[Free] 2019(Nov) EnsurePass Cisco 300-209 Dumps with VCE and PDF 41-50

Get Full Version of the Exam

Question No.41

Which three remote access VPN methods in an ASA appliance provide support for Cisco Secure Desktop? (Choose three.)

  1. IKEv1

  2. IKEv2

  3. SSL client

  4. SSL clientless

  5. ESP

  6. L2TP

Correct Answer: BCD

Question No.42

Refer to the exhibit. An administrator is adding IPv6 addressing to an already functioning tunnel. The administrator is unable to ping 2001:DB8:100::2 but can ping Which configuration needs to be added or changed?


  1. No configuration change is necessary. Everything is working correctly.

  2. OSPFv3 needs to be configured on the interface.

  3. NHRP needs to be configured to provide NBMA mapping.

  4. Tunnel mode needs to be changed to GRE IPv4.

  5. Tunnel mode needs to be changed to GRE IPv6.

Correct Answer: E

Question No.43

A Cisco IOS SSL VPN gateway is configured to operate in clientless mode so that users can access file shares on a Microsoft Windows 2003 server. Which protocol is used between the Cisco IOS router and the Windows server?

  1. HTTPS

  2. NetBIOS

  3. CIFS

  4. HTTP

Correct Answer: C

Question No.44

The Cisco AnyConnect client fails to connect via IKEv2 but works with SSL. The following error message is displayed:

quot;Login Denied, unauthorized connection mechanism, contact your administratorquot; What is the most possible cause of this problem?

  1. DAP is terminating the connection because IKEv2 is the protocol that is being used.

  2. The client endpoint does not have the correct user profile to initiate an IKEv2 connection.

  3. The AAA server that is being used does not authorize IKEv2 as the connection mechanism.

  4. The administrator is restricting access to this specific user.

  5. The IKEv2 protocol is not enabled in the group policy of the VPN headend.

Correct Answer: E

Question No.45

Which command can you use to monitor the phase 1 establishment of a FlexVPN tunnel?

  1. show crypto ipsec sa

  2. show crypto isakmp sa

  3. show crypto ikev2 sa

  4. show ip nhrp

Correct Answer: C

Question No.46

Refer to the exhibit. An engineer is troubleshooting a new GRE over IPSEC tunnel. The tunnel is established, but the engineer cannot ping from spoke 1 to spoke 2. Which type of traffic is being blocked?


  1. ESP packets from spoke1 to spoke2

  2. ISAKMP packets from spoke2 to spoke1

  3. ESP packets from spoke2 to spoke1

  4. ISAKMP packets from spoke1 to spoke2

Correct Answer: C

Question No.47

Which two options are purposes of the key server in Cisco IOS GETVPN? (Choose two.)

  1. to define group members.

  2. to distribute static routing information.

  3. to distribute dynamic routing information.

  4. to encrypt transit traffic.

Correct Answer: AD

Question No.48

Which cryptographic algorithms are a part of the Cisco NGE suite?


  2. AES-CBC-128 C. RC4-128

D. AES-GCM-256

Correct Answer: D

Question No.49

Which configuration is used to build a tunnel between a Cisco ASA and ISR?

  1. crypto map

  2. DMVPN

  3. GET VPN

  4. GRE with IPsec

  5. GRE without IPsec

Correct Answer: A

Question No.50

Which command enables IOS SSL VPN Smart Tunnel support for PuTTY?

  1. appl ssh putty.exe win

  2. appl ssh putty.exe windows

  3. appl ssh putty

  4. appl ssh putty.exe

Correct Answer: B

Get Full Version of the Exam
300-209 Dumps
300-209 VCE and PDF

You must be logged in to post a comment.

Proudly powered by WordPress   Premium Style Theme by www.gopiplus.com