Download CCNP Security Implementing Cisco Secure Mobility Solutions (SIMOS).braindumps.300-209.2018-11-08.1e.190q.vcex

Download Exam

File Info

Exam Implementing Cisco Secure Mobility Solutions
Number 300-209
File Name CCNP Security Implementing Cisco Secure Mobility Solutions (SIMOS).braindumps.300-209.2018-11-08.1e.190q.vcex
Size 8.21 Mb
Posted November 08, 2018
Downloads 29
Download CCNP Security Implementing Cisco Secure Mobility Solutions (SIMOS).braindumps.300-209.2018-11-08.1e.190q.vcex

How to open VCEX & EXAM Files?

Files with VCEX & EXAM extensions can be opened by ProfExam Simulator.


With discount: 20%


Demo Questions

Question 1

What are two benefits of DMVPN Phase 3? (Choose two.)

  • A: Administrators can use summarization of routing protocol updates from hub to spokes.
  • B: It introduces hierarchical DMVPN deployments.
  • C: It introduces non-hierarchical DMVPN deployments.
  • D: It supports L2TP over IPSec as one of the VPN protocols.

Correct Answer: AB

Question 2

Which are two main use cases for Clientless SSL VPN? (Choose two.)

  • A: In kiosks that are part of a shared environment
  • B: When the users do not have admin rights to install a new VPN client
  • C: When full tunneling is needed to support applications that use TCP, UDP, and ICMP
  • D: To create VPN site-to-site tunnels in combination with remote access

Correct Answer: AB

Question 3

Which technology can rate-limit the number of tunnels on a DMVPN hub when system utilization is above a specified percentage?

  • A: NHRP Event Publisher
  • B: interface state control
  • C: CAC
  • D: NHRP Authentication
  • E: ip nhrp connect

Correct Answer: C

Question 4

Which technology supports tunnel interfaces while remaining compatible with legacy VPN implementations?

  • A: FlexVPN
  • B: DMVPN
  • C: GET VPN
  • D: SSL VPN

Correct Answer: A

Question 5

Which IKEv2 feature minimizes the configuration of a FlexVPN on Cisco IOS devices?

  • A: IKEv2 Suite-B
  • B: IKEv2 proposals
  • C: IKEv2 profiles
  • D: IKEv2 Smart Defaults

Correct Answer: D

Question 6

When an IPsec SVTI is configured, which technology processes traffic forwarding for encryption?

  • A: ACL
  • B: IP routing
  • C: RRI
  • D: front door VPN routing and forwarding

Correct Answer: B

Question 7

An IOS SSL VPN is configured to forward TCP ports. A remote user cannot access the corporate FTP site with a Web browser. What is a possible reason for the failure?

  • A: The user's FTP application is not supported.
  • B: The user is connecting to an IOS VPN gateway configured in Thin Client Mode.
  • C: The user is connecting to an IOS VPN gateway configured in Tunnel Mode.
  • D: The user's operating system is not supported.

Correct Answer: B

Thin-Client SSL VPN (Port Forwarding) 
A remote client must download a small, Java-based applet for secure access of TCP applications that use static port numbers. UDP is not supported. Examples include access to POP3, SMTP, IMAP, SSH, and Telnet. The user needs local administrative privileges because changes are made to files on the local machine. This method of SSL VPN does not work with applications that use dynamic port assignments, for example, several FTP applications.

Question 8

A Cisco IOS SSL VPN gateway is configured to operate in clientless mode so that users can access file shares on a Microsoft Windows 2003 server. Which protocol is used between the Cisco IOS router and the Windows server?

  • A: HTTPS
  • B: NetBIOS
  • C: CIFS
  • D: HTTP

Correct Answer: C

Question 9

You are configuring a Cisco IOS SSL VPN gateway to operate with DVTI support. Which command must you configure on the virtual template?

  • A: tunnel protection ipsec
  • B: ip virtual-reassembly
  • C: tunnel mode ipsec
  • D: ip unnumbered

Correct Answer: D

Question 10

Which protocol supports high availability in a Cisco IOS SSL VPN environment?

  • A: HSRP
  • B: VRRP
  • C: GLBP
  • D: IRDP

Correct Answer: A





You can buy ProfExam with a 20% discount!


Use ProfExam Simulator to open VCEX and EXAM files