[Free] 2019(Nov) EnsurePass Cisco 300-209 Dumps with VCE and PDF 191-200

Get Full Version of the Exam
http://www.EnsurePass.com/300-209.html

Question No.191

A Cisco router may have a fan issue that could increase its temperature and trigger a failure. What troubleshooting steps would verify the issue without causing additional risks?

  1. Configure logging using commands quot;logging onquot;, quot;logging buffered 4quot;, and check for fan failure logs using quot;show loggingquot;

  2. Configure logging using commands quot;logging onquot;, quot;logging buffered 6quot;, and check for fan failure logs using quot;show loggingquot;

  3. Configure logging using commands quot;logging onquot;, quot;logging discriminator msglog1 console 7quot;, and check for fan failure logs using quot;show loggingquot;

  4. Configure logging using commands quot;logging host 10.11.10.11quot;, quot;logging trap 2quot;, and check for fan failure logs at the syslog server 10.11.10.11

Correct Answer: A

Question No.192

A spoke has two Internet connections for failover. How can you achieve optimum failover without affecting any other router in the DMVPN cloud?

  1. Create another DMVPN cloud by configuring another tunnel interface that is sourced from the second ISP link.

  2. Use another router at the spoke site, because two ISP connections on the same router for the same hub is not allowed.

  3. Configure SLA tracking, and when the primary interface goes down, manually change the tunnel source of the tunnel interface.

  4. Create another tunnel interface with same configuration except the tunnel source, and configure the if-state nhrp and backup interface commands on the primary tunnel interface.

Correct Answer: D

Question No.193

A company needs to provide secure access to its remote workforce. The end users use public kiosk computers and a wide range of devices. They will be accessing only an internal web application. Which VPN solution satisfies these requirements?

  1. Clientless SSLVPN

  2. AnyConnect Client using SSLVPN

  3. AnyConnect Client using IKEv2

  4. FlexVPN Client

  5. Windows built-in PPTP client

Correct Answer: A

Question No.194

Which technology can provide high availability for an SSL VPN?

  1. DMVPN

  2. a multiple-tunnel configuration

  3. a Cisco ASA pair in active/passive failover configuration

  4. certificate to tunnel group maps

Correct Answer: C

Question No.195

Refer to the exhibit. In this tunnel mode GRE multipoint example, which command on the hub router distinguishes one spoken form the other?

image

  1. no ip route

  2. ip nhrp map

  3. ip frame-relay

  4. tunnel mode gre multipoint

Correct Answer: D

Question No.196

Which statement is correct concerning the trusted network detection (TND) feature?

  1. The Cisco AnyConnect 3.0 Client supports TND on Windows, Mac, and Linux platforms.

  2. With TND, one result of a Cisco Secure Desktop basic scan on an endpoint is to determine whether a device is a member of a trusted or an untrusted network.

  3. If enabled, and a CSD scan determines that a host is a member of an untrusted network, an administrator can configure the TND feature to prohibit an end user from launching the Cisco AnyConnect VPN Client.

  4. When the user is inside the corporate network, TND can be configured to automatically disconnect a Cisco AnyConnect session.

Correct Answer: D

Explanation: http://www.cisco.com/en/US/docs/security/vpn_client/anyconnect/anyconnect25/administration/gu ide/ac03features.html

Trusted Network Detection

Trusted Network Detection (TND) gives you the ability to have AnyConnect automatically disconnect a VPN connection when the user is inside the corporate network (the trusted network) and start the VPN connection when the user is outside the corporate network (the untrusted network). This feature encourages greater security awareness by initiating a VPN connection when the user is outside the trusted network.

If AnyConnect is also running Start Before Logon (SBL), and the user moves into the trusted network, the SBL window displayed on the computer automatically closes. TND does not interfere with the ability of the user to manually establish a VPN connection. It does not disconnect a VPN connection that the user starts manually in the trusted network. TND only disconnects the VPN session if the user first connects in an untrusted network and moves into a trusted network. For example, TND disconnects the VPN session if the user makes a VPN connection at home and then moves into the corporate office.

Because the TND feature controls the AnyConnect GUI and automatically initiates connections, the GUI should run at all times. If the user exits the GUI, TND does not automatically start the VPN connection.

You configure TND in the AnyConnect profile. No changes are required to the ASA configuration.

Question No.197

What does NHRP stand for?

  1. Next Hop Resolution Protocol

  2. Next Hop Registration Protocol

  3. Next Hub Routing Protocol

  4. Next Hop Routing Protocol

Correct Answer: A

Question No.198

Which option is a required element of Secure Device Provisioning communications?

  1. the introducer

  2. the certificate authority

  3. the requestor

  4. the registration authority

Correct Answer: A

Question No.199

Refer to the exhibit. A NOC engineer is in the process of entering information into the Create New VPN Connection Entry fields. Which statement correctly describes how to do this?

image

  1. In the Connection Entry field, enter the name of the connection profile as it is specified on the Cisco ASA appliance.

  2. In the Host field, enter the IP address of the remote client device.

  3. In the Authentication tab, click the Group Authentication or Mutual Group Authentication radio button to enable symmetrical pre-shared key authentication.

  4. In the Name field, enter the name of the connection profile as it is specified on the Cisco ASA appliance.

Correct Answer: D

Explanation: http://www.cisco.com/en/US/docs/security/vpn_client/cisco_vpn_client/vpn_client46/win/us er/guide/vc4.html#wp1074766

Step 1 Start the VPN Client by choosing Start gt; Programs gt; Cisco Systems VPN Client gt; VPN Client.

Step 2 The VPN Client application starts and displays the advanced mode main window (Figure 4-1). If you are not already there, open the Options menu in simple mode and choose Advanced Mode or press Ctrl-M.

image

Step 3 Select New from the toolbar or the Connection Entries menu. The VPN Client displays a form

image

Step 4 Enter a unique name for this new connection. You can use any name to identify this connection; for example, Engineering. This name can contain spaces, and it is not case- sensitive. Step 5 Enter a description of this connection. This field is optional, but it helps further identify this

connection.

For example, Connection to Engineering remote server. Step 6 Enter the hostname or IP address of the remote VPN device you want to access.

Group Authentication

Your network administrator usually configures group authentication for you. If this is not the case, use the following procedure:

Step 1 Click the Group Authentication radio button.

Step 2 In the Name field, enter the name of the IPSec group to which you belong. This entry is case-sensitive.

Step 3 In the Password field, enter the password (which is also case-sensitive) for your IPSec group. The field displays only asterisks.

Step 4 Verify your password by entering it again in the Confirm Password field.

Question No.200

Which three types of web resources or protocols are enabled by default on the Cisco ASA Clientless SSL VPN portal? (Choose three.)

  1. HTTP

  2. VNC

  3. CIFS

  4. RDP

  5. HTTPS

  6. ICA (Citrix)

Correct Answer: ACE

Get Full Version of the Exam
300-209 Dumps
300-209 VCE and PDF

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.