Category: 300-209 Practice Exam

300-209 practice exam

Preparing Cisco 300-209 exam is not difficult now. You can prepare from Cisco Books or 300-209 dumps. Here we have mentioned some sample questions. You can use our free 300-209 dumps study material notes for test preparation. Latest 300-209 practice exam available.

Implementing Cisco Secure Mobility Solutions

Exam Number 300-209 SIMOS

Associated Certifications:
CCNP Security

Duration: 90 minutes (65 - 75 questions)
Available Languages: English


Register Pearson VUE



Exam Topics:


32% 1.0 Secure Communications
30% 3.0 Secure Communications Architectures
38% 2.0 Troubleshooting, Monitoring
and Reporting Tools



View Exam Detail


300-209 Dumps

300-209 | Which three settings are required for crypto map…

Question: 16

Which three settings are required for crypto map configuration? (Choose three.)

A. match address
B. set peer
C. set transform-set
D. set security-association lifetime
E. set security-association level per-host
F. set pfs

Answer: A,B,C

300-209 | When users attempt to connect via a Cisco AnyConnect VPN session…

Question: 15

Consider this scenario. When users attempt to connect via a Cisco AnyConnect VPN session, the certificate has changed and the connection fails. What is a possible cause of the connection failure?

A. An invalid modulus was used to generate the initial key.
B. The VPN is using an expired certificate.
C. The Cisco ASA appliance was reloaded.
D. The Trusted Root Store is configured incorrectly.

Answer: C

300-209 | Which two statements describe effects….

Question: 22

Which two statements describe effects of the DoNothing option within the untrusted network policy on a Cisco AnyConnect profile? (Choose two.)

A. The client initiates a VPN connection upon detection of an untrusted network.
B. The client initiates a VPN connection upon detection of a trusted network.
C. The always-on feature is enabled.
D. The always-on feature is disabled.
E. The client does not automatically initiate any VPN connection.

Answer: A,D

300-209|In the Cisco ASDM interface, where do you enable the DTLS protocol setting?

Question: 34

In the Cisco ASDM interface, where do you enable the DTLS protocol setting?

A. Configuration > Remote Access VPN > Network (Client) Access > Group Policies > Add or Edit > Add or Edit Internal Group Policy
B. Configuration > Remote Access VPN > Network (Client) Access > AAA Setup > Local Users > Add or Edit
C. Device Management > Users/AAA > User Accounts > Add or Edit > Add or Edit User Account > VPN Policy > SSL VPN Client
D. Configuration > Remote Access VPN > Network (Client) Access > Group Policies > Add or Edit

Answer: C

300-209 | In FlexVPN, what command can an administrator use to create a virtual template interface that can be configured and applied dynamically to create virtual access interfaces?

Question : 32

In FlexVPN, what command can an administrator use to create a virtual template interface that can be configured and applied dynamically to create virtual access interfaces?

A. interface virtual-template number type template
B. interface virtual-template number type tunnel
C. interface template number type virtual
D. interface tunnel-template number

Answer : B

300-209 Sample Question : 9

Question : 8

To change the title panel on the logon page of the Cisco IOS WebVPN portal, which file must you configure?

A. Cisco IOS WebVPN customization template

B. Cisco IOS WebVPN customization general

C. web-access-hlp.inc

D. app-access-hlp.inc

Answer: A

300-209 Sample Question : 8

Question : 8

What are two variables for configuring clientless SSL VPN single sign-on? (Choose two.)

A. CSCO_WEBVPN_OTP_PASSWORD

B. CSCO_WEBVPN_INTERNAL_PASSWORD

C. CSCO_WEBVPN_USERNAME

D. CSCO_WEBVPN_RADIUS_USER

Answer: B,C

300-209 Sample Question : 7

Question : 7

Which cryptographic algorithms are approved to protect Top Secret information?

A. HIPPA DES

B. AES-128

C. RC4-128

D. AES-256

Answer: D