This page was exported from Braindump2go Free Exam Dumps with PDF and VCE Collection
[
https://www.mcitpdump.com
]
Export date: Thu Mar 28 15:13:51 2024 / +0000 GMT
Cisco Official News: Braindump2go New Published Cisco 300-206 Dumps PDF Contanins the latest questions from Cisco Exam Center! 100% Certification got guaranteed! Vendor: Cisco Keywords: 300-206 Exam Dumps,300-206 Practice Tests,300-206 Practice Exams,300-206 Exam Questions,300-206 PDF,300-206 VCE Free,300-206 Book,300-206 E-Book,300-206 Study Guide,300-206 Braindump,300-206 Prep Guide QUESTION 81 A. identifying Layer 2 ARP attacks Answer: AD QUESTION 82 A. mitigating man-in-the-middle attacks Answer: B QUESTION 83 A. guaranteed bandwidth and peak rates as well as low cycle periods, regardless of which systems access Answer: BC QUESTION 84 A. 1024 bytes Answer: D QUESTION 85 A. It is preferred for detection-only deployment. Answer: BC QUESTION 86 A. Internet edges typically have a lower volume of traffic and threats are easier to detect. Answer: CD QUESTION 87 A. All input traffic on the inside interface is denied by the global ACL. Answer: B QUESTION 88 A. match any Answer: B QUESTION 89 A. logging list critical_messages level 2 Answer: B QUESTION 90 A. The configuration will be updated with MAC addresses from traffic seen ingressing the port. Answer: BE
Exam Code: 300-206
Exam Name: Implementing Cisco Edge Network Security Solutions
What are two primary purposes of Layer 2 detection in Cisco IPS networks? (Choose two.)
B. detecting spoofed MAC addresses and tracking 802.1X actions and data communication after a
successful client association
C. detecting and preventing MAC address spoofing in switched environments
D. mitigating man-in-the-middle attacks
What is the primary purpose of stateful pattern recognition in Cisco IPS networks?
B. using multipacket inspection across all protocols to identify vulnerability-based attacks and to
thwart attacks that hide within a data stream
C. detecting and preventing MAC address spoofing in switched environments
D. identifying Layer 2 ARP attacks
What are two reasons to implement Cisco IOS MPLS Bandwidth-Assured Layer 2 Services? (Choose two.)
the device
B. increased resiliency through MPLS FRR for AToM circuits and better bandwidth utilization through MPLS TE
C. enabled services over an IP/MPLS infrastructure, for enhanced MPLS Layer 2 functionality
D. provided complete proactive protection against frame and device spoofing
What is the maximum jumbo frame size for IPS standalone appliances with 1G and 10G fixed or add-on interfaces?
B. 1518 bytes
C. 2156 bytes
D. 9216 bytes
Which two statements about Cisco IDS are true? (Choose two.)
B. It is used for installations that require strong network-based protection and that include sensor tuning.
C. It is used to boost sensor sensitivity at the expense of false positives.
D. It is used to monitor critical systems and to avoid false positives that block traffic.
E. It is used primarily to inspect egress traffic, to filter outgoing threats.
What are two reasons for implementing NIPS at enterprise Internet edges? (Choose two.)
B. Internet edges typically have a higher volume of traffic and threats are more difficult to detect.
C. Internet edges provide connectivity to the Internet and other external networks.
D. Internet edges are exposed to a larger array of threats.
E. NIPS is more optimally designed for enterprise Internet edges than for internal network configurations.
Which statement about the Cisco ASA configuration is true?
B. All input and output traffic on the outside interface is denied by the global ACL.
C. ICMP echo-request traffic is permitted from the inside to the outside, and ICMP echo-reply will be
permitted from the outside back to inside.
D. HTTP inspection is enabled in the global policy.
E. Traffic between two hosts connected to the same interface is permitted.
In the default global policy, which traffic is matched for inspections by default?
B. match default-inspection-traffic
C. match access-list
D. match port
E. match class-default
Which set of commands creates a message list that includes all severity 2 (critical) messages on a Cisco security device?
console logging critical_messages
B. logging list critical_messages level 2
logging console critical_messages
C. logging list critical_messages level 2
logging console enable critical_messages
D. logging list enable critical_messages level 2 console logging critical_messages
An administrator is deploying port-security to restrict traffic from certain ports to specific MAC addresses. Which two considerations must an administrator take into account when using the switchport port-security mac-address sticky command? (Choose two.)
The configuration will automatically be saved to NVRAM if no other changes to the configuration have
been made.
B. The configuration will be updated with MAC addresses from traffic seen ingressing the port.
The configuration will not automatically be saved to NVRAM.
C. Only MAC addresses with the 5th most significant bit of the address (the 'sticky' bit) set to 1 will be learned.
D. If configured on a trunk port without the 'vlan' keyword, it will apply to all vlans.
E. If configured on a trunk port without the 'vlan' keyword, it will apply only to the native vlan.
Want Pass 300-206 Exam At the first try? Come to Braindump2go! Download the Latest Cisco 300-206 Real Exam Questions and Answers PDF & VCE from Braindump2go,100% Pass Guaranteed Or Full Money Back!
Post date: 2015-07-06 08:42:08
Post date GMT: 2015-07-06 08:42:08
Post modified date: 2015-07-06 08:42:08
Post modified date GMT: 2015-07-06 08:42:08
Powered by [ Universal Post Manager ] plugin. MS Word saving format developed by gVectors Team www.gVectors.com