Proper study guides for Up to date Cisco Implementing Cisco Edge Network Security Solutions certified begins with Cisco 300-206 preparation products which designed to deliver the Certified 300-206 questions by making you pass the 300-206 test at your first time. Try the free 300-206 demo right now.

2021 Jul 300-206 cbt nuggets:

Q21. What can you do to enable inter-interface firewall communication for traffic that flows between two interfaces of the same security level? 

A. Run the command same-security-traffic permit inter-interface globally. 

B. Run the command same-security-traffic permit intra-interface globally. 

C. Configure both interfaces to have the same security level. 

D. Run the command same-security-traffic permit inter-interface on the interface with the highest security level. 

Answer: A 

Q22. Which cloud characteristic is used to describes the sharing of physical resource between various 

entities ? 

A. Elasticity 

B. Ubiquitous access 

C. Multitenancy 

D. Resiliency 

Answer: D 


Q23. Which two features block traffic that is sourced from non-topological IPv6 addresses? (Choose two.) 

A. DHCPv6 Guard 

B. IPv6 Prefix Guard 

C. IPv6 RA Guard 

D. IPv6 Source Guard 

Answer: B,D 

Q24. What is the default behavior of an access list on the Cisco ASA security appliance? 

A. It will permit or deny traffic based on the access-list criteria. 

B. It will permit or deny all traffic on a specified interface. 

C. An access group must be configured before the access list will take effect for traffic control. 

D. It will allow all traffic. 

Answer: C 

Q25. A network administrator is creating an ASA-CX administrative user account with the following parameters: 

The user will be responsible for configuring security policies on network devices. 

The user needs read-write access to policies. 

The account has no more rights than necessary for the job. 

What role will be assigned to the user? 

A. Administrator 

B. Security administrator 

C. System administrator 

D. Root Administrator 

E. Exec administrator 

Answer: B

Down to date robertshaw 300-206:

Q26. You have explicitly added the line deny ipv6 any log to the end of an IPv6 ACL on a router interface. Which two ICMPv6 packet types must you explicitly allow to enable traffic to traverse the interface? (Choose two.) 

A. router solicitation 

B. router advertisement 

C. neighbor solicitation 

D. neighbor advertisement 

E. redirect 

Answer: C,D 

Q27. Which two features are supported when configuring clustering of multiple Cisco ASA appliances? (Choose two.) 


B. dynamic routing 

C. SSL remote access VPN 

D. IPSec remote access VPN 

Answer: A,B 

Q28. Which statement about Cisco IPS Manager Express is true? 

A. It provides basic device management for large-scale deployments. 

B. It provides a GUI for configuring IPS sensors and security modules. 

C. It enables communication with Cisco ASA devices that have no administrative access. 

D. It provides greater security than simple ACLs. 

Answer: B 

Q29. Which technology can be deployed with a Cisco ASA 1000V to segregate Layer 2 access within a virtual cloud environment? 

A. Cisco Nexus 1000V 

B. Cisco VSG 



Answer: A 

Q30. Which feature is a limitation of a Cisco ASA 5555-X running 8.4.5 version with multiple contexts? 

A. Deep packet inspection 

B. Packet tracer 

C. IPsec 

D. Manual/auto NAT 

E. Multipolicy packet capture 

Answer: C