[Free] 2017(Nov) Dumps4cert Testinsides Cisco 300-209 Dumps with VCE and PDF Download 21-30

Dumps4cert 2017 Nov Cisco Official New Released 300-209
100% Free Download! 100% Pass Guaranteed!
http://www.Dumps4cert.com/300-209.html

Implementing Cisco Secure Mobility Solutions

Question No: 21

Which algorithm provides both encryption and authentication for plane communication?

  1. RC4

  2. SHA-384

  3. AES-256

  4. SHA-96

  5. 3DES

  6. AES-GCM

Answer: F

Question No: 22

Which Cisco adaptive security appliance command can be used to view the IPsec PSK of a tunnel group in cleartext?

  1. more system:running-config

  2. show running-config crypto

  3. show running-config tunnel-group

  4. show running-config tunnel-group-map

  5. clear config tunnel-group

  6. show ipsec policy

Answer: A

Question No: 23

Which algorithm is replaced by elliptic curve cryptography in Cisco NGE?

  1. 3DES

  2. AES

  3. DES

  4. RSA

Answer: D

Question No: 24

Which protocols does the Cisco AnyConnect client use to build multiple connections to the security appliance?

  1. TLS and DTLS

  2. IKEv1

  3. L2TP over IPsec

  4. SSH over TCP

Answer: A

Question No: 25

Refer to the exhibit.

Dumps4Cert 2017 PDF and VCE

Which authentication method was used by the remote peer to prove its identity?

  1. Extensible Authentication Protocol

  2. certificate authentication

  3. pre-shared key

  4. XAUTH

Answer: C

Question No: 26

An XYZ Corporation systems engineer, while making a sales call on the ABC Corporation headquarters, tried to access the XYZ sales demonstration folder to transfer a demonstration via FTP from an ABC conference room behind the firewall. The engineer could not reach XYZ through the remote-access VPN tunnel. From home the previous day, however, the engineer did connect to the XYZ sales demonstration folder and transferred the demonstration via IPsec over DSL.

To get the connection to work and transfer the demonstration, what should the engineer do?

  1. Change the MTU size on the IPsec client to account for the change from DSL to cable transmission.

  2. Enable the local LAN access option on the IPsec client.

  3. Enable the IPsec over TCP option on the IPsec client.

  4. Enable the clientless SSL VPN option on the PC.

Answer: C Explanation:

IP Security (IPSec) over Transmission Control Protocol (TCP) enables a VPN Client to operate in an environment in which standard Encapsulating Security Protocol (ESP, Protocol 50) or Internet Key Exchange (IKE, User Datagram Protocol (UDP) 500) cannot function, or can function only with modification to existing firewall rules. IPSec over TCP encapsulates both the IKE and IPSec protocols within a TCP packet, and it enables secure tunneling through both Network Address Translation (NAT) and Port Address Translation (PAT) devices and firewalls

Question No: 27

Which benefit of FlexVPN is not offered by DMVPN using IKEv1?

  1. Dynamic routing protocols can be configured.

  2. IKE implementation can install routes in routing table.

  3. GRE encapsulation allows for forwarding of non-IP traffic.

  4. NHRP authentication provides enhanced security.

Answer: B

Question No: 28

Scenario:

You are the senior network security administrator for your organization. Recently and junior engineer configured a site-to-site IPsec VPN connection between your headquarters Cisco ASA and a remote branch office.

You are now tasked with verifying the IKEvl IPsec installation to ensure it was properly configured according to designated parameters. Using the CLI on both the Cisco ASA and branch ISR, verify the IPsec configuration is properly configured between the two sites.

NOTE: the show running-config command cannot be used for this exercise.

Topology:

Dumps4Cert 2017 PDF and VCE

Dumps4Cert 2017 PDF and VCE

Dumps4Cert 2017 PDF and VCE

Which crypto map tag is being used on the Cisco ASA?

  1. outside_cryptomap

  2. VPN-to-ASA

  3. L2L_Tunnel

  4. outside_map1

Answer: D Explanation:

This is seen from the “show crypto ipsec sa” command on the ASA.

Dumps4Cert 2017 PDF and VCE

Question No: 29

Refer to the exhibit.

Dumps4Cert 2017 PDF and VCE

You have implemented an SSL VPN as shown. Which type of communication takes place between the secure gateway R1 and the Cisco Secure ACS?

  1. HTTP proxy

  2. AAA

  3. policy

  4. port forwarding

Answer: B

Question No: 30

Which option describes the purpose of the shared argument in the DMVPN interface command tunnel protection IPsec profile ProfileName shared?

  1. shares a single profile between multiple tunnel interfaces

  2. allows multiple authentication types to be used on the tunnel interface

  3. shares a single profile between a tunnel interface and a crypto map

  4. shares a single profile between IKEv1 and IKEv2

Answer: A

100% Free Download!
Download Free Demo:300-209 Demo PDF
100% Pass Guaranteed!
Download 2017 Dumps4cert 300-209 Full Exam PDF and VCE

Dumps4cert ExamCollection Testking
Lowest Price Guarantee Yes No No
Up-to-Dated Yes No No
Real Questions Yes No No
Explanation Yes No No
PDF VCE Yes No No
Free VCE Simulator Yes No No
Instant Download Yes No No

2017 Dumps4cert IT Certification PDF and VCE