[Free] 2017(Apr) Ensurepass Braindumps Cisco 300-209 Latest Dumps 161-170

Ensurepass
2017 April Cisco Official New Released 300-209 Q&As
100% Free Download! 100% Pass Guaranteed!
http://www.ensurepass.com/300-209.html

Implementing Cisco Secure Mobility Solutions (SIMOS)

QUESTION 161

Refer to the exhibit. When the user “contractor” Cisco AnyConnect tunnel is established, what type of Cisco ASA user restrictions are applied to the tunnel?

 

clip_image002

 

A.

full restrictions (no Cisco ASDM, no CLI, no console access)

B.

full restrictions (no read, no write, no execute permissions)

C.

full restrictions (CLI show commands and Cisco ASDM monitoring permissions only)

D.

full access with no restrictions

 

Correct Answer: D

 

 

QUESTION 162

Refer to the exhibit. Which type of VPN implementation is displayed?

 

clip_image004

 

A.

IKEv2 reconnect

B.

IKEv1 cluster

C.

IKEv2 load balancer

D.

IKEv1 client

E.

IPsec high availability

F.

IKEv2 backup gateway

 

Correct Answer: C

 

 

QUESTION 163

Which command specifies the path to the Host Scan package in an ASA AnyConnect VPN?

 

A.

csd hostscan path image

B.

csd hostscan image path

C.

csd hostscan path

D.

hostscan image path

 

Correct Answer: B

 

 

QUESTION 164

A custom desktop application needs to access an internal server. An administrator is tasked with configuring the company’s SSL VPN gateway to allow remote users to work. Which two technologies would accommodate the company’s requirement? (Choose two).

 

A.

AnyConnect client

B.

Smart Tunnels

C.

Email Proxy

D.

Content Rewriter

E.

Portal Customizations

 

Correct Answer: AB

 

 

QUESTION 165

Which technology can you implement to reduce latency issues associated with a Cisco AnyConnect VPN?

 

A.

DTLS

B.

SCTP

C.

DCCP

D.

SRTP

 

Correct Answer: A

 

 

QUESTION 166

Which NGE IKE Diffie-Hellman group identifier has the strongest cryptographic properties?

 

A.

group 10

B.

group 24

C.

group 5

D.

group 20

 

Correct Answer: D

 

 

QUESTION 167

As network consultant, you are asked to suggest a VPN technology that can support a multivendor environment and secure traffic between sites. Which technology should you recommend?

 

A.

DMVPN

B.

FlexVPN

C.

GET VPN

D.

SSL VPN

 

Correct Answer: B

 

 

QUESTION 168

Refer to the exhibit. In the CLI snippet that is shown, what is the function of the deny option in the access list?

 

clip_image006

 

A.

When set in conjunction with outbound connection-type bidirectional, its function is to prevent the specified traffic from being protected by the crypto map entry.

B.

When set in conjunction with connection-type originate-only, its function is to instruct the Cisco ASA to deny specific inbound traffic if it is not encrypted.

C.

When set in conjunction with outbound connection-type answer-only, its function is to instruct the Cisco ASA to deny specific outbound traffic if it is not encrypted.

D.

When set in conjunction with connection-type originate-only, its function is to cause
all IP traffic that matches the specified conditions to be protected by the crypto map.

 

Correct Answer: A

 

 

QUESTION 169

Refer to the exhibit. You executed the show crypto ipsec sa command to troubleshoot an IPSec issue. What problem does the given output indicate?

 

clip_image008

 

A.

IKEv2 failed to establish a phase 2 negotiation.

B.

The Crypto ACL is different on the peer device.

C.

ISAKMP was unable to find a matching SA.

D.

IKEv2 was used in aggressive mode.

 

Correct Answer: B

 

 

QUESTION 170

What are two forms of SSL VPN? (Choose two.)

 

A.

port forwarding

B.

Full Tunnel Mode

C.

Cisco IOS WebVPN

D.

Cisco AnyConnect

 

Correct Answer: CD

100% Free Download!
—Download Free Demo:300-209 Demo PDF
100% Pass Guaranteed!
Download 2017 Ensurepass 300-209 Full Exam PDF and VCE Q&As:267
—Get 10% off your purchase! Copy it:8GTC-8UIE-M1SC [2017.04.01-2017.04.30]

Ensurepass ExamCollection Testking
Lowest Price Guarantee Yes No No
Up-to-Dated Yes No No
Real Questions Yes No No
Explanation Yes No No
PDF + VCE Yes No No
Free VCE Simulator Yes No No
Instant Download Yes No No

2017 Ensurepass IT Certification PDF and VCE

HOT EXAM!
Proudly powered by WordPress   Premium Style Theme by www.gopiplus.com