Our pass rate is high to 98.9% and the similarity percentage between our 300-209 study guide and real exam is 90% based on our seven-year educating experience. Do you want achievements in the Cisco 300-209 exam in just one try? I am currently studying for the Cisco 300-209 exam. Latest Cisco 300-209 Test exam practice questions and answers, Try Cisco 300-209 Brain Dumps First.
♥♥ 2021 NEW RECOMMEND ♥♥
Free VCE & PDF File for Cisco 300-209 Real Exam (Full Version!)
★ Pass on Your First TRY ★ 100% Money Back Guarantee ★ Realistic Practice Exam Questions
Free Instant Download NEW 300-209 Exam Dumps (PDF & VCE):
Available on:
http://www.surepassexam.com/300-209-exam-dumps.html
Q71. In the Cisco ASDM interface, where do you enable the DTLS protocol setting?
A. Configuration > Remote Access VPN > Network (Client) Access > Group Policies > Add or Edit > Add or Edit Internal Group Policy
B. Configuration > Remote Access VPN > Network (Client) Access > AAA Setup > Local Users > Add or Edit
C. Device Management > Users/AAA > User Accounts > Add or Edit > Add or Edit User Account > VPN Policy > SSL VPN Client
D. Configuration > Remote Access VPN > Network (Client) Access > Group Policies > Add or Edit
Answer: C
Reference:
http://www.cisco.com/c/en/us/td/docs/security/vpn_client/anyconnect/anyconnect20/admini strative/guide/admin/admin5.html
Shows where DTLS can be configured as:
. Configuration > Remote Access VPN > Network (Client) Access > Group Policies > Add or Edit > Add or Edit Internal Group Policy > Advanced > SSL VPN Client
. Configuration > Remote Access VPN > Network (Client) Access > AAA Setup > Local Users > Add or Edit > Add or Edit User Account > VPN Policy > SSL VPN Client
.Device Management > Users/AAA > User Accounts > Add or Edit > Add or Edit User Account > VPN Policy > SSL VPN Client
Q72. Which type of NHRP packet is unique to Phase 3 DMVPN topologies?
A. resolution request
B. resolution reply
C. redirect
D. registration request
E. registration reply
F. error indication
Answer: C
Q73. Which algorithm is replaced by elliptic curve cryptography in Cisco NGE?
A. 3DES
B. AES
C. DES
D. RSA
Answer: D
Q74. Which technology must be installed on the client computer to enable users to launch applications from a Clientless SSL VPN?
A. Java
B. QuickTime plug-in
C. Silverlight
D. Flash
Answer: A
Q75. Refer to the exhibit.
The customer can establish an AnyConnect connection on the first attempt only. Subsequent attempts fail. What might be the issue?
A. IKEv2 is blocked over the path.
B. UserGroup must be different than the name of the connection profile.
C. The primary protocol should be SSL.
D. UserGroup must be the same as the name of the connection profile.
Answer: D
Q76. Which cryptographic algorithms are a part of the Cisco NGE suite?
A. HIPPA DES
B. AES-CBC-128
C. RC4-128
D. AES-GCM-256
Answer: D
Explanation: Reference:
https://www.cisco.com/web/learning/le21/le39/docs/tdw166_prezo.pdf
Q77. Which.DAP endpoint attribute checks for the matching MAC address of a client machine?
A. device
B. process
C. antispyware
D. BIA
Answer: A
Q78. Which two examples of transform sets are contained in the IKEv2 default proposal? (Choose two.)
A. aes-cbc-192, sha256, 14
B. 3des, md5, 5
C. 3des, sha1, 1
D. aes-cbc-128, sha, 5
Answer: B,D
Q79. Refer to the exhibit.
After the configuration is performed, which combination of devices can connect?
A. a device with an identity type of IPv4 address of 209.165.200.225 or 209.165.202.155 or a certificate with subject name of "cisco.com"
B. a device with an identity type of IPv4 address of both 209.165.200.225 and 209.165.202.155 or a certificate with subject name containing "cisco.com"
C. a device with an identity type of IPv4 address of both 209.165.200.225 and 209.165.202.155 and a certificate with subject name containing "cisco.com"
D. a device with an identity type of IPv4 address of 209.165.200.225 or 209.165.202.155 or a certificate with subject name containing "cisco.com"
Answer: D
Q80. Which protocol does DTLS use for its transport?
A. TCP
B. UDP
C. IMAP
D. DDE
Answer: B
