Get Full Version of the Exam
http://www.EnsurePass.com/300-209.html

Question No.101

Which feature do you include in a highly available system to account for potential site failures?

1. geographical separation of redundant devices

2. hot/standby failover pairs

3. Cisco ACE load-balancing with VIP

4. dual power supplies

Correct Answer: A

Question No.102

What is the default topology type for a GET VPN?

1. point-to-point

2. hub-and-spoke

3. full mesh

4. on-demand spoke-to-spoke

Correct Answer: C

Question No.103

Which option is one component of a Public Key Infrastructure?

1. the Registration Authority

2. Active Directory

3. RADIUS

4. TACACS

Correct Answer: A

Question No.104

Where is split-tunneling defined for remote access clients on an ASA?

1. Group-policy

2. Tunnel-group

3. Crypto-map

4. Web-VPN Portal

5. ISAKMP client

Correct Answer: A

Question No.105

Which IKEv2 feature minimizes the configuration of a FlexVPN on Cisco IOS devices?

1. IKEv2 Suite-B

2. IKEv2 proposals

3. IKEv2 profiles

4. IKEv2 Smart Defaults

Correct Answer: D

Question No.106

Refer to the exhibit. For the ABC Corporation, members of the NOC need the ability to select tunnel groups from a drop-down menu on the Cisco WebVPN login page. As the Cisco ASA administrator, how would you accomplish this task?

1. Define a special identity certificate with multiple groups, which are defined in the certificate OU field, that will grant the certificate holder access to the named groups on the login page.

2. Under Group Policies, define a default group that encompasses the required individual groups that will appear on the login page.

3. Under Connection Profiles, define a NOC profile that encompasses the required individual profiles that will appear on the login page.

4. Under Connection Profiles, enable quot;Allow user to select connection profile.quot;

Correct Answer: D

Explanation:

Cisco ASDM User Guide Version 6.1

Add or Edit SSL VPN Connections gt; Advanced gt; SSL VPN This dialog box lets you configure attributes that affect what the remote user sees upon login. Fields ?Login Page Customization Configures the look and feel of the user login page by specifying which preconfigured customization attributes to apply. The default is DfltCustomization.

ManageOpens the Configure GUI Customization Objects window.

Connection AliasesLists in a table the existing connection aliases and their status and lets you add or delete items in that table. A connection alias appears on the user login page if the connection is configured to allow users to select a particular connection (tunnel group) at login. AddOpens the Add Connection Alias window, on which you can add and enable a connection alias.

DeleteRemoves the selected row from the connection alias table. There is no confirmation or undo.

Group URLsLists in a table the existing group URLs and their status and lets you add or delete items in that table. A group URL appears on the user login page if the connection is configured to allow users to select a particular group at login.

AddOpens the Add Group URL window, on which you can add and enable a group URL. DeleteRemoves the selected row from the connection alias table. There is no confirmation or undo.

Question No.107

Which two cryptographic technologies are recommended for use with FlexVPN? (Choose two.)

1. SHA (HMAC variant)

2. Diffie-Hellman

3. DES

4. MD5 (HMAC variant)

Correct Answer: AB

Question No.108

Which four activities does the Key Server perform in a GETVPN deployment? (Choose four.)

1. authenticates group members

2. manages security policy

3. creates group keys

4. distributes policy/keys

5. encrypts endpoint traffic

6. receives policy/keys

7. defines group members

Correct Answer: ABCD

Question No.109

Which two parameters help to map a VPN session to a tunnel group without using the tunnel- group list? (Choose two.)

1. group-alias

2. certificate map

3. use gateway command

4. group-url

5. AnyConnect client version

Correct Answer: BD

Question No.110

Refer to the exhibit. Which two statements about the given configuration are true? (Choose two.)

1. Defined PSK can be used by any IPSec peer.

2. Any router defined in group 2 will be allowed to connect.

3. It can be used in a DMVPN deployment

4. It is a LAN-to-LAN VPN ISAKMP policy.

5. It is an AnyConnect ISAKMP policy.

6. PSK will not work as configured

Correct Answer: AC

Get Full Version of the Exam
300-209 Dumps
300-209 VCE and PDF

Related Posts

• [Free] 2019(Nov) EnsurePass Cisco 300-209 Dumps with VCE and PDF 211-220
• [Free] 2019(Nov) EnsurePass Cisco 300-209 Dumps with VCE and PDF 181-190
• [Free] 2019(Nov) EnsurePass Cisco 300-209 Dumps with VCE and PDF 191-200
• [Free] 2019(Nov) EnsurePass Cisco 300-209 Dumps with VCE and PDF 201-210
• [Free] 2019(Nov) EnsurePass Cisco 300-209 Dumps with VCE and PDF 171-180
• [Free] 2019(Nov) EnsurePass Cisco 300-209 Dumps with VCE and PDF 151-160