Download Implementing Cisco Secure Mobility Solutions.test-king.300-209.2020-01-27.1e.245q.vcex

Download Exam

File Info

Exam Implementing Cisco Secure Mobility Solutions
Number 300-209
File Name Implementing Cisco Secure Mobility Solutions.test-king.300-209.2020-01-27.1e.245q.vcex
Size 16.64 Mb
Posted January 27, 2020
Downloads 12
Download Implementing Cisco Secure Mobility Solutions.test-king.300-209.2020-01-27.1e.245q.vcex

How to open VCEX & EXAM Files?

Files with VCEX & EXAM extensions can be opened by ProfExam Simulator.

Purchase

Coupon: MASTEREXAM
With discount: 20%



 
 



Demo Questions

Question 1

Which of the following could be used to configure remote access VPN Host-scan and pre-login policies?

  • A: ASDM
  • B: Connection-profile CLI command
  • C: Host-scan CLI command under the VPN group policy
  • D: Pre-login-check CLI command

Correct Answer: A




Question 2

In FlexVPN, what command can an administrator use to create a virtual template interface that can be configured and applied dynamically to create virtual access interfaces?

  • A: interface virtual-template number type template
  • B: interface virtual-template number type tunnel
  • C: interface template number type virtual
  • D: interface tunnel-template number

Correct Answer: B

Here is a reference an explanation that can be included with this test. 
Configuring the Virtual Tunnel Interface on FlexVPN Spoke 
SUMMARY STEPS 
enable 
configure terminal 
interface virtual-template number type tunnel 
ip unnumbered tunnel number 
ip nhrp network-id number 
ip nhrp shortcut virtual-template-number 
ip nhrp redirect [timeout seconds] 
exit 
http://www.cisco.com/en/US/docs/ios-xml/ios/sec_conn_ike2vpn/configuration/15-2mt/sec-flex-spoke.html#GUID-4A10927D-4C6A-4202-B01C-DA7E462F5D8A




Question 3

What are three benefits of deploying a GET VPN? (Choose three.)

  • A: It provides highly scalable point-to-point topologies.
  • B: It allows replication of packets after encryption.
  • C: It is suited for enterprises running over a DMVPN network.
  • D: It preserves original source and destination IP address information.
  • E: It simplifies encryption management through use of group keying.
  • F: It supports non-IP protocols.

Correct Answer: BDE




Question 4

What is the default topology type for a GET VPN?

  • A: point-to-point
  • B: hub-and-spoke
  • C: full mesh
  • D: on-demand spoke-to-spoke

Correct Answer: C




Question 5

Which two parameters are configured within an IKEv2 proposal on an IOS router? (Choose two.)

  • A: authentication
  • B: encryption
  • C: integrity
  • D: lifetime

Correct Answer: BC




Question 6

Refer to the exhibit. 

  

After the configuration is performed, which combination of devices can connect?

  • A: a device with an identity type of IPv4 address of 209.165.200.225 or 209.165.202.155 or a certificate with subject name of "cisco.com"
  • B: a device with an identity type of IPv4 address of both 209.165.200.225 and 209.165.202.155 or a certificate with subject name containing "cisco.com"
  • C: a device with an identity type of IPv4 address of both 209.165.200.225 and 209.165.202.155 and a certificate with subject name containing "cisco.com"
  • D: a device with an identity type of IPv4 address of 209.165.200.225 or 209.165.202.155 or a certificate with subject name containing "cisco.com"

Correct Answer: D




Question 7

Which three settings are required for crypto map configuration? (Choose three.)

  • A: match address
  • B: set peer
  • C: set transform-set
  • D: set security-association lifetime
  • E: set security-association level per-host
  • F: set pfs

Correct Answer: ABC




Question 8

A network is configured to allow clientless access to resources inside the network. Which feature must be enabled and configured to allow SSH applications to respond on the specified port 8889?

  • A: auto applet download
  • B: port forwarding
  • C: web-type ACL
  • D: HTTP proxy

Correct Answer: B




Question 9

Consider this scenario. When users attempt to connect via a Cisco AnyConnect VPN session, the certificate has changed and the connection fails. 
What is a possible cause of the connection failure?

  • A: An invalid modulus was used to generate the initial key.
  • B: The VPN is using an expired certificate.
  • C: The Cisco ASA appliance was reloaded.
  • D: The Trusted Root Store is configured incorrectly.

Correct Answer: C




Question 10

When Cisco ASA applies VPN permissions, what is the first set of attributes that it applies?

  • A: dynamic access policy attributes
  • B: group policy attributes
  • C: connection profile attributes
  • D: user attributes

Correct Answer: A










CONNECT US

Facebook

Twitter

PROFEXAM WITH A 20% DISCOUNT

You can buy ProfExam with a 20% discount!



HOW TO OPEN VCEX AND EXAM FILES

Use ProfExam Simulator to open VCEX and EXAM files