Download Implementing Cisco Edge Network Security Solutions.train4sure.300-206.2018-10-03.1e.186q.vcex

Download Exam

File Info

Exam Implementing Cisco Edge Network Security Solutions
Number 300-206
File Name Implementing Cisco Edge Network Security Solutions.train4sure.300-206.2018-10-03.1e.186q.vcex
Size 12.94 Mb
Posted October 03, 2018
Downloads 32
Download Implementing Cisco Edge Network Security Solutions.train4sure.300-206.2018-10-03.1e.186q.vcex

How to open VCEX & EXAM Files?

Files with VCEX & EXAM extensions can be opened by ProfExam Simulator.

Purchase

Coupon: MASTEREXAM
With discount: 20%



 
 



Demo Questions

Question 1

What are three attributes that can be applied to a user account with RBAC? (Choose three.)

  • A: domain
  • B: password
  • C: ACE tag
  • D: user roles
  • E: VDC group tag
  • F: expiry date

Correct Answer: BDF




Question 2

If you encounter problems logging in to the Cisco Security Manager 4.4 web server or client or backing up its databases, which account has most likely been improperly modified?

  • A: admin (the default administrator account)
  • B: casuser (the default service account)
  • C: guest (the default guest account)
  • D: user (the default user account)

Correct Answer: B




Question 3

Which component does Cisco ASDM require on the host Cisco ASA 5500 Series or Cisco PIX security appliance?

  • A: a DES or 3DES license
  • B: a NAT policy server
  • C: a SQL database
  • D: a Kerberos key
  • E: a digital certificate

Correct Answer: A




Question 4

Which command configures the SNMP server group1 to enable authentication for members of the access list east?

  • A: snmp-server group group1 v3 auth access east
  • B: snmp-server group1 v3 auth access east
  • C: snmp-server group group1 v3 east
  • D: snmp-server group1 v3 east access

Correct Answer: A




Question 5

  

  

  

  • A: Please check the steps in explanation part below

Correct Answer: 1

1) Click on Service Policy Rules, then Edit the default inspection rule. 
2) Click on Rule Actions, then enable HTTP as shown here:

  

3) Click on Configure, then add as shown here:

  

4) Create the new map in ASDM like shown:

  

5) Edit the policy as shown:

  

6) Hit OK




Question 6

  

  

  

Which statement about how the Cisco ASA supports SNMP is true?

  • A: All SNMFV3 traffic on the inside interface will be denied by the global ACL
  • B: The Cisco ASA and ASASM provide support for network monitoring using SNMP Versions 1,2c, and 3, but do not support the use of all three versions simultaneously.
  • C: The Cisco ASA and ASASM have an SNMP agent that notifies designated management, stations if events occur that are predefined to require a notification, for example, when a link in the network goes up or down.
  • D: SNMPv3 is enabled by default and SNMP v1 and 2c are disabled by default.
  • E: SNMPv3 is more secure because it uses SSH as the transport mechanism.

Correct Answer: C

This can be verified by this ASDM screen shot:

  




Question 7

  

  

  

SNMP users have a specified username, a group to which the user belongs, authentication password, encryption password, and authentication and encryption algorithms to use. The authentication algorithm options are MD5 and SHA. The encryption algorithm options are DES, 3DES, and AES (which is available in 128,192, and 256 versions). When you create a user, with which option must you associate it?

  • A: an SNMP group
  • B: at least one interface
  • C: the SNMP inspection in the global_policy
  • D: at least two interfaces

Correct Answer: A

This can be verified via the ASDM screen shot shown here:

  




Question 8

  

  

  

An SNMP host is an IP address to which SNMP notifications and traps are sent. To configure SNMFV3 hosts, which option must you configure in addition to the target IP address?

  • A: the Cisco ASA as a DHCP server, so the SNMFV3 host can obtain an IP address
  • B: a username, because traps are only sent to a configured user
  • C: SSH, so the user can connect to the Cisco ASA
  • D: the Cisco ASA with a dedicated interface only for SNMP, to process the SNMP host traffic.

Correct Answer: B

The username can be seen here on the ASDM simulator screen shot:

  




Question 9

Enabling what security mechanism can prevent an attacker from gaining network topology information from CDP via a man-in-the-middle attack?

  • A: MACsec
  • B: Flex VPN
  • C: Control Plane Protection
  • D: Dynamic Arp Inspection

Correct Answer: A




Question 10

On an ASA running version 9.0, which command is used to nest objects in a pre-existing group?

  • A: object-group
  • B: network group-object
  • C: object-group network
  • D: group-object

Correct Answer: D










CONNECT US

Facebook

Twitter

PROFEXAM WITH A 20% DISCOUNT

You can buy ProfExam with a 20% discount!



HOW TO OPEN VCEX AND EXAM FILES

Use ProfExam Simulator to open VCEX and EXAM files