★ Pass on Your First TRY ★ 100% Money Back Guarantee ★ Realistic Practice Exam Questions
Free Instant Download NEW 300-209 Exam Dumps (PDF & VCE):
Available on:
https://www.certleader.com/300-209-dumps.html
Exam Code: 300-209 (Practice Exam Latest Test Questions VCE PDF)
Exam Name: Implementing Cisco Secure Mobility Solutions (SIMOS)
Certification Provider: Cisco
Free Today! Guaranteed Training- Pass 300-209 Exam.
2021 Jul cisco ccnp security 300-209 simos:
Q1. Refer to the exhibit.
Which statement about the given IKE policy is true?
A. The tunnel will be valid for 2 days, 88 minutes, and 00 seconds.
B. It will use encrypted nonces for authentication.
C. It has a keepalive of 60 minutes, checking every 5 minutes.
D. It uses a 56-bit encryption algorithm.
Answer: B
Q2. Which command identifies an AnyConnect profile that was uploaded to the router flash?
A. crypto vpn anyconnect profile SSL_profile flash:simos-profile.xml
B. svc import profile SSL_profile flash:simos-profile.xml
C. anyconnect profile SSL_profile flash:simos-profile.xml
D. webvpn import profile SSL_profile flash:simos-profile.xml
Answer: A
Q3. A custom desktop application needs to access an internal server. An administrator is tasked with configuring the company's SSL VPN gateway to allow remote users to work. Which two technologies would accommodate the company's requirement? (Choose two).
A. AnyConnect client
B. Smart Tunnels
C. Email Proxy
D. Content Rewriter
E. Portal Customizations
Answer: A,B
Q4. You are configuring a Cisco IOS SSL VPN gateway to operate with DVTI support. Which command must you configure on the virtual template?
A. tunnel protection ipsec
B. ip virtual-reassembly
C. tunnel mode ipsec
D. ip unnumbered
Answer: D
Q5. Which three settings are required for crypto map configuration? (Choose three.)
A. match address
B. set peer
C. set transform-set
D. set security-association lifetime
E. set security-association level per-host
F. set pfs
Answer: A,B,C
Replace 300-209 simos books:
Q6. Which command can you use to monitor the phase 1 establishment of a FlexVPN tunnel?
A. show crypto ipsec sa
B. show crypto isakmp sa
C. show crypto ikev2 sa
D. show ip nhrp
Answer: C
Q7. Which technology supports tunnel interfaces while remaining compatible with legacy VPN implementations?
A. FlexVPN
B. DMVPN
C. GET VPN
D. SSL VPN
Answer: A
Q8. Which Cisco ASDM option configures forwarding syslog messages to email?
A. Configuration > Device Management > Logging > E-Mail Setup
B. Configuration > Device Management > E-Mail Setup > Logging Enable
C. Select the syslogs to email, click Edit, and select the Forward Messages option.
D. Select the syslogs to email, click Settings, and specify the Destination Email Address option.
Answer: A
Q9. Which PKI enrollment method allows the user to separate authentication and enrollment actions and also provides an option to specify HTTP/TFTP commands to perform file retrieval from the server?
A. enrollment profile
B. enrollment terminal
C. enrollment url
D. enrollment selfsigned
Answer: A
Q10. Which protocol can be used for better throughput performance when using.Cisco AnyConnect VPN?
A. TLSv1
B. TLSv1.1
C. TLSv1.2
D. DTLSv1
Answer: D