This page was exported from Free Download Lead2pass VCE And PDF Dumps
[
https://www.pass4sureshared.com
]
Export date: Fri Mar 29 6:46:39 2024 / +0000 GMT
2017 November Cisco Official New Released 300-209 Dumps in Lead2pass.com! 100% Free Download! 100% Pass Guaranteed! Lead2pass has updated the latest version of Cisco 300-209 exam, which is a hot exam of Cisco certification. It is Lead2pass Cisco 300-209 exam dumps that give you confidence to pass this certification exam in first attempt and with maximized score. Following questions and answers are all new published by Cisco Official Exam Center: https://www.lead2pass.com/300-209.html QUESTION 221 A. resolution request Answer: C A. HTTP Answer: ACE A. NHRP network ID Answer: ABC Answer: BC A. crypto vpn anyconnect profile test flash:RDP.xml policy group default Answer: A A. When a client connects to the Cisco ASA WebVPN portal and tries to access HTTP resources through the URL bar, the client uses the local DNS to perform FQDN resolution. Answer: CD A. TLSv1 Answer: D A. multipoint GRE tunnel interface Answer: C A. Dynamic routing protocols can be configured. Answer: B A. IKEv2 is blocked over the path. Answer: D A. crypto vpn anyconnect profile SSL_profile flash:simos-profile.xml Answer: A A. RC4 Answer: C A. IKEv2 proposal Answer: BCF A. AnyConnect SSL over IPv4+IPv6 Answer: B A. group-alias Answer: BD A. PSK Answer: C A. y3 = x3 + ax + b Answer: D An engineer wants to ensure that employees cannot access corporate resources on untrusted networks, but does not want a new VPN session to be established each time they leave the trusted network. Which Cisco AnyConnect Trusted Network Policy option allows this ability? A. Pause Answer: A A. no ip route Answer: B A. increased hash size Answer: BEF Lead2pass offers you all the 300-209 exam questions which are the same as your real test with 100% correct and coverage rate. We provide the latest full version of 300-209 PDF and VCE dumps to ensure your 300-209 exam 100% pass. More 300-209 new questions (with images) on Google Drive: https://drive.google.com/open?id=0B3Syig5i8gpDYnF5Vk16OS1tc1E 2017 Cisco 300-209 exam dumps (All 319 Q&As) from Lead2pass: https://www.lead2pass.com/300-209.html [100% Exam Pass Guaranteed]
Which type of NHRP packet is unique to Phase 3 DMVPN topologies?
B. resolution reply
C. traffic indication
D. registration request
E. registration reply
F. error indication
QUESTION 222
Which three types of web resources or protocols are enabled by default on the Cisco ASA Clientless SSL VPN portal? (Choose three.)
B. VNC
C. CIFS
D. RDP
E. HTTPS
F. ICA (Citrix)
QUESTION 223
Which three parameters must match on all routers in a DMVPN Phase 3 cloud? (Choose three.)
B. GRE tunnel key
C. NHRP authentication string
D. tunnel VRF
E. EIGRP process name
F. EIGRP split-horizon setting
QUESTION 224
Refer to the exhibit. Which two characteristics of the VPN implementation are evident? (Choose two.)
A. dual DMVPN cloud setup with dual hub
B. DMVPN Phase 3 implementation
C. single DMVPN cloud setup with dual hub
D. DMVPN Phase 1 implementation
E. quad DMVPN cloud with quadra hub
F. DMVPN Phase 2 implementation
QUESTION 225
Refer to the exhibit. The customer needs to launch AnyConnect in the RDP machine.
Which configuration is correct?
svc profile test
B. crypto vpn anyconnect profile test flash:RDP.xml webvpn context GW_1
browser-attribute import flash:/swj.xml
C. crypto vpn anyconnect profile test flash:RDP.xml policy group default
svc profile flash:RDP.xml
D. crypto vpn anyconnect profile test flash:RDP.xml webvpn context GW_1
browser-attribute import test
QUESTION 226
Which two statements about the Cisco ASA Clientless SSL VPN solution are true? (Choose two.)
B. The rewriter enable command under the global webvpn configuration enables the rewriter functionality because that feature is disabled by default.
C. A Cisco ASA with an AnyConnect Premium Peers license can simultaneously allow Clientless SSL VPN sessions and AnyConnect client sessions.
D. Content rewriter functionality in the Clientless SSL VPN portal is not supported on Apple mobile devices.
E. Clientless SSLVPN provides Layer 3 connectivity into the secured network.
QUESTION 227
Which protocol can be used for better throughput performance when using Cisco AnyConnect VPN?
B. TLSv1.1
C. TLSv1.2
D. DTLSv1
QUESTION 228
Which configuration construct must be used in a FlexVPN tunnel?
B. IKEv1 policy
C. IKEv2 profile
D. EAP configuration
QUESTION 229
Which benefit of FlexVPN is not offered by DMVPN using IKEv1?
B. IKE implementation can install routes in routing table.
C. GRE encapsulation allows for forwarding of non-IP traffic.
D. NHRP authentication provides enhanced security.
QUESTION 230
Refer to the exhibit. The customer can establish an AnyConnect connection on the first attempt only. Subsequent attempts fail. What might be the issue?
B. UserGroup must be different than the name of the connection profile.
C. The primary protocol should be SSL.
D. UserGroup must be the same as the name of the connection profile.
QUESTION 231
Which command identifies an AnyConnect profile that was uploaded to the router flash?
B. svc import profile SSL_profile flash:simos-profile.xml
C. anyconnect profile SSL_profile flash:simos-profile.xml
D. webvpn import profile SSL_profile flash:simos-profile.xml
QUESTION 232
Which alogrithm is an example of asymmetric encryption?
B. AES
C. ECDSA
D. 3DES
QUESTION 233
Which three configuration parameters are mandatory for an IKEv2 profile? (Choose three.)
B. local authentication method
C. match identity or certificate
D. IKEv2 policy
E. PKI certificate authority
F. remote authentication method
G. IKEv2 profile description
H. virtual template
QUESTION 234
Refer to the exhibit. Which technology does this configuration demonstrate?
B. AnyConnect FlexVPN over IPv4+IPv6
C. AnyConnect FlexVPN IPv6 over IPv4
D. AnyConnect SSL IPv6 over IPv4
Explanation:
FlexVPN use IPSec/IKEv2, SSL use TLS
“vpn-tunnel-protocol ikev2 ssl-client' is part of FlexVPN configuration …the configuration for SSL would be “vpn-tunnel-protocol ssl-client”
http://www.cisco.com/c/en/us/support/docs/security/anyconnect-secure-mobility-client/115735-acssl-ip-config-00.html
QUESTION 235
Which two parameters help to map a VPN session to a tunnel group without using the tunnel-group list? (Choose two.)
B. certificate map
C. use gateway command
D. group-url
E. AnyConnect client version
QUESTION 236
Refer to the exhibit. The IKEv2 site-to-site VPN tunnel between two routers is down.
Based on the debug output, which type of mismatch might be the problem?
B. crypto policy
C. peer identity
D. transform set
QUESTION 237
Which equation describes an elliptic curve?
B. x3 = y2 + ab + x
C. y4 = x2 + ax + b
D. y2 = x3 + ax + b
E. y2 = x2 + ax + b2
QUESTION 238
B. Connect
C. Do Nothing
D. Disconnect
QUESTION 239
Refer to the exhibit. In this tunnel mode GRE multipoint example, which command on the hub router distinguishes one spoken form the other?
B. ip nhrp map
C. ip frame-relay
D. tunnel mode gre multipoint
QUESTION 240
A network engineer must configure a now VPN tunnel Utilizing IKEv2 For with three reasons would a configuration use IKEv2 instead d KEv1? (Choose three.)
B. DOS protection
C. Preshared keys are used for authentication.
D. RSA-Sig used for authentication
E. native NAT traversal
F. asymmetric authentication
Post date: 2017-11-01 08:50:28
Post date GMT: 2017-11-01 08:50:28
Post modified date: 2017-11-01 08:50:28
Post modified date GMT: 2017-11-01 08:50:28
Powered by [ Universal Post Manager ] plugin. MS Word saving format developed by gVectors Team www.gVectors.com