300-209 Latest Exam (Aug 2018)

[Free] 2018(Aug) Ensurepass Cisco 300-209 Dumps with VCE and PDF 91-100

August 2, 2018

Ensurepass.com : Ensure you pass the IT Exams
2018 Aug Cisco Official New Released 300-209
100% Free Download! 100% Pass Guaranteed!

Implementing Cisco Secure Mobility Solutions

Question No: 91

Which three parameters are specified in the isakmp (IKEv1) policy? (Choose three.)

  1. the hashing algorithm

  2. the authentication method

  3. the lifetime

  4. the session key

  5. the transform-set

  6. the peer

Answer: A,B,C

Question No: 92

Which two changes must be made to migrate from DMVPN Phase 2 to Phase 3 when EIGRP is configured? (Choose two )

  1. Disable EIGRP next-hop-self on the hub.

  2. Enable EIGRP next-hop-self on the hub.

  3. Acid NHRP shortcuts on the hub.

  4. Add NHRP redirects on the hub.

  5. Add NHRP redirects on the spoke.

Answer: B,D

Question No: 93

An engineer is troubleshooting a DMVPN spoken router and sees a CRPTO-4- IKMP_BAD_MESSAGE debug message that a spoke router 鈥渇ailed its sanity check or is malformed鈥?Which issue does the error message indicate?

  1. mismatched preshared key

  2. unsupported transform propsal

  3. invalid IP packet SPI

  4. incompatible transform set

Answer: A

Question No: 94

What are two benefits of DMVPN Phase 3? (Choose two.)

  1. Administrators can use summarization of routing protocol updates from hub to spokes.

  2. It introduces hierarchical DMVPN deployments.

  3. It introduces non-hierarchical DMVPN deployments.

  4. It supports L2TP over IPSec as one of the VPN protocols.

Answer: A,B

Question No: 95

Which two IKEv1 policy options must match on each peer when you configure an IPsec site-to-site VPN? (Choose two.)

  1. priority number

  2. hash algorithm

  3. encryption algorithm

  4. session lifetime

  5. PRF algorithm

Answer: B,C

Question No: 96

Which three plugins are available for clientless SSL VPN? (Choose three.)

  1. CIFS

  2. RDP2

  3. SSH

  4. VNC


  6. ICMP

Answer: B,C,D

Question No: 97

Which protocol can be used for better throughput performance when using Cisco AnyConnect VPN?

  1. TLSv1

  2. TLSv1.1

  3. TLSv1.2

  4. DTLSv1

Answer: D

Question No: 98 CORRECT TEXT


You are the network security manager for your organization. Your manager has received a request to allow an external user to access to your HQ and DM2 servers. You are given the following connection parameters for this task.

Using ASDM on the ASA, configure the parameters below and test your configuration by accessing the Guest PC. Not all AS DM screens are active for this exercise. Also, for this exercise, all changes are automatically applied to the ASA and you will not have to click APPLY to apply the changes manually.

  • Enable Clientless SSL VPN on the outside interface

  • Using the Guest PC, open an Internet Explorer window and test and verify the basic connection to the SSL VPN portal using address: https://vpn-secure-x.public

  • a. You may notice a certificate error in the status bar, this can be ignored for this exercise

  • b. Username: vpnuser

  • c. Password: cisco123

  • d. Logout of the portal once you have verified connectivity

  • Configure two bookmarks with the following parameters:

  • a. Bookmark List Name: MY-BOOKMARKS

  • b. Use the: URL with GET or POST method

  • c. Bookmark Title: HQ-Server


  • d. Bookmark Title: DMZ-Server-FTP


  • e. Assign the configured Bookmarks to:

  • i. DfltGrpPolicy

  • ii. DfltAccessPolicy

  • iii. LOCAL User: vpnuser

  • From the Guest PC, reconnect to the SSL VPN Portal

  • Test both configured Bookmarks to ensure desired connectivity

    You have completed this exercise when you have configured and successfully tested Clientless SSL VPN connectivity.


    Ensurepass 2018 PDF and VCE

    Ensurepass 2018 PDF and VCE

    Ensurepass 2018 PDF and VCE

    Answer: Please find the solution in below explanation.


    First, enable clientless VPN access on the outside interface by checking the box found below:

    Ensurepass 2018 PDF and VCE

    Then, log in to the given URL using the vpnuser/cisco123 credentials:

    Ensurepass 2018 PDF and VCE

    Logging in will take you to this page, which means you have now verified basic connectivity:

    Ensurepass 2018 PDF and VCE

    Now log out by hitting the logout button.

    Now, go back to the ASDM and navigate to the Bookmarks portion:

    Ensurepass 2018 PDF and VCE

    Make the name MY-BOOKMARKS and use the 鈥淎dd鈥?tab and add the bookmarks per the instructions:

    Ensurepass 2018 PDF and VCE

    Ensure the 鈥淯RL with GET of POST method鈥?button is selected and hit OK:

    Ensurepass 2018 PDF and VCE

    Add the two bookmarks as given in the instructions:

    Ensurepass 2018 PDF and VCE

    Ensurepass 2018 PDF and VCE

    You should now see the two bookmarks listed:

    Ensurepass 2018 PDF and VCE

    Hit OK and you will see this:

    Ensurepass 2018 PDF and VCE

    Select the MY-BOOKMARKS Bookmarks and click on the 鈥淎ssign鈥?button. Then, click on the appropriate check boxes as specified in the instructions and hit OK.

    Ensurepass 2018 PDF and VCE

    After hitting OK, you will now see this:

    Ensurepass 2018 PDF and VCE

    Then, go back to the Guest-PC, log back in and you should be able to test out the two new bookmarks.

    Question No: 99

    Which two RADIUS attributes are needed for a VRF-aware FlexVPN hub? (Choose two.)

    1. ip:interface-config=ip unnumbered loobackn

    2. ip:interface-config=ip vrf forwarding ivrf

    3. ip:interface-config=ip src route

    4. ip:interface-config=ip next hop

    5. ip:interface-config=ip neighbor

    Answer: A,B

    Question No: 100

    Which algorithm provides both encryption and authentication for data plane communication?

    1. SHA-96

    2. SHA-384

    3. 3DES

    4. AES-256

    5. AES-GCM

    6. RC4

    Answer: E

    100% Ensurepass Free Download!
    Download Free Demo:300-209 Demo PDF
    100% Ensurepass Free Guaranteed!
    300-209 Dumps

    EnsurePass ExamCollection Testking
    Lowest Price Guarantee Yes No No
    Up-to-Dated Yes No No
    Real Questions Yes No No
    Explanation Yes No No
    PDF VCE Yes No No
    Free VCE Simulator Yes No No
    Instant Download Yes No No