Ensurepass.com : Ensure you pass the IT Exams
2018 Apr Cisco Official New Released 300-209
100% Free Download! 100% Pass Guaranteed!

Implementing Cisco Secure Mobility Solutions

Question No: 181

Refer to the exhibit.

Ensurepass 2018 PDF and VCE

A NOC engineer is in the process of entering information into the Create New VPN

Connection Entry fields.

Which statement correctly describes how to do this?

  1. In the Connection Entry field, enter the name of the connection profile as it is specified on the Cisco ASA appliance.

  2. In the Host field, enter the IP address of the remote client device.

  3. In the Authentication tab, click the Group Authentication or Mutual Group Authentication radio button to enable symmetrical pre-shared key authentication.

  4. In the Name field, enter the name of the connection profile as it is specified on the Cisco ASA appliance.

Answer: D Explanation:

http://www.cisco.com/en/US/docs/security/vpn_client/cisco_vpn_client/vpn_client46/win/us er/guide/vc4.html#wp1074766

Step 1 Start the VPN Client by choosing Start gt; Programs gt; Cisco Systems VPN Client gt; VPN Client.

Step 2 The VPN Client application starts and displays the advanced mode main window (Figure 4-1). If you are not already there, open the Options menu in simple mode and choose Advanced Mode or press Ctrl-M.

Ensurepass 2018 PDF and VCE

Step 3 Select New from the toolbar or the Connection Entries menu. The VPN Client

displays a form

Ensurepass 2018 PDF and VCE

Step 4 Enter a unique name for this new connection. You can use any name to identify this connection; for example, Engineering. This name can contain spaces, and it is not case- sensitive.

Step 5 Enter a description of this connection. This field is optional, but it helps further identify this connection.

For example, Connection to Engineering remote server.

Step 6 Enter the hostname or IP address of the remote VPN device you want to access.

Group Authentication

Your network administrator usually configures group authentication for you. If this is not the case, use the following procedure:

Step 1 Click the Group Authentication radio button.

Step 2 In the Name field, enter the name of the IPSec group to which you belong. This entry is case-sensitive.

Step 3 In the Password field, enter the password (which is also case-sensitive) for your IPSec group. The field displays only asterisks.

Step 4 Verify your password by entering it again in the Confirm Password field.

Question No: 182

Which algorithm does ISAKMP use to securely derive encryption and integrity keys?

  1. Diffie – Hellman

  2. AES

  3. ECDSA

  4. RSA

  5. 3DES

Answer: D

Question No: 183

Which two are characteristics of GETVPN? (Choose two.)

  1. The IP header of the encrypted packet is preserved

  2. A key server is elected among all configured Group Members

  3. Unique encryption keys are computed for each Group Member

  4. The same key encryption and traffic encryption keys are distributed to all Group Members

Answer: A,D

Question No: 184

What routing protocol is recommended by Cisco in DMVPN between company router and ISP router? (Choose Two)

  1. OSPF

  2. RIPv2

  3. ISIS

  4. BGP

  5. EIGRP

Answer: D,E

Question No: 185

Which statement about CRL configuration is correct?

  1. CRL checking is enabled by default.

  2. The Cisco ASA relies on HTTPS access to procure the CRL list.

  3. The Cisco ASA relies on LDAP access to procure the CRL list.

  4. The Cisco Secure ACS can be configured as the CRL server.

Answer: C Explanation:

ASA SSLVPN deployment guide:

The security appliance supports various authentication methods: RSA one-time passwords, Radius,

Kerberos, LDAP, NT Domain, TACACS, Local/Internal, digital certificates, and a combination of both authentication and certificates.

Ensurepass 2018 PDF and VCE

Question No: 186

When you configure IPsec VPN High Availability Enhancements, which technology does Cisco recommend that you enable to make reconvergence faster?

  1. EOT

  2. IP SLAs

  3. periodic IKE keepalives

  4. VPN fast detection

Answer: C

Question No: 187

Which three changes must be made to migrate from DMVPN Phase 2 to Phase 3 when EIGRP is configured? (Choose three.)

  1. Enable EIGRP next-hop-self on the hub.

  2. Disable EIGRP next-hop-self on the hub.

  3. Enable EIGRP split-horizon on the hub.

  4. Add NHRP redirects on the hub.

  5. Add NHRP shortcuts on the spoke.

  6. Add NHRP shortcuts on the hub.

Answer: B,D,E

Question No: 188

Which algorithm does Isakmp use for derive encryption key and integrity

  1. RSA

  2. 3DES

  3. HMAC

  4. AES

  5. Diffie Hellman

Answer: E

Question No: 189

Which cryptographic algorithms are approved to protect Top Secret information?

  1. HIPPA DES

  2. AES-128

C. RC4-128

D. AES-256

Answer: D

Question No: 190

Which technology must be installed on the client computer to enable users to launch applications from a Clientless SSL VPN?

  1. Java

  2. QuickTime plug-in

  3. Silverlight

  4. Flash

Answer: A

100% Ensurepass Free Download!
Download Free Demo:300-209 Demo PDF
100% Ensurepass Free Guaranteed!
300-209 Dumps

EnsurePass ExamCollection Testking
Lowest Price Guarantee Yes No No
Up-to-Dated Yes No No
Real Questions Yes No No
Explanation Yes No No
PDF VCE Yes No No
Free VCE Simulator Yes No No
Instant Download Yes No No