Nest 0 Cart
Nest Account
Popular Exams
All Categories...
Nest
Nest 0
Contact
Log In / Sign Up
Copyright 2024 © store. All rights reserved.
Home Cisco® 300-209

Cisco® 300-209 Exam Practice Questions (P. 3)

  • Full Access (314 questions)
  • Six months of Premium Access
  • Access to one million comments
  • Seamless ChatGPT Integration
  • Ability to download PDF files
  • Anki Flashcard files for revision
  • No Captcha & No AdSense
  • Advanced Exam Configuration
Get Contributor Access
Question #21
When Cisco ASA applies VPN permissions, what is the first set of attributes that it applies?
  1. A
    dynamic access policy attributes
  2. B
    group policy attributes
  3. C
    connection profile attributes
  4. D
    user attributes

Correct Answer:
A

Question #22
What are two variables for configuring clientless SSL VPN single sign-on? (Choose two.)
  1. A
    CSCO_WEBVPN_OTP_PASSWORD
  2. B
    CSCO_WEBVPN_INTERNAL_PASSWORD
  3. C
    CSCO_WEBVPN_USERNAME
  4. D
    CSCO_WEBVPN_RADIUS_USER

Correct Answer:
BC

Question #23
To change the title panel on the logon page of the Cisco IOS WebVPN portal, which file must you configure?
  1. A
    Cisco IOS WebVPN customization template
  2. B
    Cisco IOS WebVPN customization general
  3. C
    web-access-hlp.inc
  4. D
    app-access-hlp.inc

Correct Answer:
A

Question #24
Which three plugins are available for clientless SSL VPN? (Choose three.)
  1. A
    CIFS
  2. B
    RDP2
  3. C
    SSH
  4. D
    VNC
  5. E
    SQLNET
  6. F
    ICMP

Correct Answer:
BCD

Question #25
Which command simplifies the task of converting an SSL VPN to an IKEv2 VPN on a Cisco ASA appliance that has an invalid IKEv2 configuration?
  1. A
    migrate remote-access ssl overwrite
  2. B
    migrate remote-access ikev2
  3. C
    migrate l2l
  4. D
    migrate remote-access ssl

Correct Answer:
A
Below is a reference for this question:
http://www.cisco.com/c/en/us/support/docs/security/asa-5500-x-series-next-generation-firewalls/113597-ptn-113597.html
If your IKEv1, or even SSL, configuration already exists, the ASA makes the migration process simple. On the command line, enter the migrate command: migrate {l2l | remote-access {ikev2 | ssl} | overwrite}
Things of note:
Keyword definitions:
l2l - This converts current IKEv1 l2l tunnels to IKEv2.
remote access - This converts the remote access configuration. You can convert either the IKEv1 or the SSL tunnel groups to IKEv2. overwrite - If you have a IKEv2 configuration that you wish to overwrite, then this keyword converts the current IKEv1 configuration and removes the superfluous
IKEv2 configuration.

Question #26
Which statement describes a prerequisite for single-sign-on Netegrity Cookie Support in an IOC SSL VPN?
  1. A
    The Cisco AnyConnect Secure Mobility Client must be installed in flash.
  2. B
    A SiteMinder plug-in must be installed on the Cisco SSL VPN gateway.
  3. C
    A Cisco plug-in must be installed on a SiteMinder server.
  4. D
    The Cisco Secure Desktop software package must be installed in flash.

Correct Answer:
C

Question #27
Which two statements describe effects of the DoNothing option within the untrusted network policy on a Cisco AnyConnect profile? (Choose two.)
  1. A
    The client initiates a VPN connection upon detection of an untrusted network.
  2. B
    The client initiates a VPN connection upon detection of a trusted network.
  3. C
    The always-on feature is enabled.
  4. D
    The always-on feature is disabled.
  5. E
    The client does not automatically initiate any VPN connection.

Correct Answer:
DE
Reference: https://www.cisco.com/c/en/us/td/docs/security/vpn_client/anyconnect/anyconnect40/administration/guide/b_AnyConnect_Administrator_Guide_4-0/ configure-vpn.html

Question #28
Which command enables IOS SSL VPN Smart Tunnel support for PuTTY?
  1. A
    appl ssh putty.exe win
  2. B
    appl ssh putty.exe windows
  3. C
    appl ssh putty
  4. D
    appl ssh putty.exe

Correct Answer:
B

Question #29
Which three remote access VPN methods in an ASA appliance provide support for Cisco Secure Desktop? (Choose three.)
  1. A
    IKEv1
  2. B
    IKEv2
  3. C
    SSL client
  4. D
    SSL clientless
  5. E
    ESP
  6. F
    L2TP

Correct Answer:
BCD

Question #30
A user is unable to establish an AnyConnect VPN connection to an ASA. When using the Real-Time Log viewer within ASDM to troubleshoot the issue, which two filter options would the administrator choose to show only syslog messages relevant to the VPN connection? (Choose two.)
  1. A
    Client's public IP address
  2. B
    Client's operating system
  3. C
    Client's default gateway IP address
  4. D
    Client's username
  5. E
    ASA's public IP address

Correct Answer:
AD

Previous Questions Next Questions

All Pages