When creating an SSL policy on Cisco FirePOWER, which three options do you have?
A.
do not decrypt
B.
trust
C.
allow
D.
block with reset
E.
block
F.
encrypt
Get 50% Discount on All Your Purchases
at PrepAway.com - Latest Exam Questions
This is ONE TIME OFFER
50%
2017 August New 300-320 exam questions:
QUESTION 347
Transition to Named EIGRP without causing an outage?
A. router eigrp NAME
B. router eigrp 1 named NAME
C. router eigrp 1
eigrp upgrade-cli NAME
D. interface fa0/1
ip router eigrp 1 named NAME
Answer: C
QUESTION 348
Which technology should a network designer combine with VSS to ensure a loop free topology with optimal convergence time?
A. Portfast
B. UplinkFast
C. RPVST +
D. Mulitchassis EtherChannel
Answer: C
QUESTION 349
HSRP has been implemented on distribution switches but no priority has been defined.
Which one of the two switches will be active ?
A. The one with the higher IP address configured on the interface
B. The one with the higher MAC address configured on the interface
C. The one which booted the last
D. The one with the higher bandwith configured on the interface
Answer: A
QUESTION 350
An Engineer is designing a Cisco Application Centric Infrastructure network.
What is the expected number of links between Spine switches?
A. 0
B. 1
C. 2
D. 4
Answer: A
QUESTION 351
When designing data centers for multitenancy, which two benefits are provided by the implementation of VSAN and zoning? (choose two)
A. VSAN provides a means of restricting visibility and connectivity among devices connected to a zone
B. VSANs have their own set of services and address space, which prevents an issue in one VSAN from affecting others
C. Zones provide the ability to create many logical SAN fabrics on a single Cisco MDS 9100 family switch
D. VSANs and zones use separate fabrics
E. Zones allow an administrator to control which initiators can see which targets
Answer: BE
QUESTION 352
For which engine an IPS can use its reputation awareness? (Choose two)
A. Reputation filtering
B. Reputation subscriptions
C. Correlation rules
D. Global correlation inspection
Answer: AD
Explanation:
http://www.cisco.com/c/en/us/products/collateral/security/ips-4500-series-sensors/white_paper_c11-715386.html
QUESTION 353
When designing a layer 2 STP-based LAN with Layer 3 FHRP, which design recommendation should be followed?
A. Avoid modifying default STP and FHRP timers.
B. Assign the native VLAN to the lowest number in use.
C. Avoid configuring router preemption.
D. Align the STP root with the active FHRP device.
Answer: C
QUESTION 354
A company have single ASA hardware box and they need to separate company departments in way that they can apply different rules on them, ACL, NAT, and so on…
Which mode is needed?
A. routed mode
B. transparent mode
C. multiple context mode
D. active failover mode
Answer: C
QUESTION 355
Engineer is designing QoS for application. Which QoS architecture should he choose if application needs to have reserved bandwidth prior to sending data?
A. Differentiated services
B. Integrated services
C. LLQ
D. ToS
Answer: B
QUESTION 356
An engineer chose to design an architecture where distribution switches are in VSS and are connected to access switches using Multichassis Etherchannel. What is the resulting topology?
A. Looped
B. Ring
C. Hybrid
D. Star
Answer: D
QUESTION 357
With which of the following could EIGRP and OSPF achieve sub second convergence ? (Choose Two)
A. BFD
B. Triangle topology
C. Square topology
D. Ring topology
E. Tuning timers
F. IP SLA
Answer: AB
QUESTION 358
A network designer needs to explain the advantages of route summarization to a client. Which two options are advantages that should be included in the explanation? (Choose Two)
A. Increases security by advertising fake networks.
B. Reduces routing table size.
C. Advertises detailed routing size
D. Utilizes the routers full CPU capacity.
E. Reduces the upstream impact of a flapping interface.
Answer: BD
QUESTION 359
A company is running BGP on the edge with multiple service providers in a primary and secondary role. The company wants to speed up time if a failure were to occur with the primary, but they are concerned about router resources. Which method best achieves this goal?
A. Utilize BFD and lower BGP hello interval
B. Decrease the BGP keepalive timer
C. Utilize BFD and tune the multiplier to 50
D. Utilize BFD and keep the default BGP timers
Answer: D
QUESTION 360
What is one limitation of MPLS Layer 3 VPN networks?
A. They require less powerful routers with limited capabilities
B. They require the customer to control routing
C. They support only IP traffic
D. PE routers are underutilized
Answer: C
QUESTION 361
If your enterprise is connected to 2 ISP, which method could you use to prevent being used as a transit network? (Choose Two)
A. filter outbound
B. filter inbound
C. throw both ISP
D. choose only one ISP
E. Allow every routes inbound
Answer: AE
Explanation:
https://www.cisco.com/c/en/us/support/docs/ip/border-gateway-protocol-bgp/23675-27.html
QUESTION 362
Two company want to merge their OSPF networks , but they run different OSPF domains ,
Which is option must be created to accomplished this requirement?
A. OSPF virtual link to bridge the backbone areas of the two company together
B. Route Summarization
C. Static OSPF
D. Redistribute routes between domains
Answer: A
0
0
also can get new 300-320 pdf and vce dumps via:https://www.braindump2go.com/300-320.html (2017 398q 300-320 dumps), this file covers almost all new questions, can help pass the exam.
0
0
2018 January new 300-210 Exam Questions and Answers Just Updated!
QUESTION 32
Which Cisco AMP for Endpoints, what, is meant by simple custom detection?
A. It is a rule for identifying a file that should be whitelisted by Cisco AMP.
B. It is a method for identifying and quarantining a specific file by its SHA-256 hash.
C. It is a feature for configuring a personal firewall.
D. It is a method for identifying and quarantining a set of files by regular expression language.
Answer: B
QUESTION 33
Which feature of the Cisco Hybrid Email Security services enables you to create multiple email senders on a single Cisco ESA?
A. Email Marketing Connector
B. Virtual Routing and Forwarding
C. Virtual Gateway
D. Mail Flow Policy Connector
E. Sender Groups
Answer: C
QUESTION 34
Which option lists the minimum requirements to deploy a managed device inline?
A. passive interface, security zone, MTU, and link mode.
B. passive interface, MTU, MDI/MDIX, and link mode.
C. inline interfaces, MTU, MDI/MDIX, and link mode.
D. inline interfaces, security zones, MTU, and link mode.
Answer: A
QUESTION 35
Which two methods are used to deploy transparent mode traffic redirection? (Choose two)
A. Microsoft GPO
B. policy-based routing
C. DHCP server
D. PAC files
E. Web Cache Communication Protocol
Answer: BE
QUESTION 36
When deploying Cisco FirePOWER appliances, which option must you configure to enable VLAN rewriting?
A. hybrid interfaces
B. virtual switch
C. virtual router
D. inline set
Answer: B
QUESTION 37
Which policy must you edit to make changes to the Snort preprocessors?
A. access control policy
B. network discovery policy
C. intrusion policy
D. file policy
E. network analysis policy
Answer: A
QUESTION 38
Which three access control actions permit traffic to pass through the device when using Cisco FirePOWER? (Choose three.)
A. pass
B. trust
C. monitor
D. allow
E. permit
F. inspect
Answer: BCD
QUESTION 39
Which two TCP ports can allow the Cisco Firepower Management Center to communication with FireAMP cloud for file disposition information? (Choose two.)
A. 8080
B. 22
C. 8305
D. 32137
E. 443
Answer: DE
QUESTION 40
When creating an SSL policy on Cisco FirePOWER, which three options do you have?
A. do not decrypt
B. trust
C. allow
D. block with reset
E. block
F. encrypt
Answer: ADE
QUESTION 41
Which three operating systems are supported with Cisco AMP for Endpoints? (Choose three.)
A. Windows
B. AWS
C. Android
D. Cisco lOS
E. OSX
F. ChromeOS
Answer: ACE
QUESTION 42
Which Cisco Web Security Appliance feature enables the appliance to block suspicious traffic on all of its ports and IP addresses?
A. explicit forward mode
B. Layer 4Traffic Monitor
C. transparent mode
D. Secure Web Proxy
Answer: B
0
0
And 2018 New Cisco 300-210 Exam Dumps and VCE Dumps can be viewed here: https://drive.google.com/drive/folders/0B75b5xYLjSSNUm03a0t2blYySEU?usp=sharing
0
0