Download CCNP Security Implementing Cisco Edge Network Security Solutions (SENSS).PracticeTest.300-206.2019-01-24.1e.188q.vcex

Download Exam

File Info

Exam Implementing Cisco Edge Network Security Solutions
Number 300-206
File Name CCNP Security Implementing Cisco Edge Network Security Solutions (SENSS).PracticeTest.300-206.2019-01-24.1e.188q.vcex
Size 2.09 Mb
Posted January 24, 2019
Downloads 84

How to open VCEX & EXAM Files?

Files with VCEX & EXAM extensions can be opened by ProfExam Simulator.


With discount: 20%


Demo Questions

Question 1
Which two features are supported when configuring clustering of multiple Cisco ASA appliances? (Choose two.)

  • A: NAT
  • B: dynamic routing
  • C: SSL remote access VPN
  • D: IPSec remote access VPN

Question 2
When a Cisco ASA is configured in transparent mode, how can ARP traffic be controlled?

  • A: By enabling ARP inspection; however, it cannot be controlled by an ACL
  • B: By enabling ARP inspection or by configuring ACLs
  • C: By configuring ACLs; however, ARP inspection is not supported
  • D: By configuring NAT and ARP inspection

Question 3
What are two primary purposes of Layer 2 detection in Cisco IPS networks? (Choose two.)

  • A: identifying Layer 2 ARP attacks
  • B: detecting spoofed MAC addresses and tracking 802.1X actions and data communication after a successful client association
  • C: detecting and preventing MAC address spoofing in switched environments
  • D: mitigating man-in-the-middle attacks

Question 4
What is the primary purpose of stateful pattern recognition in Cisco IPS networks?

  • A: mitigating man-in-the-middle attacks
  • B: using multipacket inspection across all protocols to identify vulnerability-based attacks and to thwart attacks that hide within a data stream
  • C: detecting and preventing MAC address spoofing in switched environments
  • D: identifying Layer 2 ARP attacks

Question 5
What are two reasons to implement Cisco IOS MPLS Bandwidth-Assured Layer 2 Services? (Choose two.)

  • A: guaranteed bandwidth and peak rates as well as low cycle periods, regardless of which systems access the device
  • B: increased resiliency through MPLS FRR for AToM circuits and better bandwidth utilization through MPLS TE
  • C: enabled services over an IP/MPLS infrastructure, for enhanced MPLS Layer 2 functionality
  • D: provided complete proactive protection against frame and device spoofing

Question 6
What is the maximum jumbo frame size for IPS standalone appliances with 1G and 10G fixed or add-on interfaces?

  • A: 1024 bytes
  • B: 1518 bytes
  • C: 2156 bytes
  • D: 9216 bytes

Question 7
Which two statements about Cisco IDS are true? (Choose two.)

  • A: It is preferred for detection-only deployment.
  • B: It is used for installations that require strong network-based protection and that include sensor tuning.
  • C: It is used to boost sensor sensitivity at the expense of false positives.
  • D: It is used to monitor critical systems and to avoid false positives that block traffic.
  • E: It is used primarily to inspect egress traffic, to filter outgoing threats.

Question 8
What are two reasons for implementing NIPS at enterprise Internet edges? (Choose two.)

  • A: Internet edges typically have a lower volume of traffic and threats are easier to detect.
  • B: Internet edges typically have a higher volume of traffic and threats are more difficult to detect.
  • C: Internet edges provide connectivity to the Internet and other external networks.
  • D: Internet edges are exposed to a larger array of threats.
  • E: NIPS is more optimally designed for enterprise Internet edges than for internal network configurations.

Question 9
Which four are IPv6 First Hop Security technologies? (Choose four.)

  • A: Send
  • B: Dynamic ARP Inspection
  • C: Router Advertisement Guard
  • D: Neighbor Discovery Inspection
  • E: Traffic Storm Control
  • F: Port Security
  • G: DHCPv6 Guard

Question 10
IPv6 addresses in an organization's network are assigned using Stateless Address Autoconfiguration. What is a security concern of using SLAAC for IPv6 address assignment?

  • A: Man-In-The-Middle attacks or traffic interception using spoofed IPv6 Router Advertisements
  • B: Smurf or amplification attacks using spoofed IPv6 ICMP Neighbor Solicitations
  • C: Denial of service attacks using TCP SYN floods
  • D: Denial of Service attacks using spoofed IPv6 Router Solicitations


You can buy ProfExam with a 20% discount..

Get Now!


Use ProfExam Simulator to open VCEX and EXAM files
ProfExam Screen


Use VCE Exam Simulator to open VCE files