Top Simulation 300-206 preparation Tips!

Q71. Which command is used to nest objects in a pre-existing group? 

A. object-group 

B. network group-object 

C. object-group network 

D. group-object 

Answer: D 

Q72. Which two features does Cisco Security Manager provide? (Choose two.) 

A. Configuration and policy deployment before device discovery 

B. Health and performance monitoring 

C. Event management and alerting 

D. Command line menu for troubleshooting 

E. Ticketing management and tracking 

Answer: B,C 

Q73. According to the logging configuration on the Cisco ASA, what will happen if syslog server 10.10.2.40 fails? 

A. New connections through the ASA will be blocked and debug system logs will be sent to the internal buffer. 

B. New connections through the ASA will be blocked and informational system logs will be sent to the internal buffer. 

C. New connections through the ASA will be blocked and system logs will be sent to server 10.10.2.41. 

D. New connections through the ASA will be allowed and system logs will be sent to server 10.10.2.41. 

E. New connections through the ASA will be allowed and informational system logs will be sent to the internal buffer. 

F. New connections through the ASA will be allowed and debug system logs will be sent to the internal buffer. 

Answer: B 

Explanation: 

This is shown by the following screen shot: 

\\psf\Home\Desktop\Screen Shot 2015-06-17 at 5.26.32 PM.png 

Q74. In which two modes is zone-based firewall high availability available? (Choose two.) 

A. IPv4 only 

B. IPv6 only 

C. IPv4 and IPv6 

D. routed mode only 

E. transparent mode only 

F. both transparent and routed modes 

Answer: C,D 

Q75. What are three ways to add devices in Cisco Prime Infrastruture? ( Choose three ) 

A. Use Cisco Security manager 

B. Use Radius 

C. Import devices from a CSV file 

D. Add devices manually 

E. Use an automated process 

F. Use the Access Control Server 

Answer: C,D,E 

Q76. What is the default behavior of NAT control on Cisco ASA Software Version 8.3? 

A. NAT control has been deprecated on Cisco ASA Software Version 8.3. 

B. It will prevent traffic from traversing from one enclave to the next without proper access configuration. 

C. It will allow traffic to traverse from one enclave to the next without proper access configuration. 

D. It will deny all traffic. 

Answer: A 

Q77. Which utility can you use to troubleshoot and determine the timeline of packet changes in a data path within a Cisco firewall? 

A. packet tracer 

B. ping 

C. traceroute 

D. SNMP walk 

Answer: A 

Q78. Which statement about Cisco IPS Manager Express is true? 

A. It provides basic device management for large-scale deployments. 

B. It provides a GUI for configuring IPS sensors and security modules. 

C. It enables communication with Cisco ASA devices that have no administrative access. 

D. It provides greater security than simple ACLs. 

Answer: B 

Q79. An attacker has gained physical access to a password protected router. Which command will prevent access to the startup-config in NVRAM? 

A. no service password-recovery 

B. no service startup-config 

C. service password-encryption 

D. no confreg 0x2142 

Answer: A 

Q80. Which two options are private-VLAN secondary VLAN types? (Choose two) 

A. Isolated 

B. Secured 

C. Community 

D. Common 

E. Segregated 

Answer: A,C 

Explanation: 

http://www.cisco.com/c/en/us/td/docs/switches/datacenter/nexus5000/sw/configuration/guid e/cli/ CLIConfigurationGuide/PrivateVLANs.html