New 300-206 exam questions from PassLeader 300-206 dumps! Welcome to download the newest PassLeader 300-206 VCE and PDF dumps: https://www.passleader.com/300-206.html (413 Q&As –> 456 Q&As –> 486 Q&As –> 501 Q&As)
P.S. New 300-206 dumps are available on Google Drive shared by PassLeader: https://drive.google.com/open?id=0B-ob6L_QjGLpflBDRGVtd3JJR2k3ZF9sOTAyOHQ0bW1fdlJsZjFwS2xxZmx1TGVrOEdraTA
NEW QUESTION 301
When will a Cisco ASA that is operating in transparent firewall mode perform a routing table lookup instead of a MAC address table lookup to determine the outgoing interface of a packet?
A. If multiple context mode is configured.
B. If the destination MAC address is unknown.
C. If the destination is more than a hop away from the Cisco ASA.
D. If NAT is configured.
E. If dynamic ARP inspection is configured.
Answer: D
NEW QUESTION 302
Which Cisco ASA feature is implemented by the ip verify reverse-path interface interface_name command?
A. uRPF
B. TCP intercept
C. botnet traffic filter
D. scanning threat detection
E. IPS (IP audit)
Answer: A
NEW QUESTION 303
In one custom dynamic application, the inside client connects to an outside server using TCP port 4444 and negotiates return client traffic in the port range of 5000 to 5500. The server then starts streaming UDP data to the client on the negotiated port in the specified range. Which Cisco ASA feature or command supports this custom dynamic application?
A. TCP normalizer
B. TCP intercept
C. ip verify command
D. established command
E. tcp-map and tcp-options commands
Answer: D
NEW QUESTION 304
On Cisco ASA Software Version 8.3 and later, which two statements correctly describe the NAT table or NAT operations? (Choose two.)
A. The NAT table has four sections.
B. Manual NAT configurations are found in the first (top) and/or the last (bottom) section(s) of the NAT table.
C. Auto NAT also is referred to as Object NAT.
D. Auto NAT configurations are found only in the first (top) section of the NAT table.
E. The order of the NAT entries in the NAT table is not relevant to how the packets are matched against the NAT table.
F. Twice NAT is required for hosts on the inside to be accessible from the outside.
Answer: BC
NEW QUESTION 305
The Cisco ASA software image has been erased from flash memory. Which two statements about the process to recover the Cisco ASA software image are true? (Choose two.)
A. Access to the ROM monitor mode is required.
B. The Cisco ASA appliance must have connectivity to the TFTP server where the Cisco ASA image is stored through the Management 0/0 interface.
C. The copy tftp flash command is necessary to start the TFTP file transfer.
D. The server command is necessary to set the TFTP server IP address.
E. Cisco ASA password recovery must be enabled.
Answer: AD
NEW QUESTION 306
Which option is one requirement before a Cisco ASA appliance can be upgraded from Cisco ASA Software Version 8.2 to 8.3?
A. Remove all the pre 8.3 NAT configurations in the startup configuration.
B. Upgrade the memory on the Cisco ASA appliance to meet the memory requirement of Cisco ASA Software Version 8.3.
C. Request new Cisco ASA licenses to meet the 8.3 licensing requirement.
D. Upgrade Cisco ASDM to version 6.2.
E. Migrate interface ACL configurations to include interface and global ACLs.
Answer: B
NEW QUESTION 307
Which Cisco ASA (8.4.1 and later) CLI command is the best command to use for troubleshooting SSH connectivity from the Cisco ASA appliance to the outside 192.168.1.1 server?
A. telnet 192.168.1.1 22
B. ssh -l username 192.168.1.1
C. traceroute 192.168.1.1 22
D. ping tcp 192.168.1.1 22
E. packet-tracer input inside tcp 10.0.1.1 2043 192.168.4.1 ssh
Answer: D
NEW QUESTION 308
By default, which traffic can pass through a Cisco ASA that is operating in transparent mode without explicitly allowing it using an ACL?
A. ARP
B. BPDU
C. CDP
D. OSPF multicasts
E. DHCP
Answer: A
NEW QUESTION 309
Which Cisco ASA CLI command is used to enable HTTPS (Cisco ASDM) access from any inside host on the 10.1.16.0/20 subnet?
A. http 10.1.16.0 0.0.0.0 inside
B. http 10.1.16.0 0.0.15.255 inside
C. http 10.1.16.0 255.255.240.0 inside
D. http 10.1.16.0 255.255.255.255 inside
Answer: C
NEW QUESTION 310
Which configuration step is the first to enable PIM-SM on the Cisco ASA appliance?
A. Configure the static RP IP address.
B. Enable IGMP forwarding on the required interface(s).
C. Add the required static mroute(s).
D. Enable multicast routing globally on the Cisco ASA appliance.
E. Configure the Cisco ASA appliance to join the required multicast groups.
Answer: D
NEW QUESTION 311
……
New 300-206 exam questions from PassLeader 300-206 dumps! Welcome to download the newest PassLeader 300-206 VCE and PDF dumps: https://www.passleader.com/300-206.html (413 Q&As –> 456 Q&As –> 486 Q&As –> 501 Q&As)
P.S. New 300-206 dumps are available on Google Drive shared by PassLeader: https://drive.google.com/open?id=0B-ob6L_QjGLpflBDRGVtd3JJR2k3ZF9sOTAyOHQ0bW1fdlJsZjFwS2xxZmx1TGVrOEdraTA