web analytics

New 300-206 Dumps with VCE and PDF from PassLeader (Question 91 – Question 100)

New 300-206 exam questions from PassLeader 300-206 dumps! Welcome to download the newest PassLeader 300-206 VCE and PDF dumps: http://www.passleader.com/300-206.html (223 Q&As)

P.S. Free 300-206 dumps are available on Google Drive shared by PassLeader: https://drive.google.com/open?id=0B-ob6L_QjGLpflBDRGVtd3JJR2k3ZF9sOTAyOHQ0bW1fdlJsZjFwS2xxZmx1TGVrOEdraTA

QUESTION 91
Which command configures the SNMP server group1 to enable authentication for members of the access list east?

A.    snmp-server group group1 v3 auth access east
B.    snmp-server group1 v3 auth access east
C.    snmp-server group group1 v3 east
D.    snmp-server group1 v3 east access

Answer: A

QUESTION 92
Lab Simulation
passleader-300-206-dumps-921
passleader-300-206-dumps-922

passleader-300-206-dumps-923

Answer:
Please check the steps in explanation part below:
(1) Click on Service Policy Rules, then Edit the default inspection rule.
(2) Click on Rule Actions, then enable HTTP as shown here:
passleader-300-206-dumps-924
(3) Click on Configure, then add as shown here:
passleader-300-206-dumps-925
(4) Create the new map in ASDM like shown:
passleader-300-206-dumps-926
(5) Edit the policy as shown:
passleader-300-206-dumps-927
(6) Hit OK

QUESTION 93
Hotspot Questions
passleader-300-206-dumps-931

passleader-300-206-dumps-932

passleader-300-206-dumps-933
Which statement about how the Cisco ASA supports SNMP is true?

A.    All SNMFV3 traffic on the inside interface will be denied by the global ACL
B.    The Cisco ASA and ASASM provide support for network monitoring using SNMP Versions 1, 2c, and 3, but do not support the use of all three versions simultaneously.
C.    The Cisco ASA and ASASM have an SNMP agent that notifies designated management stations if events occur that are predefined to require a notification, for example, when a link in the network goes up or down.
D.    SNMPv3 is enabled by default and SNMP v1 and 2c are disabled by default.
E.    SNMPv3 is more secure because it uses SSH as the transport mechanism.

Answer: C

QUESTION 94
Hotspot Questions
passleader-300-206-dumps-941

passleader-300-206-dumps-942

passleader-300-206-dumps-943
SNMP users have a specified username, a group to which the user belongs, authentication password, encryption password, and authentication and encryption algorithms to use. The authentication algorithm options are MD5 and SHA. The encryption algorithm options are DES, 3DES, andAES (which is available in 128,192, and 256 versions). When you create a user, with which option must you associate it?

A.    an SNMP group
B.    at least one interface
C.    the SNMP inspection in the global_policy
D.    at least two interfaces

Answer: A

QUESTION 95
Hotspot Questions
passleader-300-206-dumps-951

passleader-300-206-dumps-952

passleader-300-206-dumps-953
An SNMP host is an IP address to which SNMP notifications and traps are sent. To configure SNMFV3 hosts, which option must you configure in addition to the target IP address?

A.    the Cisco ASA as a DHCP server, so the SNMFV3 host can obtain an IP address
B.    a username, because traps are only sent to a configured user
C.    SSH, so the user can connect to the Cisco ASA
D.    the Cisco ASA with a dedicated interface only for SNMP, to process the SNMP host traffic

Answer: B

QUESTION 96
Refer to the exhibit. To protect Host A and Host B from communicating with each other, which type of PVLAN port should be used for each host?
passleader-300-206-dumps-961

A.    Host A on a promiscuous port and Host B on a community port
B.    Host A on a community port and Host B on a promiscuous port
C.    Host A on an isolated port and Host B on a promiscuous port
D.    Host A on a promiscuous port and Host B on a promiscuous port
E.    Host A on an isolated port and host B on an isolated port
F.    Host A on a community port and Host B on a community port

Answer: E

QUESTION 97
Which security operations management best practice should be followed to enable appropriate network access for administrators?

A.    Provide full network access from dedicated network administration systems
B.    Configure the same management account on every network device
C.    Dedicate a separate physical or logical plane for management traffic
D.    Configure switches as terminal servers for secure device access

Answer: C

QUESTION 98
Which two features block traffic that is sourced from non-topological IPv6 addresses? (Choose two.)

A.    DHCPv6 Guard
B.    IPv6 Prefix Guard
C.    IPv6 RA Guard
D.    IPv6 Source Guard

Answer: BD

QUESTION 99
Which three options correctly identify the Cisco ASA1000V Cloud Firewall? (Choose three.)

A.    operates at Layer 2
B.    operates at Layer 3
C.    secures tenant edge traffic
D.    secures intraswitch traffic
E.    secures data center edge traffic
F.    replaces Cisco VSG
G.    complements Cisco VSG
H.    requires Cisco VSG

Answer: BCG

QUESTION 100
Which two options are private-VLAN secondary VLAN types? (Choose two)

A.    Isolated
B.    Secured
C.    Community
D.    Common
E.    Segregated

Answer: AC
Explanation:
http://www.cisco.com/c/en/us/td/docs/switches/datacenter/nexus5000/sw/configuration/guide/cli/CLIConfigurationGuide/PrivateVLANs.html


New 300-206 exam questions from PassLeader 300-206 dumps! Welcome to download the newest PassLeader 300-206 VCE and PDF dumps: http://www.passleader.com/300-206.html (223 Q&As)

P.S. Free 300-206 dumps are available on Google Drive shared by PassLeader: https://drive.google.com/open?id=0B-ob6L_QjGLpflBDRGVtd3JJR2k3ZF9sOTAyOHQ0bW1fdlJsZjFwS2xxZmx1TGVrOEdraTA