Proper study guides for Improve Cisco Implementing Cisco Edge Network Security Solutions certified begins with Cisco 300-206 preparation products which designed to deliver the Vivid 300-206 questions by making you pass the 300-206 test at your first time. Try the free 300-206 demo right now.
2021 Apr 300-206 actual test
Q21. Which two device types can Cisco Prime Security Manager manage in Multiple Device mode? (Choose two.)
A. Cisco ESA
B. Cisco ASA
C. Cisco WSA
D. Cisco ASA CX
Answer: B,D
Q22. An SNMP host is an IP address to which SNMP notifications and traps are sent. To configure SNMFV3 hosts, which option must you configure in addition to the target IP address?
A. the Cisco ASA as a DHCP server, so the SNMFV3 host can obtain an IP address
B. a username, because traps are only sent to a configured user
C. SSH, so the user can connect to the Cisco ASA
D. the Cisco ASA with a dedicated interface only for SNMP, to process the SNMP host traffic.
Answer: B
Explanation: The username can be seen here on the ASDM simulator screen shot:
Q23. Which security operations management best practice should be followed to enable appropriate network access for administrators?
A. Provide full network access from dedicated network administration systems
B. Configure the same management account on every network device
C. Dedicate a separate physical or logical plane for management traffic
D. Configure switches as terminal servers for secure device access
Answer: C
Q24. Which three statements about private VLANs are true? (Choose three.)
A. Isolated ports can talk to promiscuous and community ports.
B. Promiscuous ports can talk to isolated and community ports.
C. Private VLANs run over VLAN Trunking Protocol in client mode.
D. Private VLANS run over VLAN Trunking Protocol in transparent mode.
E. Community ports can talk to each other as well as the promiscuous port.
F. Primary, secondary, and tertiary VLANs are required for private VLAN implementation.
Answer: B,D,E
Q25. How much storage is allotted to maintain system,configuration , and image files on the Cisco ASA 1000V during OVF template file deployment?
A. 1GB
B. 5GB
C. 2GB
D. 10GB
Answer: C
Up to the minute 300-206 practice test:
Q26. Which statement about Cisco IPS Manager Express is true?
A. It provides basic device management for large-scale deployments.
B. It provides a GUI for configuring IPS sensors and security modules.
C. It enables communication with Cisco ASA devices that have no administrative access.
D. It provides greater security than simple ACLs.
Answer: B
Q27. In which two modes is zone-based firewall high availability available? (Choose two.)
A. IPv4 only
B. IPv6 only
C. IPv4 and IPv6
D. routed mode only
E. transparent mode only
F. both transparent and routed modes
Answer: C,D
Q28. Refer to the exhibit.
What traffic is being captured by the Cisco ASA adaptive security appliance?
A. UDP traffic sourced from host 10.10.0.12 on port 80
B. TCP traffic destined to host 10.10.0.12 on port 80
C. TCP traffic sourced from host 10.10.0.12 on port 80
D. UDP traffic destined to host 10.10.0.12 on port 80
Answer: C
Q29. What are three features of the Cisco ASA 1000V? (Choose three.)
A. cloning the Cisco ASA 1000V
B. dynamic routing
C. the Cisco VNMC policy agent
D. IPv6
E. active/standby failover
F. QoS
Answer: A,C,E
Q30. At which layer does Dynamic ARP Inspection validate packets?
A. Layer 2
B. Layer 3
C. Layer 4
D. Layer 7
Answer: A