Tips for ccnp security senss 300 206 official cert guide
Vivid of ccnp security senss 300 206 official cert guide pdf download materials and practice for Cisco certification for IT engineers, Real Success Guaranteed with Updated 300 206 senss pdf dumps vce Materials. 100% PASS Implementing Cisco Edge Network Security Solutions exam Today!
Q61. When access rule properties are configured within ASDM, which traffic direction type is required by global and management access rule?
A. Any
B. Both in and out
C. In
D. Out
Answer: C
Q62. Which two configurations are necessary to enable password-less SSH login to an IOS router? (Choose two.)
A. Enter a copy of the administrator's public key within the SSH key-chain
B. Enter a copy of the administrator's private key within the SSH key-chain
C. Generate a 512-bit RSA key to enable SSH on the router
D. Generate an RSA key of at least 768 bits to enable SSH on the router
E. Generate a 512-bit ECDSA key to enable SSH on the router
F. Generate a ECDSA key of at least 768 bits to enable SSH on the router
Answer: A,D
Q63. Which configuration on a switch would be unsuccessful in preventing a DHCP starvation attack?
A. DHCP snooping
B. Port security
C. Source Guard
D. Rate Limiting
Answer: C
Q64. How many bridge groups are supported on a firewall that operate in transparent mode?
A. 8
B. 16
C. 10
D. 6
Answer: A
Q65. In which way are management packets classified on a firewall that operates in multiple context mode?
A. by their interface IP address
B. by the routing table
C. by NAT
D. by their MAC addresses
Answer: A
Q66. Which option describes the enhancements that SNMPv3 adds over 1 and 2 versions?
A. Predefined events that generate message from the SNMP agent to the NMS
B. Addition of authentication and privacy options
C. Cleartext transmission of data between SNMP server and SNMP agent
D. Addition of the ability to predefine events using traps
E. Pooling of devices using GET-NEXT requests
F. Use of the object identifier
Answer: B
Explanation:
http://www.cisco.com/c/en/us/td/docs/ios/12_2/configfun/configuration/guide/ffun_c/fcf014.html
Q67. Which four are IPv6 First Hop Security technologies? (Choose four.)
A. Send
B. Dynamic ARP Inspection
C. Router Advertisement Guard
D. Neighbor Discovery Inspection
E. Traffic Storm Control
F. Port Security
G. DHCPv6 Guard
Answer: A,C,D,G
Q68. What is the result of the default ip ssh server authenticate user command?
A. It enables the public key, keyboard, and password authentication methods. B. It enables the public key authentication method only.
C. It enables the keyboard authentication method only.
D. It enables the password authentication method only.
Answer: A
Q69. Which two features are supported when configuring clustering of multiple Cisco ASA appliances? (Choose two.)
A. NAT
B. dynamic routing
C. SSL remote access VPN
D. IPSec remote access VPN
Answer: A,B
Q70. Which option is a valid action for a port security violation?
A. Reset
B. Reject
C. Restrict
D. Disable
Answer: C