Cause all that matters here is passing the Cisco 300-206 exam. Cause all that you need is a high score of 300-206 Implementing Cisco Edge Network Security Solutions exam. The only one thing you need to do is downloading Testking 300-206 exam study guides now. We will not let you down with our money-back guarantee.

2021 Apr 300-206 practice exam

Q101. Which utility can you use to troubleshoot and determine the timeline of packet changes in a data path within a Cisco firewall? 

A. packet tracer 

B. ping 

C. traceroute 

D. SNMP walk 

Answer:


Q102. What is the maximum jumbo frame size for IPS standalone appliances with 1G and 10G fixed or add-on interfaces? 

A. 1024 bytes 

B. 1518 bytes 

C. 2156 bytes 

D. 9216 bytes 

Answer:


Q103. Which cloud characteristic is used to describes the sharing of physical resource between various 

entities ? 

A. Elasticity 

B. Ubiquitous access 

C. Multitenancy 

D. Resiliency 

Answer:

Explanation: 

http://www.cisco.com/web/about/ac123/ac147/archived_issues/ipj_12-3/123_cloud1.html 


Q104. In which two modes is zone-based firewall high availability available? (Choose two.) 

A. IPv4 only 

B. IPv6 only 

C. IPv4 and IPv6 

D. routed mode only 

E. transparent mode only 

F. both transparent and routed modes 

Answer: C,D 


Q105. When it is configured in accordance to Cisco best practices, the switchport port-security maximum command can mitigate which two types of Layer 2 attacks? (Choose two.) 

A. rogue DHCP servers 

B. ARP attacks 

C. DHCP starvation 

D. MAC spoofing 

E. CAM attacks 

F. IP spoofing 

Answer: C,E 


Up to the immediate present 300-206 exams:

Q106. Which configuration keyword will configure SNMPv3 with authentication but no encryption? 

A. Auth 

B. Priv 

C. No auth 

D. Auth priv 

Answer:


Q107. CORRECT TEXT 

You are a network security engineer for the Secure-X network. You have been tasked with implementing dynamic network object NAT with PAT on a Cisco ASA. 

You must configure the Cisco ASA such that the source IP addresses of all internal hosts are translated to a single IP address (using different ports) when the internal hosts access the Internet. 

To successfully complete this activity, you must perform the following tasks: 

. Use the Cisco ASDM GUI on the Admin PC to configure dynamic network object NAT with PAT using the following parameters: 

. Network object name: Internal-Networks 

. IP subnet: 10.10.0.0/16 

. Translated IP address: 192.0.2.100 

. Source interface: inside 

. Destination interface: outside 

NOTE: The object (TRANSLATED-INSIDE-HOSTS) for this translated IP address has already been created for your use in this activity. 

NOTE: Not all ASDM screens are active for this exercise. 

NOTE: Login credentials are not needed for this simulation. 

. In the Cisco ASDM, display and view the auto-generated NAT rule. 

. From the Employee PC, generate traffic to SP-SRV by opening a browser and navigating to http://sp-srv.sp.public. 

. From the Guest PC, generate traffic to SP-SRV by opening a browser and navigating to http://sp-srv.sp.public. 

. At the CLI of the Cisco ASA, display your NAT configuration. You should see the configured policy and statistics for translated packets. 

. At the CLI of the Cisco ASA, display the translation table. You should see dynamic translations for the Employee PC and the Guest PC. Both inside IP addresses translate to the same IP address, but using different ports. 

You have completed this exercise when you have configured and successfully tested dynamic network object NAT with PAT. 

Answer: Use the following configuration as per exhibit in explanation. 


Q108. Cisco Security Manager can manage which three products? (Choose three.) 

A. Cisco IOS 

B. Cisco ASA 

C. Cisco IPS 

D. Cisco WLC 

E. Cisco Web Security Appliance 

F. Cisco Email Security Appliance 

G. Cisco ASA CX 

H. Cisco CRS 

Answer: A,B,C 


Q109. A network administrator is creating an ASA-CX administrative user account with the following parameters: 

The user will be responsible for configuring security policies on network devices. 

The user needs read-write access to policies. 

The account has no more rights than necessary for the job. 

What role will be assigned to the user? 

A. Administrator 

B. Security administrator 

C. System administrator 

D. Root Administrator 

E. Exec administrator 

Answer:


Q110. Which two features are supported when configuring clustering of multiple Cisco ASA appliances? (Choose two.) 

A. NAT 

B. dynamic routing 

C. SSL remote access VPN 

D. IPSec remote access VPN 

Answer: A,B