Download CCNP Security Implementing Cisco Edge Network Security Solutions (SENSS).PracticeTest.300-206.2019-01-24.1e.188q.vcex


Download Exam

File Info

Exam Implementing Cisco Edge Network Security Solutions
Number 300-206
File Name CCNP Security Implementing Cisco Edge Network Security Solutions (SENSS).PracticeTest.300-206.2019-01-24.1e.188q.vcex
Size 2.09 Mb
Posted January 24, 2019
Downloads 78



How to open VCEX & EXAM Files?

Files with VCEX & EXAM extensions can be opened by ProfExam Simulator.

Purchase
Coupon: EXAMFILESCOM

Coupon: EXAMFILESCOM
With discount: 20%


 
 



Demo Questions

Question 1
Which two features are supported when configuring clustering of multiple Cisco ASA appliances? (Choose two.)

  • A: NAT
  • B: dynamic routing
  • C: SSL remote access VPN
  • D: IPSec remote access VPN



Question 2
When a Cisco ASA is configured in transparent mode, how can ARP traffic be controlled?

  • A: By enabling ARP inspection; however, it cannot be controlled by an ACL
  • B: By enabling ARP inspection or by configuring ACLs
  • C: By configuring ACLs; however, ARP inspection is not supported
  • D: By configuring NAT and ARP inspection



Question 3
What are two primary purposes of Layer 2 detection in Cisco IPS networks? (Choose two.)

  • A: identifying Layer 2 ARP attacks
  • B: detecting spoofed MAC addresses and tracking 802.1X actions and data communication after a successful client association
  • C: detecting and preventing MAC address spoofing in switched environments
  • D: mitigating man-in-the-middle attacks



Question 4
What is the primary purpose of stateful pattern recognition in Cisco IPS networks?

  • A: mitigating man-in-the-middle attacks
  • B: using multipacket inspection across all protocols to identify vulnerability-based attacks and to thwart attacks that hide within a data stream
  • C: detecting and preventing MAC address spoofing in switched environments
  • D: identifying Layer 2 ARP attacks



Question 5
What are two reasons to implement Cisco IOS MPLS Bandwidth-Assured Layer 2 Services? (Choose two.)

  • A: guaranteed bandwidth and peak rates as well as low cycle periods, regardless of which systems access the device
  • B: increased resiliency through MPLS FRR for AToM circuits and better bandwidth utilization through MPLS TE
  • C: enabled services over an IP/MPLS infrastructure, for enhanced MPLS Layer 2 functionality
  • D: provided complete proactive protection against frame and device spoofing



Question 6
What is the maximum jumbo frame size for IPS standalone appliances with 1G and 10G fixed or add-on interfaces?

  • A: 1024 bytes
  • B: 1518 bytes
  • C: 2156 bytes
  • D: 9216 bytes



Question 7
Which two statements about Cisco IDS are true? (Choose two.)

  • A: It is preferred for detection-only deployment.
  • B: It is used for installations that require strong network-based protection and that include sensor tuning.
  • C: It is used to boost sensor sensitivity at the expense of false positives.
  • D: It is used to monitor critical systems and to avoid false positives that block traffic.
  • E: It is used primarily to inspect egress traffic, to filter outgoing threats.



Question 8
What are two reasons for implementing NIPS at enterprise Internet edges? (Choose two.)

  • A: Internet edges typically have a lower volume of traffic and threats are easier to detect.
  • B: Internet edges typically have a higher volume of traffic and threats are more difficult to detect.
  • C: Internet edges provide connectivity to the Internet and other external networks.
  • D: Internet edges are exposed to a larger array of threats.
  • E: NIPS is more optimally designed for enterprise Internet edges than for internal network configurations.



Question 9
Which four are IPv6 First Hop Security technologies? (Choose four.)

  • A: Send
  • B: Dynamic ARP Inspection
  • C: Router Advertisement Guard
  • D: Neighbor Discovery Inspection
  • E: Traffic Storm Control
  • F: Port Security
  • G: DHCPv6 Guard



Question 10
IPv6 addresses in an organization's network are assigned using Stateless Address Autoconfiguration. What is a security concern of using SLAAC for IPv6 address assignment?

  • A: Man-In-The-Middle attacks or traffic interception using spoofed IPv6 Router Advertisements
  • B: Smurf or amplification attacks using spoofed IPv6 ICMP Neighbor Solicitations
  • C: Denial of service attacks using TCP SYN floods
  • D: Denial of Service attacks using spoofed IPv6 Router Solicitations








ProfExam
PROFEXAM WITH A 20% DISCOUNT

You can buy ProfExam with a 20% discount..

Get Now!


HOW TO OPEN VCEX AND EXAM FILES

Use ProfExam Simulator to open VCEX and EXAM files
ProfExam Screen



HOW TO OPEN VCE FILES

Use VCE Exam Simulator to open VCE files
Avanaset