[Free] 2017(Nov) Dumps4cert Testinsides Cisco 300-209 Dumps with VCE and PDF Download 141-150

Dumps4cert 2017 Nov Cisco Official New Released 300-209
100% Free Download! 100% Pass Guaranteed!
http://www.Dumps4cert.com/300-209.html

Implementing Cisco Secure Mobility Solutions

Question No: 141

Which algorithm does Isakmp use for derive encryption key and integrity

  1. RSA

  2. 3DES

  3. HMAC

  4. AES

  5. Diffie Hellman

Answer: E

Question No: 142 CORRECT TEXT

Scenario:

You are the network security manager for your organization. Your manager has received a request to allow an external user to access to your HQ and DM2 servers. You are given the following connection parameters for this task.

Using ASDM on the ASA, configure the parameters below and test your configuration by accessing the Guest PC. Not all AS DM screens are active for this exercise. Also, for this exercise, all changes are automatically applied to the ASA and you will not have to click APPLY to apply the changes manually.

  • Enable Clientless SSL VPN on the outside interface

  • Using the Guest PC, open an Internet Explorer window and test and verify the basic connection to the SSL VPN portal using address: https://vpn-secure-x.public

  • a. You may notice a certificate error in the status bar, this can be ignored for this exercise

  • b. Username: vpnuser

  • c. Password: cisco123

  • d. Logout of the portal once you have verified connectivity

  • Configure two bookmarks with the following parameters:

  • a. Bookmark List Name: MY-BOOKMARKS

  • b. Use the: URL with GET or POST method

  • c. Bookmark Title: HQ-Server

    鈥?i. http://10.10.3.20

  • d. Bookmark Title: DMZ-Server-FTP

    鈥?i. ftp://172.16.1.50

  • e. Assign the configured Bookmarks to:

  • i. DfltGrpPolicy

  • ii. DfltAccessPolicy

  • iii. LOCAL User: vpnuser

  • From the Guest PC, reconnect to the SSL VPN Portal

  • Test both configured Bookmarks to ensure desired connectivity

You have completed this exercise when you have configured and successfully tested Clientless SSL VPN connectivity.

Topology:

Dumps4Cert 2017 PDF and VCE

Dumps4Cert 2017 PDF and VCE

Dumps4Cert 2017 PDF and VCE

Answer: Please find the solution in below explanation.

Explanation:

First, enable clientless VPN access on the outside interface by checking the box found below:

Dumps4Cert 2017 PDF and VCE

Then, log in to the given URL using the vpnuser/cisco123 credentials:

Dumps4Cert 2017 PDF and VCE

Logging in will take you to this page, which means you have now verified basic connectivity:

Dumps4Cert 2017 PDF and VCE

Now log out by hitting the logout button.

Now, go back to the ASDM and navigate to the Bookmarks portion:

Dumps4Cert 2017 PDF and VCE

Make the name MY-BOOKMARKS and use the “Add” tab and add the bookmarks per the instructions:

Dumps4Cert 2017 PDF and VCE

Ensure the “URL with GET of POST method” button is selected and hit OK:

Dumps4Cert 2017 PDF and VCE

Add the two bookmarks as given in the instructions:

Dumps4Cert 2017 PDF and VCE

Dumps4Cert 2017 PDF and VCE

You should now see the two bookmarks listed:

Dumps4Cert 2017 PDF and VCE

Hit OK and you will see this:

Dumps4Cert 2017 PDF and VCE

Select the MY-BOOKMARKS Bookmarks and click on the “Assign” button. Then, click on the appropriate check boxes as specified in the instructions and hit OK.

Dumps4Cert 2017 PDF and VCE

After hitting OK, you will now see this:

Dumps4Cert 2017 PDF and VCE

Then, go back to the Guest-PC, log back in and you should be able to test out the two new bookmarks.

Question No: 143

Which VPN type can be used to provide secure remote access from public internet cafes and airport kiosks?

  1. site-to-site

  2. business-to-business

  3. Clientless SSL

  4. DMVPN

Answer: C

Question No: 144

A network administrator is configuring AES encryption for the ISAKMP policy on an IOS router. Which two configurations are valid? (Choose two.)

  1. crypto isakmp policy 10 encryption aes 254

  2. crypto isakmp policy 10 encryption aes 192

  3. crypto isakmp policy 10 encryption aes 256

  4. crypto isakmp policy 10 encryption aes 196

  5. crypto isakmp policy 10 encryption aes 199

  6. crypto isakmp policy 10 encryption aes 64

Answer: B,C

Question No: 145

On which Cisco platform are dynamic virtual template interfaces available?

  1. Cisco Adaptive Security Appliance 5585-X

  2. Cisco Catalyst 3750X

  3. Cisco Integrated Services Router Generation 2

  4. Cisco Nexus 7000

Answer: C

Question No: 146

Refer to the exhibit.

Dumps4Cert 2017 PDF and VCE

You executed the show crypto ipsec sa command to troubleshoot an IPSec issue. What problem does the given output indicate?

  1. IKEv2 failed to establish a phase 2 negotiation.

  2. The Crypto ACL is different on the peer device.

  3. ISAKMP was unable to find a matching SA.

  4. IKEv2 was used in aggressive mode.

Answer: B

Question No: 147

When you troubleshoot Cisco AnyConnect, which step does Cisco recommend before you open a TAC case?

  1. Show applet Lifecycle exceptions.

  2. Disable cookies.

  3. Enable the WebVPN cache.

  4. Collect a DART bundle.

Answer: D

Question No: 148

Which option is most effective at preventing a remote access VPN user from bypassing the corporate transparent web proxy?

  1. using the proxy-server settings of the client computer to specify a PAC file for the client computer to download

  2. instructing users to use the corporate proxy server for all web browsing

  3. disabling split tunneling

  4. permitting local LAN access

Answer: C

Question No: 149

Which configuration is used to build a tunnel between a Cisco ASA and ISR?

  1. crypto map

  2. DMVPN

  3. GET VPN

  4. GRE with IPsec

  5. GRE without IPsec

Answer: A

Question No: 150

Which three commands are included in the command show dmvpn detail? (Choose three.)

  1. show ip nhrp nhs

  2. show dmvpn

  3. show crypto session detail

  4. show crypto ipsec sa detail

  5. show crypto sockets

  6. show ip nhrp

Answer: A,B,C

100% Free Download!
Download Free Demo:300-209 Demo PDF
100% Pass Guaranteed!
Download 2017 Dumps4cert 300-209 Full Exam PDF and VCE

Dumps4cert ExamCollection Testking
Lowest Price Guarantee Yes No No
Up-to-Dated Yes No No
Real Questions Yes No No
Explanation Yes No No
PDF VCE Yes No No
Free VCE Simulator Yes No No
Instant Download Yes No No

2017 Dumps4cert IT Certification PDF and VCE