discovery Protocol/LLDP, SNMP (V2, V3), or Telnet/SSH. Advanced protocols OSPF and BGP can also be used.
* For successfully managing a device using Cisco Prime Infrastructure, it is crucial that all the essential protocols be defined in the device credential for a given device. The following matrix shows what protocols are needed for various wired and wireless device types.
https://www.cisco.com/c/en/us/products/collateral/cloud-systems-management/prime-infrastructure/guide-c07-736611.html

NEW QUESTION 319
Where to apply security policies on Nexus1000V for group of VMs instead of applying it directly on interface?

A.    port group
B.    port profile
C.    security group
D.    security profile

Answer: B
Explanation:
Security policies can be applied to port profile in ASDM or VNMC. Port profiles represent port groups that are configured in Nexus 1000V environment.

NEW QUESTION 320
What are mandatory policies needed to support IPSec VPN in CSM environment? (Choose two.)

A.    IKE Proposal
B.    Group encryption
C.    IPSec Proposal
D.    GRE modes
E.    Server load balance

Answer: AC
Explanation:
Internet Key Exchange (IKE) is a key management protocol that is used to authenticate IPsec peers, negotiate and distribute IPsec encryption keys, and to automatically establish IPsec security associations (SAs).
……
https://www.cisco.com/c/en/us/td/docs/security/security_management/cisco_security_manager/security_manager/4-1/user/guide/CSMUserGuide_wrapper/vpipsec.pdf

NEW QUESTION 321
Which FW mode which will keep high throughput and will make a fast and flexible deployment?

A.    single mode, routed context
B.    multimode, routed context
C.    single mode, transparent context
D.    multimode, transparent context

Answer: D

NEW QUESTION 322
What is the benefit of centralized ESA management?

A.    Protection against flash threats.
B.    Administration of multiple autonomous systems.
C.    Easier administration.
D.    Virtualised e-mail partitions.

Answer: C
Explanation:
https://www.cisco.com/c/en/us/products/collateral/security/email-security-appliance/data-sheet-c78-729751.pdf (page 2)

NEW QUESTION 323
What security model enables both authentication and encryption in SNMPv3?

A.    encr
B.    auth
C.    priv
D.    encapsulation
E.    tunnel

Answer: C

NEW QUESTION 324
What is needed for the successful synchronization between NTP servers with enabled authentication?

A.    NTP Trusted Key
B.    TLS certification (NTP certificates)
C.    Stratum hash
D.    Something else

Answer: A
Explanation:
You can configure the Cisco CG-OS router to authenticate the time sources to which the local clock synchronizes. When you enable NTP authentication, the Cisco CG-OS router synchronizes to a time source only if the source carries one of the authentication keys specified by the ntp trusted-key command. The Cisco CG-OS router drops any packets that fail the authentication check and prevents them from updating the local clock.
https://www.cisco.com/c/en/us/td/docs/routers/connectedgrid/cgr1000/1_0/software/configuration/guide/sysmgmt/SysMgmt_Book/sm_ntp_cgr1000.pdf

NEW QUESTION 325
Hacker is intercepting CDP packets in the network. Which info he can get from captured CDP packets? (Choose three.)

A.    Hardware Platform
B.    Device ID
C.    Name of security context
D.    Routing protocol autonomous system number
E.    VTP Domain
F.    Interface statistics

Answer: ABE
Explanation:
The information contained in Cisco DiscoveryProtocol advertisements varies based on the type of device and the installed version of the operating system.Some of the information that Cisco DiscoveryProtocol can learn includes:
* Cisco IOS version running on Cisco devices
* Hardware platform of devices
* IP addresses of interfaces on devices
* Locally connected devices advertising Cisco Discovery Protocol
* Interfaces active on Cisco devices, including encapsulation type
* Hostname
* Duplex setting
* VLAN Trunking Protocol (VTP) domain
* Native VLAN
https://www.cisco.com/c/en/us/td/docs/ios-xml/ios/cdp/configuration/15-mt/cdp-15-mt-book/nm-cdp-discover.pdf (page 4)

NEW QUESTION 326
How many servers Prime Infrastructure High Availability supports?

A.    2
B.    4
C.    6
D.    8

Answer: A
Explanation:
The Cisco Prime Infrastructure High Availability (HA) implementation allows one primary Cisco Prime Infrastructure server to failover to one secondary (backup) Cisco Prime Infrastructure server. A second server is required that has sufficient resources (CPU, hard drive, network connection) in order to take over Cisco Prime Infrastructure operation in the event that the primary Cisco Prime Infrastructure system fails. In Cisco Prime Infrastructure, the only HA configuration is supported is 1:1 – 1 primary system, 1 secondary system.
https://www.cisco.com/c/en/us/products/collateral/cloud-systems-management/prime-infrastructure/guide-c07-731626.html (see High Availability)

NEW QUESTION 327
You are going to add ASA to CSM (Cisco Security Manager). Which port on ASA must be reachable for CSM to succeed?

A.    21
B.    22
C.    80
D.    443

Answer: D
Explanation:
Security Manager can use these transport protocols:
……
https://www.cisco.com/c/en/us/td/docs/security/security_management/cisco_security_manager/security_manager/415/user/guide/CSMUserGuide/ivprep.html (see Understanding Device Communication Requirements)

NEW QUESTION 328
Which command enables uRPF on router’s interface?

A.    ip protection source
B.    ip source guard enable
C.    ip reverse-path verify reachable-via any
D.    ip verify unicast source reachable-via interface_name
E.    ip verify reverse-path interface interface_name

Answer: D

NEW QUESTION 329
Which command enables uRPF on ASA interface?

A.    ip protection source
B.    ip source guard enable
C.    ip reverse-path verify reachable-via any
D.    ip verify unicast source reachable-via interface_name
E.    ip verify reverse-path interface interface_name

Answer: E

NEW QUESTION 330
Adding Cisco Prime using discovery which protocol must be used when RTDM is processed?

A.    OSPF
B.    BGP
C.    LLDP
D.    ARP

Answer: D
Explanation:
The ARP Discovery Module depends on the Routing Table Discovery Module (RTDM), and is executed only when RTDM is processed. This precondition is identified based on the flags processed by the ARP Discovery Module, which are part of the DeviceObject. The entries coming out of the ARP Discovery Module do not need to pass through RTDM because (per the router Discovery algorithm) active routers are those that RTDM must process and identify. When the ARP table is fetched and the entries are not already discovered by RTDM, these entries (though they may represent routers) are not active routers and need not be passed on to RTDM. This is ensured by setting the ARP Discovery Module flag to Processed and leaving the RTDM flag set to Unprocessed.
https://www.cisco.com/c/en/us/td/docs/net_mgmt/prime/infrastructure/3-1-5/user/guide/pi_ug/gettingstarted.html

NEW QUESTION 331
Drag and Drop
Configuration SSH on ASA
……

NEW QUESTION 332
Drag and Drop
CSM Rules Inheritance
……

NEW QUESTION 333
……

More Drag and Drop and Hotspot and Lab Sim
……


New 300-206 exam questions from PassLeader 300-206 dumps! Welcome to download the newest PassLeader 300-206 VCE and PDF dumps: https://www.passleader.com/300-206.html (359 Q&As –> 413 Q&As)

P.S. New 300-206 dumps are available on Google Drive shared by PassLeader: https://drive.google.com/open?id=0B-ob6L_QjGLpflBDRGVtd3JJR2k3ZF9sOTAyOHQ0bW1fdlJsZjFwS2xxZmx1TGVrOEdraTA