Download Implementing Cisco Secure Mobility Solutions.testinside.300-209.2019-05-21.1e.210q.vcex

Download Exam

File Info

Exam Implementing Cisco Secure Mobility Solutions
Number 300-209
File Name Implementing Cisco Secure Mobility Solutions.testinside.300-209.2019-05-21.1e.210q.vcex
Size 16.37 Mb
Posted May 21, 2019
Downloads 23
Download Implementing Cisco Secure Mobility Solutions.testinside.300-209.2019-05-21.1e.210q.vcex

How to open VCEX & EXAM Files?

Files with VCEX & EXAM extensions can be opened by ProfExam Simulator.

Purchase

Coupon: MASTEREXAM
With discount: 20%



 
 



Demo Questions

Question 1

Which cryptographic algorithms are approved to protect Top Secret information?

  • A: HIPPA DES
  • B: AES-128
  • C: RC4-128
  • D: AES-256

Correct Answer: D




Question 2

Which Cisco firewall platform supports Cisco NGE?

  • A: FWSM
  • B: Cisco ASA 5505
  • C: Cisco ASA 5580
  • D: Cisco ASA 5525-X

Correct Answer: D




Question 3

Which algorithm is replaced by elliptic curve cryptography in Cisco NGE?

  • A: 3DES
  • B: AES
  • C: DES
  • D: RSA

Correct Answer: D




Question 4

Which encryption and authentication algorithms does Cisco recommend when deploying a Cisco NGE supported VPN solution?

  • A: AES-GCM and SHA-2
  • B: 3DES and DH
  • C: AES-CBC and SHA-1
  • D: 3DES and SHA-1

Correct Answer: A




Question 5

An administrator wishes to limit the networks reachable over the Anyconnect VPN tunnels. Which configuration on the ASA will correctly limit the networks reachable to 209.165.201.0/27 and 209.165.202.128/27?

  • A: access-list splitlist standard permit 209.165.201.0 255.255.255.224 
    access-list splitlist standard permit 209.165.202.128 255.255.255.224 

    group-policy GroupPolicy1 internal 
    group-policy GroupPolicy1 attributes 
    split-tunnel-policy tunnelspecified 
    split-tunnel-network-list value splitlist
  • B: access-list splitlist standard permit 209.165.201.0 255.255.255.224 
    access-list splitlist standard permit 209.165.202.128 255.255.255.224 

    group-policy GroupPolicy1 internal 
    group-policy GroupPolicy1 attributes 
    split-tunnel-policy tunnelall 
    split-tunnel-network-list value splitlist
  • C: group-policy GroupPolicy1 internal 
    group-policy GroupPolicy1 attributes 
    split-tunnel-policy tunnelspecified 
    split-tunnel-network-list ipv4 1 209.165.201.0 255.255.255.224 
    split-tunnel-network-list ipv4 2 209.165.202.128 255.255.255.224
  • D: access-list splitlist standard permit 209.165.201.0 255.255.255.224 
    access-list splitlist standard permit 209.165.202.128 255.255.255.224 

    crypto anyconnect vpn-tunnel-policy tunnelspecified 
    crypto anyconnect vpn-tunnel-network-list splitlist
  • E: crypto anyconnect vpn-tunnel-policy tunnelspecified 
    crypto anyconnect split-tunnel-network-list ipv4 1 209.165.201.0 255.255.255.224 
    crypto anyconnect split-tunnel-network-list ipv4 2 209.165.202.128 255.255.255.224

Correct Answer: A




Question 6

Which NGE IKE Diffie-Hellman group identifier has the strongest cryptographic properties?

  • A: group 10
  • B: group 24
  • C: group 5
  • D: group 20

Correct Answer: D

http://www.cisco.com/en/US/docs/ios-xml/ios/sec_conn_ike2vpn/configuration/15-2mt/sec-cfg-ikev2-flex.html#GUID-6F6D8166-508A-4669-9DDC-4FE7AE9B9939

  

http://www.cisco.com/c/en/us/about/security-center/next-generation-cryptography.html#9




Question 7

What is the Cisco recommended TCP maximum segment on a DMVPN tunnel interface when the MTU is set to 1400 bytes?

  • A: 1160 bytes
  • B: 1260 bytes
  • C: 1360 bytes
  • D: 1240 bytes

Correct Answer: C




Question 8

Which technology does a multipoint GRE interface require to resolve endpoints?

  • A: ESP
  • B: dynamic routing
  • C: NHRP
  • D: CEF
  • E: IPSec

Correct Answer: C




Question 9

Which two cryptographic technologies are recommended for use with FlexVPN? (Choose two.)

  • A: SHA (HMAC variant)
  • B: Diffie-Hellman
  • C: DES
  • D: MD5 (HMAC variant)

Correct Answer: AB




Question 10

Which command configures IKEv2 symmetric identity authentication?

  • A: match identity remote address 0.0.0.0
  • B: authentication local pre-share
  • C: authentication pre-share
  • D: authentication remote rsa-sig

Correct Answer: D










CONNECT US

Facebook

Twitter

PROFEXAM WITH A 20% DISCOUNT

You can buy ProfExam with a 20% discount!



HOW TO OPEN VCEX AND EXAM FILES

Use ProfExam Simulator to open VCEX and EXAM files