Ensurepass.com : Ensure you pass the IT Exams
2018 Apr Cisco Official New Released 300-209
100% Free Download! 100% Pass Guaranteed!

Implementing Cisco Secure Mobility Solutions

Question No: 121

Which command specifies the path to the Host Scan package in an ASA AnyConnect VPN?

  1. csd hostscan path image

  2. csd hostscan image path

  3. csd hostscan path

  4. hostscan image path

Answer: B

Question No: 122

Which two technologies are considered to be Suite B cryptography? (Choose two.)

  1. MD5

  2. SHA2

  3. Elliptical Curve Diffie-Hellman

  4. 3DES

  5. DES

Answer: B,C

Question No: 123

In the Cisco ASDM interface, where do you enable the DTLS protocol setting?

  1. Configuration gt; Remote Access VPN gt; Network (Client) Access gt; Group Policies gt; Add

    or Edit gt; Add or Edit Internal Group Policy

  2. Configuration gt; Remote Access VPN gt; Network (Client) Access gt; AAA Setup gt; Local Users gt; Add or Edit

  3. Device Management gt; Users/AAA gt; User Accounts gt; Add or Edit gt; Add or Edit User Account gt; VPN Policy gt; SSL VPN Client

  4. Configuration gt; Remote Access VPN gt; Network (Client) Access gt; Group Policies gt; Add or Edit

Answer: C

Reference:

http://www.cisco.com/c/en/us/td/docs/security/vpn_client/anyconnect/anyconnect20/admini strative/guide/admin/admin5.html

Shows where DTLS can be configured as:

  • Configuration gt; Remote Access VPN gt; Network (Client) Access gt; Group Policies gt; Add or Edit gt; Add or Edit Internal Group Policy gt; Advanced gt; SSL VPN Client

  • Configuration gt; Remote Access VPN gt; Network (Client) Access gt; AAA Setup gt; Local Users gt; Add or Edit gt; Add or Edit User Account gt; VPN Policy gt; SSL VPN Client

    鈥evice Management gt; Users/AAA gt; User Accounts gt; Add or Edit gt; Add or Edit User Account gt; VPN Policy gt; SSL VPN Client

    Question No: 124

    Ensurepass 2018 PDF and VCE

    Refer to the exhibit. An engineer is troubleshooting a new GRE over IPSEC tunnel. The tunnel is established, but the engineer cannot ping from spoke 1 to spoke 2. Which type of traffic is being blocked?

    1. ESP packets from spoke1 to spoke2

    2. ISAKMP packets from spoke2 to spoke1

    3. ESP packets from spoke2 to spoke1

    4. ISAKMP packets from spoke1 to spoke2

    Answer: C

    Question No: 125

    An engineer is attempting to establish a new site-to-site VPN connection. The tunnel terminates on

    an ASA 5506-X which is behind an ASA 5515-X. The engineer notices that the tunnel is not establishing. Which option is a potential cause?

    1. Certificates were not configured

    2. Diffie – Helman Group is not set

    3. Access lists were not applied

    4. NAT – traversal is not configured

    Answer: D

    Question No: 126

    What must be enabled in the web browser of the client computer to support Clientless SSL VPN?

    1. cookies

    2. ActiveX

    3. Silverlight

    4. popups

    Answer: A

    Question No: 127 CORRECT TEXT

    Ensurepass 2018 PDF and VCE

    Ensurepass 2018 PDF and VCE

    Ensurepass 2018 PDF and VCE

    Answer: Here are the steps as below:

    Step 1: configure key ring crypto ikev2 keyring mykeys peer SiteB.cisco.com address 209.161.201.1

    pre-shared-key local $iteA pre-shared key remote $iteB Step 2: Configure IKEv2 profile Crypto ikev2 profile default

    identity local fqdn SiteA.cisco.com

    Match identity remote fqdn SiteB.cisco.com Authentication local pre-share Authentication remote pre-share

    Keyring local mykeys

    Step 3: Create the GRE Tunnel and apply profile

    crypto ipsec profile default set ikev2-profile default Interface tunnel 0

    ip address 10.1.1.1 255.255.255.0 Tunnel source eth 0/0

    Tunnel destination 209.165.201.1 tunnel protection ipsec profile default end

    Question No: 128

    Refer to the exhibit.

    Ensurepass 2018 PDF and VCE

    The user quot;contractorquot; inherits which VPN group policy?

    1. employee

    2. management

    3. DefaultWEBVPNGroup

    4. DfltGrpPolicy

    5. new_hire

    Answer: D

    Question No: 129

    Which two commands are include in the command show dmvpn detail? (Choose two.)

    1. Show ip nhrp

    2. Show ip nhrp nhs

    3. Show crypto ipsec sa detail

    4. Show crypto session detail

    5. Show crypto sockets

    Answer: D,E

    Question No: 130

    Which Cisco firewall platform supports Cisco NGE?

    1. FWSM

    2. Cisco ASA 5505

    3. Cisco ASA 5580

    4. Cisco ASA 5525-X

    Answer: D

    100% Ensurepass Free Download!
    Download Free Demo:300-209 Demo PDF
    100% Ensurepass Free Guaranteed!
    Download 2018 EnsurePass 300-209 Full Exam PDF and VCE

    EnsurePass ExamCollection Testking
    Lowest Price Guarantee Yes No No
    Up-to-Dated Yes No No
    Real Questions Yes No No
    Explanation Yes No No
    PDF VCE Yes No No
    Free VCE Simulator Yes No No
    Instant Download Yes No No