Nest 0 Cart
Nest Account
Popular Exams
All Categories...
Nest
Nest 0
Contact
Log In / Sign Up
Copyright 2024 © store. All rights reserved.
Home Cisco® 300-209

Cisco® 300-209 Exam Practice Questions (P. 4)

  • Full Access (314 questions)
  • Six months of Premium Access
  • Access to one million comments
  • Seamless ChatGPT Integration
  • Ability to download PDF files
  • Anki Flashcard files for revision
  • No Captcha & No AdSense
  • Advanced Exam Configuration
Get Contributor Access
Question #31
Which Cisco ASDM option configures forwarding syslog messages to email?
  1. A
    Configuration > Device Management > Logging > E-Mail Setup
  2. B
    Configuration > Device Management > E-Mail Setup > Logging Enable
  3. C
    Select the syslogs to email, click Edit, and select the Forward Messages option.
  4. D
    Select the syslogs to email, click Settings, and specify the Destination Email Address option.

Correct Answer:
A

Question #32
Which Cisco ASDM option configures WebVPN access on a Cisco ASA?
  1. A
    Configuration > WebVPN > WebVPN Access
  2. B
    Configuration > Remote Access VPN > Clientless SSL VPN Access
  3. C
    Configuration > WebVPN > WebVPN Config
  4. D
    Configuration > VPN > WebVPN Access

Correct Answer:
B

Question #33
A user with IP address 10.10.10.10 is unable to access a HTTP website at IP address 209.165.200.225 through a Cisco ASA. Which two features and commands will help troubleshoot the issue? (Choose two.)
  1. A
    Capture user traffic using command capture capin interface inside match ip host 10.10.10.10 any
  2. B
    After verifying that user traffic reaches the firewall using syslogs or captures, use packet tracer command packet-tracer input inside tcp 10.10.10.10 1234 209.165.200.225 80
  3. C
    Enable logging at level 1 and check the syslogs using commands logging enable, logging buffered 1 and show logging | include 10.10.10.10
  4. D
    Check if an access-list on the firewall is blocking the user by using command show running-config access-list | include 10.10.10.10
  5. E
    Use packet tracer command packet-tracer input inside udp 0.10.10.10 1234192.168.1.3 161 to see what the firewall is doing with the user's traffic

Correct Answer:
AB

Question #34
A Cisco router may have a fan issue that could increase its temperature and trigger a failure. What troubleshooting steps would verify the issue without causing additional risks?
  1. A
    Configure logging using commands "logging on", "logging buffered 4", and check for fan failure logs using "show logging"
  2. B
    Configure logging using commands "logging on", "logging buffered 6", and check for fan failure logs using "show logging"
  3. C
    Configure logging using commands "logging on", "logging discriminator msglog1 console 7", and check for fan failure logs using "show logging"
  4. D
    Configure logging using commands "logging host 10.11.10.11", "logging trap 2", and check for fan failure logs at the syslog server 10.11.10.11

Correct Answer:
A

Question #35
An internet-based VPN solution is being considered to replace an existing private WAN connecting remote offices. A multimedia application is used that relies on multicast for communication. Which two VPN solutions meet the application's network requirement? (Choose two.)
  1. A
    FlexVPN
  2. B
    DMVPN
  3. C
    Group Encrypted Transport VPN
  4. D
    Crypto-map based Site-to-Site IPsec VPNs
  5. E
    AnyConnect VPN

Correct Answer:
AB

Question #36
A private wan connection is suspected of intermittently corrupting data. Which technology can a network administrator use to detect and drop the altered data traffic?
  1. A
    AES-128
  2. B
    RSA Certificates
  3. C
    SHA2-HMAC
  4. D
    3DES
  5. E
    Diffie-Helman Key Generation

Correct Answer:
C

Question #37
A company needs to provide secure access to its remote workforce. The end users use public kiosk computers and a wide range of devices. They will be accessing only an internal web application. Which VPN solution satisfies these requirements?
  1. A
    Clientless SSLVPN
  2. B
    AnyConnect Client using SSLVPN
  3. C
    AnyConnect Client using IKEv2
  4. D
    FlexVPN Client
  5. E
    Windows built-in PPTP client

Correct Answer:
A

Question #38
A network administrator is configuring AES encryption for the ISAKMP policy on an IOS router. Which two configurations are valid? (Choose two.)
  1. A
    crypto isakmp policy 10 encryption aes 254
  2. B
    crypto isakmp policy 10 encryption aes 192
  3. C
    crypto isakmp policy 10 encryption aes 256
  4. D
    crypto isakmp policy 10 encryption aes 196
  5. E
    crypto isakmp policy 10 encryption aes 198
  6. F
    crypto isakmp policy 10

Correct Answer:
BC

Question #39
Which two qualify as Next Generation Encryption integrity algorithms? (Choose two.)
  1. A
    SHA-512
  2. B
    SHA-256
  3. C
    SHA-192
  4. D
    SHA-380
  5. E
    SHA-192
  6. F
    SHA-196

Correct Answer:
AB

Question #40
Which statement is true when implementing a router with a dynamic public IP address in a crypto map based site-to-site VPN?
  1. A
    The router must be configured with a dynamic crypto map.
  2. B
    Certificates are always used for phase 1 authentication.
  3. C
    The tunnel establishment will fail if the router is configured as a responder only.
  4. D
    The router and the peer router must have NAT traversal enabled.

Correct Answer:
C

Previous Questions Next Questions

All Pages