300-209 Exam Details
-
Exam Code
:300-209 -
Exam Name
:Implementing Cisco Secure Mobility Solutions -
Certification
:Cisco Certifications -
Vendor
:Cisco -
Total Questions
:450 Q&As -
Last Updated
:Dec 15, 2021
Cisco 300-209 Online Questions & Answers
-
Question 211:
An engineer has integrated a new DMVPN to link remote offices across the internet using Cisco IOS routers. When connecting to remote sites, pings and voice data appear to flow properly and all tunnel stats seem to show that are up. However, when trying to connect to a remote server using RDP, the connection fails. Which action resolves this issue?
A. Change DMVPN timeout values.
B. Adjust the MTU size within the routers.
C. Replace certificate on the RDP server.
D. Add RDP port to the extended ACL. -
Question 212:
An engineer is troubleshooting VPN connectivity issues between a PC and ASA using Cisco AnyConnect IPsec IKEv2. Which requirement must be satisfied for proper functioning?
A. The SAN must be used as the CN for the ASA-side certificates.
B. Profile and binary updates must be downloaded over IPsec.
C. The connection must use EAP-AnyConnect.
D. PC certificate must contain the server-auth EKU. -
Question 213:
When attempting to tunnel FTP traffic through a stateful firewall that might be performing NAT or PAT, which type of VPN tunneling should you use to allow the VPN traffic through the stateful firewall?
A. clientless SSL VPN
B. IPsec over TCP
C. smart tunnel
D. SSL VPN plug-ins -
Question 214:
Refer to the exhibit. You are implementing DMVPN Phase 3 in an existing network that uses DMVPN Phase1. You configure NHRP, but the creation of the spoke-to-spoke tunnel fails. Which action do you take to resolve the issue?
A. Remove the multicast flag from the NHRP configuration.
B. Configure the tunnel of the hub by using point-to-point tunnel mode.
C. Configure the tunnel of the spoke by using mGRE tunnel mode.
D. Remove NHRP redirects from the hub configuration. -
Question 215:
Which VPN feature allows remote access clients to print documents to local network printers?
A. Reverse Route Injection
B. split tunneling
C. loopback addressing
D. dynamic virtual tunnels -
Question 216:
Which cryptographic algorithms are approved to protect Top Secret information?
A. HIPPA DES
B. AES-128
C. RC4-128
D. AES-256 -
Question 217:
An XYZ Corporation systems engineer, while making a sales call on the ABC Corporation headquarters, tried to access the XYZ sales demonstration folder to transfer a demonstration via FTP from an ABC conference room behind the
firewall. The engineer could not reach XYZ through the remote-access VPN tunnel. From home the previous day, however, the engineer did connect to the XYZ sales demonstration folder and transferred the demonstration via IPsec over
DSL.
To get the connection to work and transfer the demonstration, what should the engineer do?
A. Change the MTU size on the IPsec client to account for the change from DSL to cable transmission.
B. Enable the local LAN access option on the IPsec client.
C. Enable the IPsec over TCP option on the IPsec client.
D. Enable the clientless SSL VPN option on the PC. -
Question 218:
A customer requests a VPN solution to support multicast traffic and connectivity with non-Cisco devices. What VPN solution would meet the customer requirements?
A. GET VPN
B. EZ VPN
C. Flex VPN
D. L2L VPN -
Question 219:
Which benefit of ECC as compared to RSA is true?
A. requires multiple keys
B. supports Clientless SSL VPN
C. can provide higher security at a lower computational cost
D. can be used on Cisco ASA and Cisco IOS device -
Question 220:
Refer to the Exhibit. A network security engineer is troubleshooting intermittent connectivity issues across a tunnel. Based on the output from the show crypto ipsec sa command, which cause is most likely?
A. ISAKMP and/or IP sec may be bouncing up and down.
B. The security association lifetimes are set to default values.
C. Return traffic is not coming back from the other end of the tunnel.
D. Traffic may flow in only one direction across this tunnel.
Related Exams:
-
300-745
Designing Cisco Security Infrastructure (300-745 SDSI) v1.0 -
350-101
Implementing and Operating Cisco Wireless Core Technologies (350-101 WLCOR)v1.0 -
352-011
Cisco Certified Design Expert Practical -
500-052
Cisco Unified Contact Center Express -
500-173
Designing the FlexPod Solution (FPDESIGN) -
500-201
Deploying Cisco Service Provider Mobile Backhaul Solutions -
500-210
SP Optical Technology Field Engineer Representative -
500-220
Engineering Cisco Meraki Solutions (ECMS) v2.2 -
500-230
Cisco Service Provider Routing Field Engineer -
500-240
Cisco Mobile Backhaul for Field Engineers
Tips on How to Prepare for the Exams
Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only Cisco exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your 300-209 exam preparations and Cisco certification application, do not hesitate to visit our Vcedump.com to find your solutions here.