Questions And Answers PDF
Cisco 300-209 Implementing Cisco Secure Mobility Solutions (SIMOS)
Version: DEMO
http://www.TestWarrior.com/300-209-practice-exam.html
FOR 300-209 Candidates: We offer Two Products: 1st - We have Practice Tests Software with Actual Exam Questions 2nd - Questions and Answers in PDF Format. Try a Free DEMO of these Exam Products via below Link:
http://www.TestWarrior.com/300-209-practice-exam.html
TestWarrior.com
1
Questions And Answers PDF
Version: 10.0 Question 1 Which two are characteristcs of GETVPN? (Choose two.) A. The IP header of the encrypted packet is preserved B. A key server is elected among all confggred Grogp Members C. Uniqge encrypton keys are compgted for each Grogp Member D. The same key encrypton and trafc encrypton keys are distribgted to all Grogp Members
Aoswern A, D Question 2 A company has decided to migrate an existng IKEv1 VPN tgnnel to IKEv2. Which two are valid confggraton constrgcts on a Cisco IOS rogter? (Choose two.) A. crypto ikev2 keyring keyring-name peer peer1 address 209.165.201.1 255.255.255.255 pre-shared-key local key1 pre-shared-key remote key2 B. crypto ikev2 transform-set transform-set-name esp-3des esp-md5-hmac esp-aes esp-sha-hmac C. crypto ikev2 map crypto-map-name set crypto ikev2 tgnnel-grogp tgnnel-grogp-name set crypto ikev2 transform-set transform-set-name D. crypto ikev2 tgnnel-grogp tgnnel-grogp-name match identty remote address 209.165.201.1 agthentcaton local pre-share agthentcaton remote pre-share E. crypto ikev2 profle profle-name match identty remote address 209.165.201.1 agthentcaton local pre-share agthentcaton remote pre-share
Aoswern A, E Question 3 Which fogr actvites does the Key Server perform in a GETVPN deployment? (Choose fogr.)
TestWarrior.com
2
Questions And Answers PDF
A. agthentcates grogp members B. manages secgrity policy C. creates grogp keys D. distribgtes policy/keys E. encrypts endpoint trafc F. receives policy/keys G. defnes grogp members
Aoswern A, B, C, D Question 4 Where is split-tgnneling defned for remote access clients on an ASA? A. Grogp-policy B. Tgnnel-grogp C. Crypto-map D. Web-VPN Portal E. ISAKMP client
Aoswern A Question 5 Which of the following cogld be gsed to confggre remote access VPN Host-scan and pre-login policies? A. ASDM B. Connecton-profle CLI command C. Host-scan CLI command gnder the VPN grogp policy D. Pre-login-check CLI command
Aoswern A Question 6 In FlexVPN, what command can an administrator gse to create a virtgal template interface that can be confggred and applied dynamically to create virtgal access interfaces? A. interface virtgal-template ngmber type template B. interface virtgal-template ngmber type tgnnel C. interface template ngmber type virtgal D. interface tgnnel-template ngmber
Aoswern B Here is a reference an explanaton that can be inclgded with this test. htpp//www.cisco.com/en/US/docs/ios-xml/ios/sec_conn_ike2vpn/confggraton/15-2mt/sec-fex-
TestWarrior.com
3
Questions And Answers PDF
spoke.html#GUID-4A10927D-4C6A-4202-B01C-DA7E462F5D8A Confggring the Virtgal Tgnnel Interface on FlexVPN Spoke SUMMARY STEPS 1. enable 2. confggre terminal 3. interface virtgal-template ngmber type tgnnel 4. ip gnngmbered tgnnel ngmber 5. ip nhrp network-id ngmber 6. ip nhrp shortcgt virtgal-template-ngmber 7. ip nhrp redirect [tmeogt seconds] 8. exit
Question 7 In FlexVPN, what is the role of a NHRP resolgton reqgest? A. It allows these enttes to directly commgnicate withogt reqgiring trafc to gse an intermediate hop B. It dynamically assigns VPN gsers to a grogp C. It blocks these enttes from to directly commgnicatng with each other D. It makes sgre that each VPN spoke directly commgnicates with the hgb
Aoswern A Question 8 What are three benefts of deploying a GET VPN? (Choose three.) A. It provides highly scalable point-to-point topologies. B. It allows replicaton of packets afer encrypton. C. It is sgited for enterprises rgnning over a DMVPN network. D. It preserves original sogrce and destnaton IP address informaton. E. It simplifes encrypton management throggh gse of grogp keying. F. It sgpports non-IP protocols.
Aoswern B, D, E Question 9 What is the defaglt topology type for a GET VPN? A. point-to-point B. hgb-and-spoke C. fgll mesh D. on-demand spoke-to-spoke
Aoswern C
TestWarrior.com
4
Questions And Answers PDF
Question 10 Which two GDOI encrypton keys are gsed within a GET VPN network? (Choose two.) A. key encrypton key B. grogp encrypton key C. gser encrypton key D. trafc encrypton key
Aoswern A, D Question 11 What are the three primary components of a GET VPN network? (Choose three.) A. Grogp Domain of Interpretaton protocol B. Simple Network Management Protocol C. server load balancer D. accogntng server E. grogp member F. key server
Aoswern A, E, F Question 12 Which two IKEv1 policy optons mgst match on each peer when yog confggre an IPsec site-to-site VPN? (Choose two.) A. priority ngmber B. hash algorithm C. encrypton algorithm D. session lifetme E. PRF algorithm
Aoswern B, C Question 13 Which two parameters are confggred within an IKEv2 proposal on an IOS rogter? (Choose two.) A. agthentcaton B. encrypton C. integrity D. lifetme
Aoswern B, C
TestWarrior.com
5
Questions And Answers PDF
Question 14 In a spoke-to-spoke DMVPN topology, which type of interface does a branch rogter reqgire? A. Virtgal tgnnel interface B. Mgltpoint GRE interface C. Point-to-point GRE interface D. Loopback interface
Aoswern B Question 15 Refer to the exhibit.
Afer the confggraton is performed, which combinaton of devices can connect? A. a device with an identty type of IPv4 address of 209.165.200.225 or 209.165.202.155 or a certfcate with sgbject name of "cisco.com" B. a device with an identty type of IPv4 address of both 209.165.200.225 and 209.165.202.155 or a certfcate with sgbject name containing "cisco.com" C. a device with an identty type of IPv4 address of both 209.165.200.225 and 209.165.202.155 and a certfcate with sgbject name containing "cisco.com" D. a device with an identty type of IPv4 address of 209.165.200.225 or 209.165.202.155 or a certfcate with sgbject name containing "cisco.com"
Aoswern D
TestWarrior.com
6
Questions And Answers PDF
Thank You for Trying Our Product Visit Our Site to Purchase the Full Set of Actual 300-209 Exam Questions With Answers.
http://www.TestWarrior.com/300-209-practice-exam.html We Also Provide Practice Exam Software That Simulates Real Exam Environment And Has Many Self-Assessment Features. Download Free Product Demo From:
Download Free Product Demo from: http://www.TestWarrior.com/300-209-practice-exam.html
Check Out Our Customer Testimonials
TestWarrior.com
7