[Free] 2019(Nov) EnsurePass Cisco 300-209 Dumps with VCE and PDF 1-10
Get Full Version of the Exam
http://www.EnsurePass.com/300-209.html
Question No.1
Refer to the exhibit. The IKEv2 site-to-site VPN tunnel between two routers is down. Based on the debug output, which type of mismatch might be the problem?
-
PSK
-
crypto policy
-
peer identity
-
transform set
Correct Answer: C
Question No.2
Which command identifies an AnyConnect profile that was uploaded to the router flash?
-
crypto vpn anyconnect profile SSL_profile flash:simos-profile.xml
-
svc import profile SSL_profile flash:simos-profile.xml
-
anyconnect profile SSL_profile flash:simos-profile.xml
-
webvpn import profile SSL_profile flash:simos-profile.xml
Correct Answer: A
Question No.3
A user is trying to connect to a Cisco IOS device using clientless SSL VPN and cannot establish the connection. Which three commands can be used for troubleshooting of the AAA subsystem? (Choose three.)
-
debug aaa authentication
-
debug radius
-
debug vpn authorization error
-
debug ssl openssl errors
-
debug webvpn aaa
-
debug ssl error
Correct Answer: ABD
Question No.4
Refer to the exhibit. Which VPN solution does this configuration represent?
-
Cisco AnyConnect
-
IPsec
-
L2TP
-
SSL VPN
Correct Answer: B
Question No.5
Which is used by GETVPN, FlexVPN and DMVPN?
-
NHRP
-
MPLS
-
GRE
-
ESP
Correct Answer: D
Question No.6
Which three parameters are specified in the isakmp (IKEv1) policy? (Choose three.)
-
the hashing algorithm
-
the authentication method
-
the lifetime
-
the session key
-
the transform-set
-
the peer
Correct Answer: ABC
Question No.7
Which statement about the hub in a DMVPN configuration with iBGP is true?
-
It must be a route reflector client.
-
It must redistribute EIGRP from the spokes.
-
It must be in a different AS.
-
It must be a route reflector.
Correct Answer: D
Question No.8
Refer to the exhibit. Which technology does this configuration demonstrate?
-
AnyConnect SSL over IPv4 IPv6
-
AnyConnect FlexVPN over IPv4 IPv6
-
AnyConnect FlexVPN IPv6 over IPv4
-
AnyConnect SSL IPv6 over IPv4
Correct Answer: A
Question No.9
Refer to the exhibit. While troubleshooting on a remote-access VPN application, a new NOC engineer received the message that is shown. What is the most likely cause of the problem?
-
The IP address that is assigned to the PC of the VPN user is not within the range of addresses that are assigned to the SVC connection.
-
The IP address that is assigned to the PC of the VPN user is in use. The remote user needs to select a different host address within the range.
-
The IP address that is assigned to the PC of the VPN user is in the wrong subnet. The remote user needs to select a different host number within the correct subnet.
-
The IP address pool for contractors was not applied to their connection profile.
Correct Answer: D
Question No.10
Which protocol can be used for better throughput performance when using Cisco AnyConnect VPN?
-
TLSv1
-
TLSv1.1
-
TLSv1.2
-
DTLSv1
Correct Answer: D
Get Full Version of the Exam
300-209 Dumps
300-209 VCE and PDF