300-209 Practice Exam - Real Exam Questions

Practice Our 300-209 Practice Exam Exam Questions and Pass Your Exam Easily.

300-209 Practice Exam

Preparing Cisco 300-209 exam is not difficult now. You can prepare from Cisco Books or 300-209 dumps. Here we have mentioned some sample questions. You can use our free 300-209 dumps study material notes for test preparation. Latest 300-209 practice exam available.

Implementing Cisco Secure Mobility Solutions

Exam Number 300-209 SIMOS 

Associated Certifications:
CCNP Security

Duration: 90 minutes (65 - 75 questions)
Available Languages: English

Register Pearson VUE

Exam Topics:

32% 1.0 Secure Communications
30% 3.0 Secure Communications Architectures
38% 2.0 Troubleshooting, Monitoring
and Reporting Tools

View Exam Detail

300-209 Dumps

Which three settings are required for crypto map configuration? (Choose three.)

A. match address
B. set peer
C. set transform-set
D. set security-association lifetime
E. set security-association level per-host
F. set pfs

Answer: A,B,C

Consider this scenario. When users attempt to connect via a Cisco AnyConnect VPN session, the certificate has changed and the connection fails. What is a possible cause of the connection failure?

A. An invalid modulus was used to generate the initial key.
B. The VPN is using an expired certificate.
C. The Cisco ASA appliance was reloaded.
D. The Trusted Root Store is configured incorrectly.

Answer: C

A network is configured to allow clientless access to resources inside the network. Which feature must be enabled and configured to allow SSH applications to respond on the specified port 8889?

A. auto applet download
B. port forwarding
C. web-type ACL
D. HTTP proxy

Answer: B

Which two statements describe effects of the DoNothing option within the untrusted network policy on a Cisco AnyConnect profile? (Choose two.)

A. The client initiates a VPN connection upon detection of an untrusted network.
B. The client initiates a VPN connection upon detection of a trusted network.
C. The always-on feature is enabled.
D. The always-on feature is disabled.
E. The client does not automatically initiate any VPN connection.

Answer: A,D

In the Cisco ASDM interface, where do you enable the DTLS protocol setting?

A. Configuration > Remote Access VPN > Network (Client) Access > Group Policies > Add or Edit > Add or Edit Internal Group Policy
B. Configuration > Remote Access VPN > Network (Client) Access > AAA Setup > Local Users > Add or Edit
C. Device Management > Users/AAA > User Accounts > Add or Edit > Add or Edit User Account > VPN Policy > SSL VPN Client
D. Configuration > Remote Access VPN > Network (Client) Access > Group Policies > Add or Edit

Answer: C

Which technology can provide high availability for an SSL VPN?

B. a multiple-tunnel configuration
C. a Cisco ASA pair in active/passive failover configuration
D. certificate to tunnel group maps

Answer: C

In FlexVPN, what command can an administrator use to create a virtual template interface that can be configured and applied dynamically to create virtual access interfaces?

A. interface virtual-template number type template
B. interface virtual-template number type tunnel
C. interface template number type virtual
D. interface tunnel-template number

Answer : B

To change the title panel on the logon page of the Cisco IOS WebVPN portal, which file must you configure?

A. Cisco IOS WebVPN customization template

B. Cisco IOS WebVPN customization general

C. web-access-hlp.inc

D. app-access-hlp.inc

Answer: A

What are two variables for configuring clientless SSL VPN single sign-on? (Choose two.)





Answer: B,C

Which cryptographic algorithms are approved to protect Top Secret information?


B. AES-128

C. RC4-128

D. AES-256

Answer: D

page 1 from 2 next page »


Recent Post