Want to Pass 300-209 Exam In Next HOURS? Download Now →
February 12, 2018

A Review Of High quality 300-209 testing software


Free Instant Download NEW 300-209 Exam Dumps (PDF & VCE):
Available on: https://www.certshared.com/exam/300-209/


Q111. Refer to the exhibit. 

Which two characteristics of the VPN implementation are evident? (Choose two.) 

A. dual DMVPN cloud setup with dual hub 

B. DMVPN Phase 3 implementation 

C. single DMVPN cloud setup with dual hub 

D. DMVPN Phase 1 implementation 

E. quad DMVPN cloud with quadra hub 

F. DMVPN Phase 2 implementation 

Answer: B,C 


Q112. What is the default topology type for a GET VPN? 

A. point-to-point 

B. hub-and-spoke 

C. full mesh 

D. on-demand spoke-to-spoke 

Answer:


Q113. Which command can you use to monitor the phase 1 establishment of a FlexVPN tunnel? 

A. show crypto ipsec sa 

B. show crypto isakmp sa 

C. show crypto ikev2 sa 

D. show ip nhrp 

Answer:


Q114. In the Diffie-Hellman protocol, which type of key is the shared secret? 

A. a symmetric key 

B. an asymmetric key 

C. a decryption key 

D. an encryption key 

Answer:


Q115. Which feature is enabled by the use of NHRP in a DMVPN network? 

A. host routing with Reverse Route Injection 

B. BGP multiaccess 

C. host to NBMA resolution 

D. EIGRP redistribution 

Answer:


Q116. Which adaptive security appliance command can be used to see a generic framework of the requirements for configuring a VPN tunnel between an adaptive security appliance and 

a Cisco IOS router at a remote office? 

A. vpnsetup site-to-site steps 

B. show running-config crypto 

C. show vpn-sessiondb l2l 

D. vpnsetup ssl-remote-access steps 

Answer:


Q117. A Cisco router may have a fan issue that could increase its temperature and trigger a failure. What troubleshooting steps would verify the issue without causing additional risks? 

A. Configure logging using commands "logging on", "logging buffered 4", and check for fan failure logs using "show logging" 

B. Configure logging using commands "logging on", "logging buffered 6", and check for fan failure logs using "show logging" 

C. Configure logging using commands "logging on", "logging discriminator msglog1 console 7", and check for fan failure logs using "show logging" 

D. Configure logging using commands "logging host 10.11.10.11", "logging trap 2", and check for fan failure logs at the syslog server 10.11.10.11 

Answer:


Q118. As network security architect, you must implement secure VPN connectivity among company branches over a private IP cloud with any-to-any scalable connectivity. Which.technology should you use? 

A. IPsec DVTI 

B. FlexVPN 

C. DMVPN 

D. IPsec SVTI 

E. GET VPN 

Answer:


Q119. Scenario: 

You are the senior network security administrator for your organization. Recently and junior engineer configured a site-to-site IPsec VPN connection between your headquarters Cisco ASA and a remote branch office. 

You are now tasked with verifying the IKEvl IPsec installation to ensure it was properly configured according to designated parameters. Using the CLI on both the Cisco ASA and branch ISR, verify the IPsec configuration is properly configured between the two sites. 

NOTE: the show running-config command cannot be used for this exercise. 

Topology: 

In what state is the IKE security association in on the Cisco ASA? 

A. There are no security associations in place 

B. MM_ACTIVE 

C. ACTIVE(ACTIVE) 

D. QM_IDLE 

Answer:

Explanation: 

This can be seen from the "show crypto isa sa" command: 


Q120. Which three commands are included in the command show dmvpn detail? (Choose three.) 

A. show ip nhrp nhs 

B. show dmvpn 

C. show crypto session detail 

D. show crypto ipsec sa detail 

E. show crypto sockets 

F. show ip nhrp 

Answer: A,B,C