Want to know Ucertify 300-206 Exam practice test features? Want to lear more about Cisco Implementing Cisco Edge Network Security Solutions certification experience? Study Exact Cisco 300-206 answers to Down to date 300-206 questions at Ucertify. Gat a success with an absolute guarantee to pass Cisco 300-206 (Implementing Cisco Edge Network Security Solutions) test on your first attempt.
2021 Dec 300-206 senss:
Q71. Which three commands can be used to harden a switch? (Choose three.)
A. switch(config-if)# spanning-tree bpdufilter enable
B. switch(config)# ip dhcp snooping
C. switch(config)# errdisable recovery interval 900
D. switch(config-if)# spanning-tree guard root
E. switch(config-if)# spanning-tree bpduguard disable
F. switch(config-if)# no cdp enable
Answer: B,D,F
Q72. What is the default violation mode that is applied by port security?
A. restrict
B. protect
C. shutdown
D. shutdown VLAN
Answer: C
Q73. On an ASA running version 9.0, which command is used to nest objects in a pre-existing group?
A. object-group
B. network group-object
C. object-group network
D. group-object
Answer: D
Q74. Which Layer 2 security feature prevents traffic on a LAN from being disrupted by a broadcast,multicat, or unicast storm on one physical interface?
A. Bridge protocol Data Unit Guard
B. Storm Control
C. Embedded event monitoring
D. Access control lists
Answer: B
Q75. How much storage is allotted to maintain system,configuration , and image files on the Cisco ASA 1000V during OVF template file deployment?
A. 1GB
B. 5GB
C. 2GB
D. 10GB
Answer: C
Update cisco 300-206 book:
Q76. All 30 users on a single floor of a building are complaining about network slowness. After investigating the access switch, the network administrator notices that the MAC address table is full (10,000 entries) and all traffic is being flooded out of every port. Which action can the administrator take to prevent this from occurring?
A. Configure port-security to limit the number of mac-addresses allowed on each port
B. Upgrade the switch to one that can handle 20,000 entries
C. Configure private-vlans to prevent hosts from communicating with one another
D. Enable storm-control to limit the traffic rate
E. Configure a VACL to block all IP traffic except traffic to and from that subnet
Answer: A
Q77. An attacker has gained physical access to a password protected router. Which command will prevent access to the startup-config in NVRAM?
A. no service password-recovery
B. no service startup-config
C. service password-encryption
D. no confreg 0x2142
Answer: A
Q78. Which feature can suppress packet flooding in a network?
A. PortFast
B. BPDU guard
C. Dynamic ARP Inspection
D. storm control
Answer: D
Q79. Which option describes the enhancements that SNMPv3 adds over 1 and 2 versions?
A. Predefined events that generate message from the SNMP agent to the NMS
B. Addition of authentication and privacy options
C. Cleartext transmission of data between SNMP server and SNMP agent
D. Addition of the ability to predefine events using traps
E. Pooling of devices using GET-NEXT requests
F. Use of the object identifier
Answer: B
Explanation:
http://www.cisco.com/c/en/us/td/docs/ios/12_2/configfun/configuration/guide/ffun_c/fcf014.html
Q80. Which option describes the purpose of the input parameter when you use the packet-tracer command on a Cisco device?
A. to provide detailed packet-trace information
B. to specify the source interface for the packet trace
C. to display the trace capture in XML format
D. to specify the protocol type for the packet trace
Answer: B