[Free] 2017(Apr) Ensurepass Braindumps Cisco 300-209 Latest Dumps 171-180

Ensurepass
2017 April Cisco Official New Released 300-209 Q&As
100% Free Download! 100% Pass Guaranteed!
http://www.ensurepass.com/300-209.html

Implementing Cisco Secure Mobility Solutions (SIMOS)

QUESTION 171

To change the title panel on the logon page of the Cisco IOS WebVPN portal, which file must you configure?

 

A.

Cisco IOS WebVPN customization template

B.

Cisco IOS WebVPN customization general

C.

web-access-hlp.inc

D.

app-access-hlp.inc

 

Correct Answer: A

 

 

QUESTION 172

Refer to the exhibit. A customer cannot establish an IKEv2 site-to-site VPN tunnel between two Cisco ASA devices. Based on the syslog message, which action can bring up the VPN tunnel?

 

clip_image002

 

A.

Increase the maximum SA limit on the local Cisco ASA.

B.

Correct the crypto access list on both Cisco ASA devices.

C.

Remove the maximum SA limit on the remote Cisco ASA.

D.

Reduce the maximum SA limit on the local Cisco ASA.

E.

Correct the IP address in the local and remote crypto maps.

F.

Increase the maximum SA limit on the remote Cisco ASA.

 

Correct Answer: A

 

 

 

 

QUESTION 173

Refer to the exhibit. The IKEv2 tunnel between Router1 and Router2 is failing during session establishment. Which action will allow the session to establish correctly?

 

clip_image003

 

A.

The address command on Router2 must be narrowed down to a /32 mask.

B.

The local and remote keys on Router2 must be switched.

C.

The pre-shared key must be altered to use only lowercase letters.

D.

The local and remote keys on Router2 must be the same.

 

Correct Answer: B

 

 

QUESTION 174

A network administrator is configuring AES encryption for the ISAKMP policy on an IOS router. Which two configurations are valid? (Choose two.)

 

A.

crypto isakmp policy 10

encryption aes 254

B.

crypto isakmp policy 10

encryption aes 192

C.

crypto isakmp policy 10

encryption aes 256

D.

crypto isakmp policy 10

encryption aes 196

E.

crypto isakmp policy 10

encryption aes 199

F.

crypto isakmp policy 10

encryption aes 64

 

Correct Answer: BC

 

 

QUESTION 175

Which two RADIUS attributes are needed for a VRF-aware FlexVPN hub? (Choose two.)

 

A.

ip:interface-config=ip unnumbered loobackn

B.

ip:interface-config=ip vrf forwarding ivrf

C.

ip:interface-config=ip src route

D.

ip:interface-config=ip next hop

E.

ip:interface-config=ip neighbor 0.0.0.0

 

Correct Answer: AB

 

 

QUESTION 176

Remote users want to access internal servers behind an ASA using Microsoft terminal services. Which option outlines the steps required to allow users access via the ASA clientless VPN portal?

 

A.

1. Configure a static pat rule for TCP port 3389

2. Configure an inbound access-list to allow traffic from remote users to the servers

3. Assign this access-list rule to the group policy

B.

1. Configure a bookmark of the type http:// server-IP :3389

2. Enable Smart tunnel on this bookmark

3. Assign the bookmark to the desired group policy

C.

1. Configure a Smart Tunnel application list

2. Add the rdp.exe process to this list

3. Assign the Smart Tunnel application list to the desired group policy

D.

1. Upload an RDP plugin to the ASA

2. Configure a bookmark of the type rdp:// server-IP

3. Assign the bookmark list to the desired group policy

 

Correct Answer: D

 

 

QUESTION 177

You have deployed new Cisco AnyConnect start before logon modules and set the configuration to download modules before logon, but all client connections continue to use the previous version of the module. Which action must you take to correct the problem?

 

A.

Configure start before logon in the client profile.

B.

Configure a group policy to prompt the user to download the updated module.

C.

Define the modules for download in the client profile.

D.

Define the modules for download in the group policy.

< span lang="EN-US" style="font-family: ; mso-font-kerning: 0pt; mso-no-proof: yes"> 

Correct Answer: A

 

 

 

 

 

QUESTION 178

What is the default storage location of user-level bookmarks in an IOS clientless SSL VPN?

 

A.

disk0:/webvpn/{context name}/

B.

disk1:/webvpn/{context name}/

C.

flash:/webvpn/{context name}/

D.

nvram:/webvpn/{context name}/

 

Correct Answer: C

 

 

QUESTION 179

You are configuring a Cisco IOS SSL VPN gateway to operate with DVTI support. Which command must you configure on the virtual template?

 

A.

tunnel protection ipsec

B.

ip virtual-reassembly

C.

tunnel mode ipsec

D.

ip unnumbered

 

Correct Answer: D

 

 

QUESTION 180

In the Diffie-Hellman protocol, which type of key is the shared secret?

 

A.

a symmetric key

B.

an asymmetric key

C.

a decryption key

D.

an encryption key

 

Correct Answer: A

100% Free Download!
—Download Free Demo:300-209 Demo PDF
100% Pass Guaranteed!
Download 2017 Ensurepass 300-209 Full Exam PDF and VCE Q&As:267
—Get 10% off your purchase! Copy it:8GTC-8UIE-M1SC [2017.04.01-2017.04.30]

Ensurepass ExamCollection Testking
Lowest Price Guarantee Yes No No
Up-to-Dated Yes No No
Real Questions Yes No No
Explanation Yes No No
PDF + VCE Yes No No
Free VCE Simulator Yes No No
Instant Download Yes No No

2017 Ensurepass IT Certification PDF and VCE

HOT EXAM!
Proudly powered by WordPress   Premium Style Theme by www.gopiplus.com