300-209 | Which three settings are required for crypto map…

Question: 16

Which three settings are required for crypto map configuration? (Choose three.)

A. match address
B. set peer
C. set transform-set
D. set security-association lifetime
E. set security-association level per-host
F. set pfs

Answer: A,B,C

300-209 | When users attempt to connect via a Cisco AnyConnect VPN session…

Question: 15

Consider this scenario. When users attempt to connect via a Cisco AnyConnect VPN session, the certificate has changed and the connection fails. What is a possible cause of the connection failure?

A. An invalid modulus was used to generate the initial key.
B. The VPN is using an expired certificate.
C. The Cisco ASA appliance was reloaded.
D. The Trusted Root Store is configured incorrectly.

Answer: C

300-209 | Which two statements describe effects….

Question: 22

Which two statements describe effects of the DoNothing option within the untrusted network policy on a Cisco AnyConnect profile? (Choose two.)

A. The client initiates a VPN connection upon detection of an untrusted network.
B. The client initiates a VPN connection upon detection of a trusted network.
C. The always-on feature is enabled.
D. The always-on feature is disabled.
E. The client does not automatically initiate any VPN connection.

Answer: A,D

300-209|In the Cisco ASDM interface, where do you enable the DTLS protocol setting?

Question: 34

In the Cisco ASDM interface, where do you enable the DTLS protocol setting?

A. Configuration > Remote Access VPN > Network (Client) Access > Group Policies > Add or Edit > Add or Edit Internal Group Policy
B. Configuration > Remote Access VPN > Network (Client) Access > AAA Setup > Local Users > Add or Edit
C. Device Management > Users/AAA > User Accounts > Add or Edit > Add or Edit User Account > VPN Policy > SSL VPN Client
D. Configuration > Remote Access VPN > Network (Client) Access > Group Policies > Add or Edit

Answer: C

300-209 | In FlexVPN, what command can an administrator use to create a virtual template interface that can be configured and applied dynamically to create virtual access interfaces?

Question : 32

In FlexVPN, what command can an administrator use to create a virtual template interface that can be configured and applied dynamically to create virtual access interfaces?

A. interface virtual-template number type template
B. interface virtual-template number type tunnel
C. interface template number type virtual
D. interface tunnel-template number

Answer : B

300-209 Sample Question : 9

Question : 8

To change the title panel on the logon page of the Cisco IOS WebVPN portal, which file must you configure?

A. Cisco IOS WebVPN customization template

B. Cisco IOS WebVPN customization general

C. web-access-hlp.inc

D. app-access-hlp.inc

Answer: A

300-209 Sample Question : 8

Question : 8

What are two variables for configuring clientless SSL VPN single sign-on? (Choose two.)

A. CSCO_WEBVPN_OTP_PASSWORD

B. CSCO_WEBVPN_INTERNAL_PASSWORD

C. CSCO_WEBVPN_USERNAME

D. CSCO_WEBVPN_RADIUS_USER

Answer: B,C

300-209 Sample Question : 7

Question : 7

Which cryptographic algorithms are approved to protect Top Secret information?

A. HIPPA DES

B. AES-128

C. RC4-128

D. AES-256

Answer: D

Free 300-209 Practice Exam exam questions answers. These Q&A online braindumps are free to use for your 300-209 Practice Exam practice test. We keep adding more questions so keep coming to get dumps.

Leave a Comment.