Nest 0 Cart
Nest Account
Popular Exams
All Categories...
Nest
Nest 0
Contact
Log In / Sign Up
Copyright 2024 © store. All rights reserved.
Home Cisco® 300-209

Cisco® 300-209 Exam Practice Questions (P. 5)

  • Full Access (314 questions)
  • Six months of Premium Access
  • Access to one million comments
  • Seamless ChatGPT Integration
  • Ability to download PDF files
  • Anki Flashcard files for revision
  • No Captcha & No AdSense
  • Advanced Exam Configuration
Get Contributor Access
Question #41
Which two statements are true when designing a SSL VPN solution using Cisco AnyConnect? (Choose two.)
  1. A
    The VPN server must have a self-signed certificate.
  2. B
    A SSL group pre-shared key must be configured on the server.
  3. C
    Server side certificate is optional if using AAA for client authentication.
  4. D
    The VPN IP address pool can overlap with the rest of the LAN networks.
  5. E
    DTLS can be enabled for better performance.

Correct Answer:
DE

Question #42
Which two features are required when configuring a DMVPN network? (Choose two.)
  1. A
    Dynamic routing protocol
  2. B
    GRE tunnel interface
  3. C
    Next Hop Resolution Protocol
  4. D
    Dynamic crypto map
  5. E
    IPsec encryption

Correct Answer:
BC

Question #43
What are two benefits of DMVPN Phase 3? (Choose two.)
  1. A
    Administrators can use summarization of routing protocol updates from hub to spokes.
  2. B
    It introduces hierarchical DMVPN deployments.
  3. C
    It introduces non-hierarchical DMVPN deployments.
  4. D
    It supports L2TP over IPSec as one of the VPN protocols.

Correct Answer:
AB

Question #44
Which are two main use cases for Clientless SSL VPN? (Choose two.)
  1. A
    In kiosks that are part of a shared environment
  2. B
    When the users do not have admin rights to install a new VPN client
  3. C
    When full tunneling is needed to support applications that use TCP, UDP, and ICMP
  4. D
    To create VPN site-to-site tunnels in combination with remote access

Correct Answer:
AB

Question #45
Which technology can rate-limit the number of tunnels on a DMVPN hub when system utilization is above a specified percentage?
  1. A
    NHRP Event Publisher
  2. B
    interface state control
  3. C
    CAC
  4. D
    NHRP Authentication
  5. E
    ip nhrp connect

Correct Answer:
C

Question #46
Which technology supports tunnel interfaces while remaining compatible with legacy VPN implementations?
  1. A
    FlexVPN
  2. B
    DMVPN
  3. C
    GET VPN
  4. D
    SSL VPN

Correct Answer:
A

Question #47
Which IKEv2 feature minimizes the configuration of a FlexVPN on Cisco IOS devices?
  1. A
    IKEv2 Suite-B
  2. B
    IKEv2 proposals
  3. C
    IKEv2 profiles
  4. D
    IKEv2 Smart Defaults

Correct Answer:
D

Question #48
When an IPsec SVTI is configured, which technology processes traffic forwarding for encryption?
  1. A
    ACL
  2. B
    IP routing
  3. C
    RRI
  4. D
    front door VPN routing and forwarding

Correct Answer:
B

Question #49
An IOS SSL VPN is configured to forward TCP ports. A remote user cannot access the corporate FTP site with a Web browser. What is a possible reason for the failure?
  1. A
    The user's FTP application is not supported.
  2. B
    The user is connecting to an IOS VPN gateway configured in Thin Client Mode.
  3. C
    The user is connecting to an IOS VPN gateway configured in Tunnel Mode.
  4. D
    The user's operating system is not supported.

Correct Answer:
B
Reference:
http://www.cisco.com/c/en/us/support/docs/security/ssl-vpn-client/70664-IOSthinclient.html
Thin-Client SSL VPN (Port Forwarding)
A remote client must download a small, Java-based applet for secure access of TCP applications that use static port numbers. UDP is not supported. Examples include access to POP3, SMTP, IMAP, SSH, and Telnet. The user needs local administrative privileges because changes are made to files on the local machine.
This method of SSL VPN does not work with applications that use dynamic port assignments, for example, several FTP applications.

Question #50
A Cisco IOS SSL VPN gateway is configured to operate in clientless mode so that users can access file shares on a Microsoft Windows 2003 server. Which protocol is used between the Cisco IOS router and the Windows server?
  1. A
    HTTPS
  2. B
    NetBIOS
  3. C
    CIFS
  4. D
    HTTP

Correct Answer:
C

Previous Questions Next Questions

All Pages