web analytics

Premium PassLeader 300-206 Dumps with VCE and PDF Download (Question 131 – Question 140)

New 300-206 exam questions from PassLeader 300-206 dumps! Welcome to download the newest PassLeader 300-206 VCE and PDF dumps: http://www.passleader.com/300-206.html (223 Q&As)

P.S. Free 300-206 dumps are available on Google Drive shared by PassLeader: https://drive.google.com/open?id=0B-ob6L_QjGLpflBDRGVtd3JJR2k3ZF9sOTAyOHQ0bW1fdlJsZjFwS2xxZmx1TGVrOEdraTA

QUESTION 131
When configured in accordance to Cisco best practices, the ip verify source command can mitigate which two types of Layer 2 attacks? (Choose two.)

A.    rogue DHCP servers
B.    ARP attacks
C.    DHCP starvation
D.    MAC spoofing
E.    CAM attacks
F.    IP spoofing

Answer: DF

QUESTION 132
Lab Sim
passleader-300-206-dumps-1321
passleader-300-206-dumps-1322
passleader-300-206-dumps-1323
Answer:
Please check the steps in explanation part below:
(1) Click on Service Policy Rules, then Edit the default inspection rule.
(2) Click on Rule Actions, then enable HTTP as shown here:
passleader-300-206-dumps-1324
(3) Click on Configure, then add as shown here:
passleader-300-206-dumps-1325
(4) Create the new map in ASDM like shown:
passleader-300-206-dumps-1326
(5) Edit the policy as shown:
passleader-300-206-dumps-1327
(6) Hit OK

QUESTION 133
You have installed a web server on a private network. Which type of NAT must you implement to enable access to the web server for public Internet users?

A.    static NAT
B.    dynamic NAT
C.    network object NAT
D.    twice NAT

Answer: A

QUESTION 134
Which type of object group will allow configuration for both TCP 80 and TCP 443?

A.    service
B.    network
C.    time range
D.    user group

Answer: A

QUESTION 135
When you configure a Botnet Traffic Filter on a Cisco firewall, what are two optional tasks? (Choose two.)

A.    Enable the use of dynamic databases.
B.    Add static entries to the database.
C.    Enable DNS snooping.
D.    Enable traffic classification and actions.
E.    Block traffic manually based on its syslog information.

Answer: BE

QUESTION 136
Refer to the exhibit. What is the effect of this configuration?
passleader-300-206-dumps-1361

A.    The firewall will inspect IP traffic only between networks 192.168.1.0 and 192.168.2.0.
B.    The firewall will inspect all IP traffic except traffic to 192.168.1.0 and 192.168.2.0.
C.    The firewall will inspect traffic only if it is defined within a standard ACL.
D.    The firewall will inspect all IP traffic.

Answer: A

QUESTION 137
When you configure a Cisco firewall in multiple context mode, where do you allocate interfaces?

A.    in the system execution space
B.    in the admin context
C.    in a user-defined context
D.    in the global configuration

Answer: A

QUESTION 138
At which layer does Dynamic ARP Inspection validate packets?

A.    Layer 2
B.    Layer 3
C.    Layer 4
D.    Layer 7

Answer: A

QUESTION 139
Which feature can suppress packet flooding in a network?

A.    PortFast
B.    BPDU guard
C.    Dynamic ARP Inspection
D.    storm control

Answer: D

QUESTION 140
What is the default violation mode that is applied by port security?

A.    restrict
B.    protect
C.    shutdown
D.    shutdown VLAN

Answer: C


New 300-206 exam questions from PassLeader 300-206 dumps! Welcome to download the newest PassLeader 300-206 VCE and PDF dumps: http://www.passleader.com/300-206.html (223 Q&As)

P.S. Free 300-206 dumps are available on Google Drive shared by PassLeader: https://drive.google.com/open?id=0B-ob6L_QjGLpflBDRGVtd3JJR2k3ZF9sOTAyOHQ0bW1fdlJsZjFwS2xxZmx1TGVrOEdraTA