Download Implementing Cisco Secure Mobility Solutions.pass4sures.300-209.2019-05-25.1e.215q.vcex

Download Exam

File Info

Exam Implementing Cisco Secure Mobility Solutions
Number 300-209
File Name Implementing Cisco Secure Mobility Solutions.pass4sures.300-209.2019-05-25.1e.215q.vcex
Size 21.22 Mb
Posted May 25, 2019
Downloads 107
Download Implementing Cisco Secure Mobility Solutions.pass4sures.300-209.2019-05-25.1e.215q.vcex

How to open VCEX & EXAM Files?

Files with VCEX & EXAM extensions can be opened by ProfExam Simulator.

Purchase

Coupon: MASTEREXAM
With discount: 20%



 
 



Demo Questions

Question 1

Which two are characteristics of GETVPN? (Choose two.)

  • A: The IP header of the encrypted packet is preserved
  • B: A key server is elected among all configured Group Members
  • C: Unique encryption keys are computed for each Group Member
  • D: The same key encryption and traffic encryption keys are distributed to all Group Members

Correct Answer: AD




Question 2

A company has decided to migrate an existing IKEv1 VPN tunnel to IKEv2. Which two are valid configuration constructs on a Cisco IOS router? (Choose two.)

  • A: crypto ikev2 keyring keyring-name 
    peer peer1 
      address 209.165.201.1 255.255.255.255 
      pre-shared-key local key1 
      pre-shared-key remote key2
  • B: crypto ikev2 transform-set transform-set-name 
      esp-3des esp-md5-hmac 
      esp-aes esp-sha-hmac
  • C: crypto ikev2 map crypto-map-name 
    set crypto ikev2 tunnel-group tunnel-group-name 
    set crypto ikev2 transform-set transform-set-name
  • D: crypto ikev2 tunnel-group tunnel-group-name 
    match identity remote address 209.165.201.1 
    authentication local pre-share 
    authentication remote pre-share
  • E: crypto ikev2 profile profile-name 
    match identity remote address 209.165.201.1 
    authentication local pre-share 
    authentication remote pre-share

Correct Answer: AE




Question 3

Which of the following could be used to configure remote access VPN Host-scan and pre-login policies?

  • A: ASDM
  • B: Connection-profile CLI command
  • C: Host-scan CLI command under the VPN group policy
  • D: Pre-login-check CLI command

Correct Answer: A




Question 4

In FlexVPN, what command can an administrator use to create a virtual template interface that can be configured and applied dynamically to create virtual access interfaces?

  • A: interface virtual-template number type template
  • B: interface virtual-template number type tunnel
  • C: interface template number type virtual
  • D: interface tunnel-template number

Correct Answer: B

Here is a reference an explanation that can be included with this test. 
Configuring the Virtual Tunnel Interface on FlexVPN Spoke 
SUMMARY STEPS 
1. enable 
2. configure terminal 
3. interface virtual-template number type tunnel 
4. ip unnumbered tunnel number 
5. ip nhrp network-id number 
6. ip nhrp shortcut virtual-template-number 
7. ip nhrp redirect [timeout seconds] 
8. exit 
http://www.cisco.com/en/US/docs/ios-xml/ios/sec_conn_ike2vpn/configuration/15-2mt/sec-flex-spoke.html#GUID-4A10927D-4C6A-4202-B01C-DA7E462F5D8A




Question 5

In FlexVPN, what is the role of a NHRP resolution request?

  • A: It allows these entities to directly communicate without requiring traffic to use an intermediate hop
  • B: It dynamically assigns VPN users to a group
  • C: It blocks these entities from to directly communicating with each other
  • D: It makes sure that each VPN spoke directly communicates with the hub

Correct Answer: A




Question 6

What is the default topology type for a GET VPN?

  • A: point-to-point
  • B: hub-and-spoke
  • C: full mesh
  • D: on-demand spoke-to-spoke

Correct Answer: C




Question 7

Which two IKEv1 policy options must match on each peer when you configure an IPsec site-to-site VPN? (Choose two.)

  • A: priority number
  • B: hash algorithm
  • C: encryption algorithm
  • D: session lifetime
  • E: PRF algorithm

Correct Answer: BC




Question 8

Which two parameters are configured within an IKEv2 proposal on an IOS router? (Choose two.)

  • A: authentication
  • B: encryption
  • C: integrity
  • D: lifetime

Correct Answer: BC




Question 9

In a spoke-to-spoke DMVPN topology, which type of interface does a branch router require?

  • A: Virtual tunnel interface
  • B: Multipoint GRE interface
  • C: Point-to-point GRE interface
  • D: Loopback interface

Correct Answer: B




Question 10

Refer to the exhibit. 

  

After the configuration is performed, which combination of devices can connect?

  • A: a device with an identity type of IPv4 address of 209.165.200.225 or 209.165.202.155 or a certificate with subject name of "cisco.com"
  • B: a device with an identity type of IPv4 address of both 209.165.200.225 and 209.165.202.155 or a certificate with subject name containing "cisco.com"
  • C: a device with an identity type of IPv4 address of both 209.165.200.225 and 209.165.202.155 and a certificate with subject name containing "cisco.com"
  • D: a device with an identity type of IPv4 address of 209.165.200.225 or 209.165.202.155 or a certificate with subject name containing "cisco.com"

Correct Answer: D










CONNECT US

Facebook

Twitter

PROFEXAM WITH A 20% DISCOUNT

You can buy ProfExam with a 20% discount!



HOW TO OPEN VCEX AND EXAM FILES

Use ProfExam Simulator to open VCEX and EXAM files