Download CCNP Security Implementing Cisco Edge Network Security Solutions (SENSS).testkings.300-206.2019-01-21.1e.190q.vcex

Download Exam

File Info

Exam Implementing Cisco Edge Network Security Solutions
Number 300-206
File Name CCNP Security Implementing Cisco Edge Network Security Solutions (SENSS).testkings.300-206.2019-01-21.1e.190q.vcex
Size 2.09 Mb
Posted January 21, 2019
Downloads 56
Download CCNP Security Implementing Cisco Edge Network Security Solutions (SENSS).testkings.300-206.2019-01-21.1e.190q.vcex

How to open VCEX & EXAM Files?

Files with VCEX & EXAM extensions can be opened by ProfExam Simulator.

Purchase

Coupon: MASTEREXAM
With discount: 20%



 
 



Demo Questions

Question 1

A Cisco ASA is configured for TLS proxy. When should the security appliance force remote IP phones connecting to the phone proxy through the internet to be in secured mode?

  • A: When the Cisco Unified Communications Manager cluster is in non-secure mode
  • B: When the Cisco Unified Communications Manager cluster is in secure mode only
  • C: When the Cisco Unified Communications Manager is not part of a cluster
  • D: When the Cisco ASA is configured for IPSec VPN

Correct Answer: A




Question 2

Which two features are supported when configuring clustering of multiple Cisco ASA appliances? (Choose two.)

  • A: NAT
  • B: dynamic routing
  • C: SSL remote access VPN
  • D: IPSec remote access VPN

Correct Answer: AB




Question 3

When a Cisco ASA is configured in transparent mode, how can ARP traffic be controlled?

  • A: By enabling ARP inspection; however, it cannot be controlled by an ACL
  • B: By enabling ARP inspection or by configuring ACLs
  • C: By configuring ACLs; however, ARP inspection is not supported
  • D: By configuring NAT and ARP inspection

Correct Answer: A




Question 4

What are two primary purposes of Layer 2 detection in Cisco IPS networks? (Choose two.)

  • A: identifying Layer 2 ARP attacks
  • B: detecting spoofed MAC addresses and tracking 802.1X actions and data communication after a successful client association
  • C: detecting and preventing MAC address spoofing in switched environments
  • D: mitigating man-in-the-middle attacks

Correct Answer: AD




Question 5

What is the primary purpose of stateful pattern recognition in Cisco IPS networks?

  • A: mitigating man-in-the-middle attacks
  • B: using multipacket inspection across all protocols to identify vulnerability-based attacks and to thwart attacks that hide within a data stream
  • C: detecting and preventing MAC address spoofing in switched environments
  • D: identifying Layer 2 ARP attacks

Correct Answer: B




Question 6

What are two reasons to implement Cisco IOS MPLS Bandwidth-Assured Layer 2 Services? (Choose two.)

  • A: guaranteed bandwidth and peak rates as well as low cycle periods, regardless of which systems access the device
  • B: increased resiliency through MPLS FRR for AToM circuits and better bandwidth utilization through MPLS TE
  • C: enabled services over an IP/MPLS infrastructure, for enhanced MPLS Layer 2 functionality
  • D: provided complete proactive protection against frame and device spoofing

Correct Answer: BC




Question 7

What is the maximum jumbo frame size for IPS standalone appliances with 1G and 10G fixed or add-on interfaces?

  • A: 1024 bytes
  • B: 1518 bytes
  • C: 2156 bytes
  • D: 9216 bytes

Correct Answer: D




Question 8

Which two statements about Cisco IDS are true? (Choose two.)

  • A: It is preferred for detection-only deployment.
  • B: It is used for installations that require strong network-based protection and that include sensor tuning.
  • C: It is used to boost sensor sensitivity at the expense of false positives.
  • D: It is used to monitor critical systems and to avoid false positives that block traffic.
  • E: It is used primarily to inspect egress traffic, to filter outgoing threats.

Correct Answer: AD




Question 9

What are two reasons for implementing NIPS at enterprise Internet edges? (Choose two.)

  • A: Internet edges typically have a lower volume of traffic and threats are easier to detect.
  • B: Internet edges typically have a higher volume of traffic and threats are more difficult to detect.
  • C: Internet edges provide connectivity to the Internet and other external networks.
  • D: Internet edges are exposed to a larger array of threats.
  • E: NIPS is more optimally designed for enterprise Internet edges than for internal network configurations.

Correct Answer: CD




Question 10

Which four are IPv6 First Hop Security technologies? (Choose four.)

  • A: Send
  • B: Dynamic ARP Inspection
  • C: Router Advertisement Guard
  • D: Neighbor Discovery Inspection
  • E: Traffic Storm Control
  • F: Port Security
  • G: DHCPv6 Guard

Correct Answer: ACDG










CONNECT US

Facebook

Twitter

PROFEXAM WITH A 20% DISCOUNT

You can buy ProfExam with a 20% discount!



HOW TO OPEN VCEX AND EXAM FILES

Use ProfExam Simulator to open VCEX and EXAM files