Cisco
300-206
Implementing Cisco Edge Network Security Solutions (SENSS)
|
Question: 1
|
All 30 users on a single floor of a building are
complaining about network slowness. After investigating the access switch, the
network administrator notices that the MAC address table is full (10,000
entries) and all traffic is being flooded out of every port. Which action can
the administrator take to prevent this from occurring?
A. Configure port-security to limit the number of
mac-addresses allowed on each port
B. Upgrade the switch to one that can handle 20,000
entries
C. Configure private-vlans to prevent hosts from
communicating with one another
D. Enable storm-control to limit the traffic rate
E. Configure a VACL to block all IP traffic except
traffic to and from that subnet
|
Answer: A
|
|
Question: 2
|
A network printer has a DHCP server service that cannot
be disabled. How can a layer 2 switch be configured to prevent the printer from
causing network issues?
A. Remove the ip helper-address
B. Configure a Port-ACL to block outbound TCP port 68
C. Configure DHCP snooping
D. Configure port-security
|
Answer: C
|
|
Question: 3
|
A switch is being configured at a new location that uses
statically assigned IP addresses. Which will ensure that ARP inspection works
as expected?
A. Configure the 'no-dhcp' keyword at the end of the ip
arp inspection command
B. Enable static arp inspection using the command 'ip arp
inspection static vlan vlan-number
C. Configure an arp access-list and apply it to the ip
arp inspection command
D. Enable port security
|
Answer: C
|
|
Question: 4
|
Which of the following would need to be created to
configure an application-layer inspection of SMTP traffic operating on port
2525?
A. A class-map that matches port 2525 and applying an
inspect ESMTP policy-map for that class in the global inspection policy
B. A policy-map that matches port 2525 and applying an
inspect ESMTP class-map for that policy
C. An access-list that matches on TCP port 2525 traffic
and applying it on an interface with the inspect option
D. A class-map that matches port 2525 and applying it on
an access-list using the inspect option
|
Answer: A
|
|
Question: 5
|
Which command is used to nest objects in a pre-existing
group?
A. object-group
B. network group-object
C. object-group network
D. group-object
|
Answer: D
|
No comments:
Post a Comment