300-209 burner (121 to 130)

★ Pass on Your First TRY ★ 100% Money Back Guarantee ★ Realistic Practice Exam Questions

Free Instant Download NEW 300-209 Exam Dumps (PDF & VCE):
Available on: https://www.certleader.com/300-209-dumps.html


Printable of 300-209 practice exam materials and testing bible for Cisco certification for customers, Real Success Guaranteed with Updated 300-209 pdf dumps vce Materials. 100% PASS Implementing Cisco Secure Mobility Solutions (SIMOS) exam Today!

2016 May 300-209 Study Guide Questions:

Q121. A company has decided to migrate an existing IKEv1 VPN tunnel to IKEv2. Which two are valid configuration constructs on a Cisco IOS router? (Choose two.) 

A. crypto ikev2 keyring keyring-name 

peer peer1 

address 209.165.201.1 255.255.255.255 

pre-shared-key local key1 

pre-shared-key remote key2 

B. crypto ikev2 transform-set transform-set-name 

esp-3des esp-md5-hmac 

esp-aes esp-sha-hmac 

C. crypto ikev2 map crypto-map-name 

set crypto ikev2 tunnel-group tunnel-group-name 

set crypto ikev2 transform-set transform-set-name 

D. crypto ikev2 tunnel-group tunnel-group-name 

match identity remote address 209.165.201.1 

authentication local pre-share 

authentication remote pre-share 

E. crypto ikev2 profile profile-name 

match identity remote address 209.165.201.1 

authentication local pre-share 

authentication remote pre-share 

Answer: A,E 


Q122. A network is configured to allow clientless access to resources inside the network. Which feature must be enabled and configured to allow SSH applications to respond on the specified port 8889? 

A. auto applet download 

B. port forwarding 

C. web-type ACL 

D. HTTP proxy 

Answer: B 


Q123. Which command clears all crypto configuration from a Cisco Adaptive Security Appliance? 

A. clear configure crypto 

B. clear configure crypto ipsec 

C. clear crypto map 

D. clear crypto ikev2 sa 

Answer: A 


300-209 pdf exam

Rebirth 300-209 vce:

Q124. Refer to the exhibit. 


Which VPN solution does this configuration represent? 

A. Cisco AnyConnect (IKEv2) 

B. site-to-site 

C. DMVPN 

D. SSL VPN 

Answer: D 


Q125. Which cryptographic algorithms are approved to protect Top Secret information? 

A. HIPPA DES 

B. AES-128 

C. RC4-128 

D. AES-256 

Answer: D 


Q126. An administrator desires that when work laptops are not connected to the corporate network, they should automatically initiate an AnyConnect VPN tunnel back to headquarters. Where does the administrator configure this? 

A. Via the svc trusted-network command under the group-policy sub-configuration mode on the ASA 

B. Under the "Automatic VPN Policy" section inside the Anyconnect Profile Editor within ASDM 

C. Under the TNDPolicy XML section within the Local Preferences file on the client computer 

D. Via the svc trusted-network command under the global webvpn sub-configuration mode on the ASA 

Answer: C 


300-209 free practice questions

Exact airaid 300-209:

Q127. Which two parameters are configured within an IKEv2 proposal on an IOS router? (Choose two.) 

A. authentication 

B. encryption 

C. integrity 

D. lifetime 

Answer: B,C 


Q128. Which two statements about the Cisco ASA Clientless SSL VPN solution are true? (Choose two.) 

A. When a client connects to the Cisco ASA WebVPN portal and tries to access HTTP resources through the URL bar, the client uses the local DNS to perform FQDN resolution. 

B. The rewriter enable command under the global webvpn configuration enables the rewriter functionality because that feature is disabled by default. 

C. A Cisco ASA with an AnyConnect Premium Peers license can simultaneously allow Clientless SSL VPN sessions and AnyConnect client sessions. 

D. Content rewriter functionality in the Clientless SSL VPN portal is not supported on Apple mobile devices. 

E. Clientless SSLVPN provides Layer 3 connectivity into the secured network. 

Answer: C,D 


Q129. Which configuration construct must be used in a FlexVPN tunnel? 

A. multipoint GRE tunnel interface 

B. IKEv1 policy 

C. IKEv2 profile 

D. EAP configuration 

Answer: C 


Q130. Which hash algorithm is required to protect classified information? 

A. MD5 

B. SHA-1 

C. SHA-256 

D. SHA-384 

Answer: D 



see more Implementing Cisco Secure Mobility Solutions (SIMOS)