New 300-209 exam questions from PassLeader 300-209 dumps! Welcome to download the newest PassLeader 300-209 VCE and PDF dumps: http://www.passleader.com/300-209.html (406 Q&As –> 423 Q&As –> 462 Q&As)
P.S. Free 300-209 dumps are available on Google Drive shared by PassLeader: https://drive.google.com/open?id=0B-ob6L_QjGLpVTNFVTRPdC0zTnM
QUESTION 136
In which situation would you enable the Smart Tunnel option with clientless SSL VPN?
A. when a user is using an outdated version of a web browser
B. when an application is failing in the rewrite process
C. when IPsec should be used over SSL VPN
D. when a user has a nonsupported Java version installed
E. when cookies are disabled
Answer: B
QUESTION 137
Refer to the exhibit. You executed the show crypto ipsec sa command to troubleshoot an IPSec issue. What problem does the given output indicate?
A. IKEv2 failed to establish a phase 2 negotiation.
B. The Crypto ACL is different on the peer device.
C. ISAKMP was unable to find a matching SA.
D. IKEv2 was used in aggressive mode.
Answer: B
QUESTION 138
Which two types of authentication are supported when you use Cisco ASDM to configure site-to-site IKEv2 with IPv6? (Choose two.)
A. preshared key
B. webAuth
C. digital certificates
D. XAUTH
E. EAP
Answer: AC
QUESTION 139
Which option describes the purpose of the shared argument in the DMVPN interface command tunnel protection IPsec profile ProfileName shared?
A. shares a single profile between multiple tunnel interfaces
B. allows multiple authentication types to be used on the tunnel interface
C. shares a single profile between a tunnel interface and a crypto map
D. shares a single profile between IKEv1 and IKEv2
Answer: A
QUESTION 140
Which type of communication in a FlexVPN implementation uses an NHRP shortcut?
A. spoke to hub
B. spoke to spoke
C. hub to spoke
D. hub to hub
Answer: B
QUESTION 141
Which technology is FlexVPN based on?
A. OER
B. VRF
C. IKEv2
D. an RSA nonce
Answer: C
QUESTION 142
Which application does the Application Access feature of Clientless VPN support?
A. TFTP
B. VoIP
C. Telnet
D. active FTP
Answer: C
QUESTION 143
Where do you configure AnyConnect certificate-based authentication in ASDM?
A. group policies
B. AnyConnect Connection Profile
C. AnyConnect Client Profile
D. Advanced Network (Client) Access
Answer: B
QUESTION 144
Which protocols does the Cisco AnyConnect client use to build multiple connections to the security appliance?
A. TLS and DTLS
B. IKEv1
C. L2TP over IPsec
D. SSH over TCP
Answer: A
QUESTION 145
Which is used by GETVPN, FlexVPN and DMVPN?
A. NHRP
B. MPLS
C. GRE
D. ESP
Answer: D
QUESTION 146
Refer to the exhibit. Which VPN solution does this configuration represent?
A. DMVPN
B. GETVPN
C. FlexVPN
D. site-to-site
Answer: C
QUESTION 147
Which VPN solution is best for a collection of branch offices connected by MPLS that frequenty make VoIP calls between branches?
A. GETVPN
B. Cisco AnyConnect
C. site-to-site
D. DMVPN
Answer: A
QUESTION 148
Refer to the exhibit. You have implemented an SSL VPN as shown. Which type of communication takes place between the secure gateway R1 and the Cisco Secure ACS?
A. HTTP proxy
B. AAA
C. policy
D. port forwarding
Answer: B
QUESTION 149
Which technology can provide high availability for an SSL VPN?
A. DMVPN
B. a multiple-tunnel configuration
C. a Cisco ASA pair in active/passive failover configuration
D. certificate to tunnel group maps
Answer: C
QUESTION 150
Refer to the exhibit. Which VPN solution does this configuration represent?
A. Cisco AnyConnect
B. IPsec
C. L2TP
D. SSL VPN
Answer: B
New 300-209 exam questions from PassLeader 300-209 dumps! Welcome to download the newest PassLeader 300-209 VCE and PDF dumps: http://www.passleader.com/300-209.html (406 Q&As –> 423 Q&As –> 462 Q&As)
P.S. Free 300-209 dumps are available on Google Drive shared by PassLeader: https://drive.google.com/open?id=0B-ob6L_QjGLpVTNFVTRPdC0zTnM