[Free] 2017(Apr) Ensurepass Braindumps Cisco 300-209 Latest Dumps 101-110

Ensurepass
2017 April Cisco Official New Released 300-209 Q&As
100% Free Download! 100% Pass Guaranteed!
http://www.ensurepass.com/300-209.html

Implementing Cisco Secure Mobility Solutions (SIMOS)

QUESTION 101

Which feature do you include in a highly available system to account for potential site failures?

 

A.

geographical separation of redundant devices

B.

hot/standby failover pairs

C.

Cisco ACE load-balancing with VIP

D.

dual power supplies

 

Correct Answer: A

 

 

QUESTION 102

What is the default topology type for a GET VPN?

 

A.

point-to-point

B.

hub-and-spoke

C.

full mesh

D.

on-demand spoke-to-spoke

 

Correct Answer: C

 

 

QUESTION 103

Which option is one component of a Public Key Infrastructure?

 

A.

the Registration Authority

B.

Active Directory

C.

RADIUS

D.

TACACS+

 

Correct Answer: A

 

 

QUESTION 104

Where is split-tunneling defined for remote access clients on an ASA?

 

A.

Group-policy

B.

Tunnel-group

C.

Crypto-map

D.

Web-VPN Portal

E.

ISAKMP client

 

Correct Answer: A

 

 

QUESTION 105

Which IKEv2 feature minimizes the configuration of a FlexVPN on Cisco IOS devices?

 

A.

IKEv2 Suite-B

B.

IKEv2 proposals

C.

IKEv2 profiles

D.

IKEv2 Smart Defaults

Correct Answer: D

 

 

QUESTION 106

Refer to the exhibit. For the ABC Corporation, members of the NOC need the ability to select tunnel groups from a drop-down menu on the Cisco WebVPN login page. As the Cisco ASA administrator, how would you accomplish this task?

 

clip_image001

 

A.

Define a special identity certificate with multiple groups, which are defined in the certificate OU field, that will grant the certificate holder access to the named groups on the login page.

B.

Under Group Policies, define a default group that encompasses the required individual groups that will appear on the login page.

C.

Under Connection Profiles, define a NOC profile that encompasses the required individual profiles that will appear on the login page.

D.

Under Connection Profiles, enable “Allow user to select connection profile.”

 

Correct Answer: D

Explanation:

Cisco ASDM User Guide Version 6.1

Add or Edit SSL VPN Connections > Advanced > SSL VPN This dialog box lets you configure attributes that affect what the remote user sees upon login. Fields ?Login Page Customization–Configures the look and feel of the user login page by specifying which preconfigured customization attributes to apply. The default is DfltCustomization.

Manage–Opens the Configure GUI Customization Objects window.

Connection Aliases–Lists in a table the existing connection aliases and their status and lets you add or delete items in that table. A connection alias appears on the user login page if the connection is configured to allow users to select a particular connection (tunnel group) at login. Add–Opens the Add Connection Alias window, on which you can add and enable a connection alias.

Delete–Removes the selected row from the connection alias table. There is no confirmation or undo.

Group URLs–Lists in a table the existing group URLs and their status and lets you add or delete items in that table. A group URL appears on the user login page if the connection is configured to allow users to select a particular group at login.

Add–Opens the Add Group URL window, on which you can add and enable a group URL.

Delete–Removes the selected row from the connection alias table. There is no confirmation or undo.

 

 

QUESTION 107

Which two cryptographic technologies are recommended for use with FlexVPN? (Choose two.)

 

A.

SHA (HMAC variant)

B.

Diffie-Hellman

C.

DES

D.

MD5 (HMAC variant)

 

Correct Answer: AB

 

 

QUESTION 108

Which four activities does the Key Server perform in a GETVPN deployment? (Choose four.)

 

A.

authenticates group members

B.

manages security policy

C.

creates group keys

D.

distributes policy/keys

E.

encrypts endpoint traffic

F.

receives policy/keys

G.

defines group members

 

Correct Answer: ABCD

 

 

QUESTION 109

Which two parameters help to map a VPN session to a tunnel group without using the tunnel-group list? (Choose two.)

 

A.

group-alias

B.

certificate map

C.

use gateway command

D.

group-url

E.

AnyConnect client version

 

Correct Answer: BD

 

 

QUESTION 110

Refer to the exhibit. Which two statements about the given configuration are true? (Choose two.)

 

clip_image002

 

A.

Defined PSK can be used by any IPSec peer.

B.

Any router defined in group 2 will be allowed to connect.

C.

It can be used in a DMVPN deployment

D.

It is a LAN-to-LAN VPN ISAKMP policy.

E.

It is an AnyConnect ISAKMP policy.

F.

PSK will not work as configured

 

Correct Answer: AC

100% Free Download!
—Download Free Demo:300-209 Demo PDF
100% Pass Guaranteed!
Download 2017 Ensurepass 300-209 Full Exam PDF and VCE Q&As:267
—Get 10% off your purchase! Copy it:8GTC-8UIE-M1SC [2017.04.01-2017.04.30]

Ensurepass ExamCollection Testking
Lowest Price Guarantee Yes No No
Up-to-Dated Yes No No
Real Questions Yes No No
Explanation Yes No No
PDF + VCE Yes No No
Free VCE Simulator Yes No No
Instant Download Yes No No

2017 Ensurepass IT Certification PDF and VCE

HOT EXAM!
Proudly powered by WordPress   Premium Style Theme by www.gopiplus.com