[Free] 2019(Nov) EnsurePass Cisco 300-209 Dumps with VCE and PDF 201-210

Get Full Version of the Exam
http://www.EnsurePass.com/300-209.html

Question No.201

A customer requires all traffic to go through a VPN. However, access to the local network is also required. Which two options can enable this configuration? (Choose two.)

  1. split exclude

  2. use of an XML profile

  3. full tunnel by default

  4. split tunnel

  5. split include

Correct Answer: AB

Question No.202

Which feature is a benefit of Dynamic Multipoint VPN?

  1. geographic filtering of spoke devices

  2. translation PAT

  3. rotating wildcard preshared keys

  4. dynamic spoke-to spoke tunnel establishment

Correct Answer: D

Question No.203

An internet-based VPN solution is being considered to replace an existing private WAN connecting remote offices. A multimedia application is used that relies on multicast for

communication. Which two VPN solutions meet the application#39;s network requirement? (Choose two.)

  1. FlexVPN

  2. DMVPN

  3. Group Encrypted Transport VPN

  4. Crypto-map based Site-to-Site IPsec VPNs

  5. AnyConnect VPN

Correct Answer: AB

Question No.204

Refer to the exhibit. While configuring a site-to-site VPN tunnel, a new NOC engineer encounters the Reverse Route Injection parameter. Assuming that static routes are redistributed by the Cisco ASA to the IGP, what effect does enabling Reverse Route Injection on the local Cisco ASA have on a configuration?

image

  1. The local Cisco ASA advertises its default routes to the distant end of the site-to-site VPN tunnel.

  2. The local Cisco ASA advertises routes from the dynamic routing protocol that is running on the local Cisco ASA to the distant end of the site-to-site VPN tunnel.

  3. The local Cisco ASA advertises routes that are at the distant end of the site-to-site VPN tunnel.

  4. The local Cisco ASA advertises routes that are on its side of the site-to-site VPN tunnel to the distant end of the site-to-site VPN tunnel.

Correct Answer: C

Explanation:

http://www.cisco.com/en/US/products/ps6120/products_configuration_example09186a00809d07d

e.shtml

Question No.205

Which two changes must be made to migrate from DMVPN Phase 2 to Phase 3 when EIGRP is configured? (Choose two )

  1. Disable EIGRP next-hop-self on the hub.

  2. Enable EIGRP next-hop-self on the hub.

  3. Acid NHRP shortcuts on the hub.

  4. Add NHRP redirects on the hub.

  5. Add NHRP redirects on the spoke.

Correct Answer: BD

Question No.206

What is a valid reason for configuring a list of backup servers on the Cisco AnyConnect VPN Client profile?

  1. to access a backup authentication server

  2. to access a backup DHCP server

  3. to access a backup VPN server

  4. to access a backup CA server

Correct Answer: C

Question No.207

Which alogrithm is an example of asymmetric encryption?

  1. RC4

  2. AES

  3. ECDSA

  4. 3DES

Correct Answer: C

Question No.208

Using the Next Generation Encryption technologies, which is the minimum acceptable encryption level to protect sensitive information?

  1. AES 92 bits

  2. AES 128 bits

  3. AES 256 bits

  4. AES 512 bits

Correct Answer: C

Question No.209

Refer to the exhibit. VPN load balancing provides a way to distribute remote access, IPsec, and SSL VPN connections across multiple security appliances. Which remote access client types does the load balancing feature support?

image

  1. IPsec site-to-site tunnels

  2. L2TP over IPsec

  3. OpenVPN

  4. Cisco AnyConnect Secure Mobility Client

Correct Answer: B

Question No.210

Which technology is FlexVPN based on?

  1. OER

  2. VRF

  3. IKEv2

  4. an RSA nonce

Correct Answer: C

Get Full Version of the Exam
300-209 Dumps
300-209 VCE and PDF