1. Home
  2. Cisco
  3. 300-209

Cisco 300-209 Online Practice Questions and Exam Preparation

300-209 Exam Details

  • Exam Code
    :300-209
  • Exam Name
    :Implementing Cisco Secure Mobility Solutions
  • Certification
    :Cisco Certifications
  • Vendor
    :Cisco
  • Total Questions
    :450 Q&As
  • Last Updated
    :Dec 15, 2021

Cisco 300-209 Online Questions & Answers

  • Question 111:

    Which command does a network engineer type on both spoke routers to check for unidirectional traffic within the VPN tunnel?

    A. show crypto ipsec summary
    B. show eigrp neighbors
    C. show crypto isakmp sa detail
    D. show crypto ipsec sa peer

  • Question 112:

    Refer to the exhibit. Which authentication method was used by the remote peer to prove its identity?

    A. Extensible Authentication Protocol
    B. certificate authentication
    C. pre-shared key
    D. XAUTH

  • Question 113:

    Refer to the exhibit. An administrator had the above configuration working with SSL protocol, but as soon as the administrator specified IPsec as the primary protocol, the Cisco AnyConnect client was not able to connect. What is the problem?

    A. IPsec will not work in conjunction with a group URL.
    B. The Cisco AnyConnect implementation does not allow the two group URLs to be the same. SSL does allow this.
    C. If you specify the primary protocol as IPsec, the User Group must be the exact name of the connection profile (tunnel group).
    D. A new XML profile should be created instead of modifying the existing profile, so that the clients force the update.

  • Question 114:

    Which description of how DTLS improves application performance is true?

    A. uses connection-oriented sessions
    B. creates less overhead by using UDP
    C. avoids bandwidth and latency issues
    D. uses a flow control mechanism

  • Question 115:

    Refer to the exhibit. You are configuring FlexVPN on a router. The tunnel fails to come up. Which type of mismatch is the root cause of the failure?

    A. access list
    B. peer ID
    C. preshared key
    D. transform proposal

  • Question 116:

    An engineer is troubleshooting IPsec VPN and wants to show each phase2 SA build as well as the amount of traffic sent. Which command accomplishes that goal?

    A. show crypto esp sa
    B. show crypto isakmp sa
    C. show crypto engine connection active
    D. show crypto ipsec sa

  • Question 117:

    Which option must be enabled to allow an SSLVPN which is configured for DTLS to fall back to TLS?

    A. svc rekey method ssl
    B. svc dpd-interval
    C. svc profiles value
    D. svc dtls enable

  • Question 118:

    When using Clientless SSL VPN on a Cisco ASA, which authentication method is required for single sign-on?

    A. TACACS
    B. LOCAL
    C. RADIUS
    D. SAML 2.0

  • Question 119:

    Which statement about the hub in a DMVPN configuration with iBGP is true?

    A. It must be a route reflector client.
    B. It must redistribute EIGRP from the spokes.
    C. It must be in a different AS.
    D. It must be a route reflector.

  • Question 120:

    Which DAP endpoint attribute checks for the matching MAC address of a client machine?

    A. device
    B. process
    C. antispyware
    D. BIA

Related Exams:

Tips on How to Prepare for the Exams

Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only Cisco exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your 300-209 exam preparations and Cisco certification application, do not hesitate to visit our Vcedump.com to find your solutions here.