web analytics

[2-April-2019] New 300-209 Dumps with VCE and PDF from PassLeader (Update Questions)

New 300-209 exam questions from PassLeader 300-209 dumps! Welcome to download the newest PassLeader 300-209 VCE and PDF dumps: https://www.passleader.com/300-209.html (423 Q&As)

P.S. Free 300-209 dumps are available on Google Drive shared by PassLeader: https://drive.google.com/open?id=0B-ob6L_QjGLpVTNFVTRPdC0zTnM

NEW QUESTION 407
Which VPN technology is preferred to reduce latency and provide encryption over MPLS without the use of a central hub?

A.    DMVPN
B.    IPsec
C.    FlexVPN
D.    GETVPN

Answer: D

NEW QUESTION 408
Which option is a benefit of ECC as compared to public key cryptography?

A.    improves security by using a large key size
B.    increases speed by using many algorithm methods
C.    increases speed by using a small key
D.    improves security by using many keys

Answer: C

NEW QUESTION 409
What are two benefits of SSL VPN versus IPSec VPN when considering a remote-access VPN technology? (Choose two.)

A.    It is accessible via web browser.
B.    It leverages existing network infrastructure.
C.    It minimizes desktop support.
D.    It allows for increased client customization.
E.    It works in environments that are heavily filtered.

Answer: AD

NEW QUESTION 410
What represents a possible network configuration issue in clientless SSL VPN deployments?

A.    The AnyConnect version is not up to date.
B.    The VPN IP pool is exhausted.
C.    The SSL server public certificate is untrusted.
D.    NAT exemption has not been configured.

Answer: C

NEW QUESTION 411
Which statement about the local and remote methods in an IKEv2 authentication exchange is true?

A.    They must be different.
B.    They must be the same.
C.    They may be the same or different.
D.    There must be one local and two remote methods.

Answer: B

NEW QUESTION 412
An engineer must set up a site-to-site VPN implementation with an any-to-any topology that provides secure routing across the router backbone. Which VPN technology allows a shared IPSec SA to be used?

A.    GETVPN
B.    FlexVPN
C.    IPsec
D.    DMVPN

Answer: A

NEW QUESTION 413
An engineer has deployed Cisco IOS crypto-map based VPN and wants to ensure that state information is shared in an HA group. Which high availabilit technology must be used?

A.    GLBP
B.    VRRP
C.    HSRP
D.    HSRP

Answer: D

NEW QUESTION 414
Which option is a benefit of DTLS as compared to TLS?

A.    increases reliability
B.    increases performance
C.    controls packet loss
D.    controls packet order

Answer: B

NEW QUESTION 415
You are designing a remote VPN solution that will use the Cisco AnyConnect client. By default, which type of traffic should you enable on the perimeter firewall to allow users to initiate sessions from the LAN to an external Cisco ASA?

A.    TCP port 443 in TLS mode
B.    UDP port 848 in DTLS mode
C.    UDP ports 500 and 4500
D.    TCP port 8443 in DTLS mode

Answer: A

NEW QUESTION 416
A network engineer testing a clientless VPN connection on a local workstation sees the “Clientless (browser) SSL VPN access is not allowed.” message in the web browser. Which command remediates the problem?

A.    vpn-tunnel-protocol ssl-clientless
B.    deny-message none
C.    svc dtls enable
D.    auto-signon allow uri cifs://X.X.X.XT auth-type all

Answer: A

NEW QUESTION 417
A network engineer wants to send multicast traffic between two routers that are separated by an IP cloud. The network engineer has access to the two routers, but does not have administrative control of the devices within the IP cloud. How can this goal be accomplished?

A.    Use IP PIM dense-mode.
B.    Configure a crypto-map based site-to-site VPN between the two routers.
C.    Turn on IP multicast routing.
D.    Configure a generic routing encapsulation tunnel.

Answer: D

NEW QUESTION 418
Which two NHRP functions are specific to DMVPN Phase 3 implementation? (Choose two.)

A.    registration request
B.    registration reply
C.    resolution request
D.    resolution reply
E.    redirect

Answer: DE

NEW QUESTION 419
During an SSL session between a client and a server, who is responsible for generating the master key that generates the symmetric keys that are use during the session?

A.    cipher suite
B.    public key infrastructure
C.    client browser
D.    web server

Answer: C

NEW QUESTION 420
Drag and Drop
Drag and drop the steps on the left into the correct order of DMVPN process execution for quick mode exchange on the right.
passleader-300-209-dumps-4201

Answer:
passleader-300-209-dumps-4202

NEW QUESTION 421
……


New 300-209 exam questions from PassLeader 300-209 dumps! Welcome to download the newest PassLeader 300-209 VCE and PDF dumps: https://www.passleader.com/300-209.html (423 Q&As)

P.S. Free 300-209 dumps are available on Google Drive shared by PassLeader: https://drive.google.com/open?id=0B-ob6L_QjGLpVTNFVTRPdC0zTnM