Nest 0 Cart
Nest Account
Popular Exams
All Categories...
Nest
Nest 0
Contact
Log In / Sign Up
Copyright 2024 © store. All rights reserved.
Home Cisco® 300-209

Cisco® 300-209 Exam Practice Questions (P. 1)

  • Full Access (314 questions)
  • Six months of Premium Access
  • Access to one million comments
  • Seamless ChatGPT Integration
  • Ability to download PDF files
  • Anki Flashcard files for revision
  • No Captcha & No AdSense
  • Advanced Exam Configuration
Get Contributor Access
Question #1
Which two are characteristics of GETVPN? (Choose two.)
  1. A
    The IP header of the encrypted packet is preserved
  2. B
    A key server is elected among all configured Group Members
  3. C
    Unique encryption keys are computed for each Group Member
  4. D
    The same key encryption and traffic encryption keys are distributed to all Group Members

Correct Answer:
AD

Question #2
A company has decided to migrate an existing IKEv1 VPN tunnel to IKEv2. Which two are valid configuration constructs on a Cisco IOS router? (Choose two.)
  1. A
    crypto ikev2 keyring keyring-name peer peer1 address 209.165.201.1 255.255.255.255 pre-shared-key local key1 pre-shared-key remote key2
  2. B
    crypto ikev2 transform-set transform-set-name esp-3des esp-md5-hmac esp-aes esp-sha-hmac
  3. C
    crypto ikev2 map crypto-map-name set crypto ikev2 tunnel-group tunnel-group-name set crypto ikev2 transform-set transform-set-name
  4. D
    crypto ikev2 tunnel-group tunnel-group-name match identity remote address 209.165.201.1 authentication local pre-share authentication remote pre-share
  5. E
    crypto ikev2 profile profile-name match identity remote address 209.165.201.1 authentication local pre-share authentication remote pre-share

Correct Answer:
AE

Question #3
Which four activities does the Key Server perform in a GETVPN deployment? (Choose four.)
  1. A
    authenticates group members
  2. B
    manages security policy
  3. C
    creates group keys
  4. D
    distributes policy/keys
  5. E
    encrypts endpoint traffic
  6. F
    receives policy/keys
  7. G
    defines group members

Correct Answer:
ABCD

Question #4
Where is split-tunneling defined for remote access clients on an ASA?
  1. A
    Group-policy
  2. B
    Tunnel-group
  3. C
    Crypto-map
  4. D
    Web-VPN Portal
  5. E
    ISAKMP client

Correct Answer:
A

Question #5
Which of the following could be used to configure remote access VPN Host-scan and pre-login policies?
  1. A
    ASDM
  2. B
    Connection-profile CLI command
  3. C
    Host-scan CLI command under the VPN group policy
  4. D
    Pre-login-check CLI command

Correct Answer:
A

Question #6
In FlexVPN, what command can an administrator use to create a virtual template interface that can be configured and applied dynamically to create virtual access interfaces?
  1. A
    interface virtual-template number type template
  2. B
    interface virtual-template number type tunnel
  3. C
    interface template number type virtual
  4. D
    interface tunnel-template number

Correct Answer:
B
Here is a reference an explanation that can be included with this test. http://www.cisco.com/en/US/docs/ios-xml/ios/sec_conn_ike2vpn/configuration/15-2mt/sec-flex-spoke.html#GUID-4A10927D-4C6A-4202-B01C-DA7E462F5D8A
Configuring the Virtual Tunnel Interface on FlexVPN Spoke

SUMMARY STEPS -
1. enable
2. configure terminal
3. interface virtual-template number type tunnel
4. ip unnumbered tunnel number
5. ip nhrp network-id number
6. ip nhrp shortcut virtual-template-number
7. ip nhrp redirect [timeout seconds]
8. exit

Question #7
In FlexVPN, what is the role of a NHRP resolution request?
  1. A
    It allows these entities to directly communicate without requiring traffic to use an intermediate hop
  2. B
    It dynamically assigns VPN users to a group
  3. C
    It blocks these entities from to directly communicating with each other
  4. D
    It makes sure that each VPN spoke directly communicates with the hub

Correct Answer:
A

Question #8
What are three benefits of deploying a GET VPN? (Choose three.)
  1. A
    It provides highly scalable point-to-point topologies.
  2. B
    It allows replication of packets after encryption.
  3. C
    It is suited for enterprises running over a DMVPN network.
  4. D
    It preserves original source and destination IP address information.
  5. E
    It simplifies encryption management through use of group keying.
  6. F
    It supports non-IP protocols.

Correct Answer:
BDE

Question #9
What is the default topology type for a GET VPN?
  1. A
    point-to-point
  2. B
    hub-and-spoke
  3. C
    full mesh
  4. D
    on-demand spoke-to-spoke

Correct Answer:
C

Question #10
Which two GDOI encryption keys are used within a GET VPN network? (Choose two.)
  1. A
    key encryption key
  2. B
    group encryption key
  3. C
    user encryption key
  4. D
    traffic encryption key

Correct Answer:
AD

Next Questions

All Pages