300-209 Exam Dumps | Scenario: You are the senior network security administrator for your organization. Recently and junior

<< Prev Question Next Question >>

Question 33/188

Scenario:
You are the senior network security administrator for your organization. Recently and junior engineer configured a site-to-site IPsec VPN connection between your headquarters Cisco ASA and a remote branch office.
You are now tasked with verifying the IKEvl IPsec installation to ensure it was properly configured according to designated parameters. Using the CLI on both the Cisco ASA and branch ISR, verify the IPsec configuration is properly configured between the two sites.
NOTE: the show running-config command cannot be used for this exercise.
Topology:

Which crypto map tag is being used on the Cisco ASA?

A. outside_cryptomap

B. VPN-to-ASA

C. L2L_Tunnel

D. outside_map1

Question List (188q): Question 1: Which of these are the two types of keys used when implement...; Question 2: Scenario: You are the senior network security administrator ...; Question 3: Which option is most effective at preventing a remote access...; Question 4: SIMULATION Scenario: You are the network security manager fo...; Question 5: Which command clears all Cisco AnyConnect VPN session on a C...; Question 6: Which command clears all crypto configuration from a Cisco A...; Question 7: What is the default storage location of user-level bookmarks...; Question 8: In which situation would you enable the Smart Tunnel option ...; Question 9: You are configuring a Cisco IOS SSL VPN gateway to operate w...; Question 10: Which technology can provide high availability for an SSL VP...; Question 11: When you troubleshoot Cisco AnyConnect, which step does Cisc...; Question 12: Refer to the exhibit. (Exhibit) Which authentication method ...; Question 13: An engineer is troubleshooting VPN connectivity issues betwe...; Question 14: Which technology is FlexVPN based on?...; Question 15: Which technology must be installed on the client computer to...; Question 16: Refer to the exhibit. (Exhibit) You executed the show crypto...; Question 17: A spoke has two Internet connections for failover. How can y...; Question 18: Refer to the exhibit. Given the partial configuration shown,...; Question 19: When you configure IPsec VPN High Availability Enhancements,...; Question 20: Refer to the exhibit. (Exhibit) The customer can establish a...; Question 21: What URL do you use to download a packet capture file in a f...; Question 22: Which benefit of FlexVPN is not offered by DMVPN using IKEv1...; Question 23: Refer to the exhibit. (Exhibit) Which type of VPN implementa...; Question 24: Which option describes the purpose of the command show deriv...; Question 25: Which feature is enabled by the use of NHRP in a DMVPN netwo...; Question 26: Which command clears all Cisco AnyConnect VPN sessions?...; Question 27: Where do you configure AnyConnect certificate-based authenti...; Question 28: A network engineer must configure a new VPN tunnel utilizing...; Question 29: (Exhibit) Which option shows the correct traffic selectors f...; Question 30: Which technology supports tunnel interfaces while remaining ...; Question 31: Refer to the exhibit. (Exhibit) You have implemented an SSL ...; Question 32: Which group-policy subcommand installs the Diagnostic AnyCon...; Question 33: Scenario: You are the senior network security administrator ...; Question 34: Which alogrithm is an example of asymmetric encryption?...; Question 35: A network administrator is configuring AES encryption for th...; Question 36: A user is unable to establish an AnyConnect VPN connection t...; Question 37: A Cisco router may have a fan issue that could increase its ...; Question 38: Which option is one component of a Public Key Infrastructure...; Question 39: Scenario Your organization has just implemented a Cisco AnyC...; Question 40: A custom desktop application needs to access an internal ser...; Question 41: Which Cisco ASDM option configures WebVPN access on a Cisco ...; Question 42: A network engineer is troubleshooting a site-to-site VPN tun...; Question 43: Which application does the Application Access feature of Cli...; Question 44: Which three parameters must match on all routers in a DMVPN ...; Question 45: Which protocols does the Cisco AnyConnect client use to buil...; Question 46: Which functionality is provided by L2TPv3 over FlexVPN?...; Question 47: Which two technologies are considered to be Suite B cryptogr...; Question 48: Refer to the exhibit. (Exhibit) Which action is demonstrated...; Question 49: Which command specifies the path to the Host Scan package in...; Question 50: A private wan connection is suspected of intermittently corr...; Question 51: Which IKEv2 feature minimizes the configuration of a FlexVPN...; Question 52: Refer to the exhibit. (Exhibit) Which VPN solution does this...; Question 53: A Cisco IOS SSL VPN gateway is configured to operate in clie...; Question 54: An internet-based VPN solution is being considered to replac...; Question 55: Which equation describes an elliptic curve?...; Question 56: Which two statements about the running configuration of the ...; Question 57: What must be enabled in the web browser of the client comput...; Question 58: What action does the hub take when it receives a NHRP resolu...; Question 59: An engineer notices that while an employee is connected remo...; Question 60: Refer to the exhibit. Based on the partial configuration sho...; Question 61: Which of these is true regarding tunnel configuration when d...; Question 62: Refer to the exhibit. (Exhibit) Which exchange does this deb...; Question 63: Which type of NHRP packet is unique to Phase 3 DMVPN topolog...; Question 64: (Exhibit) Based on the provided ASDM configuration for the r...; Question 65: Which two are features of GETVPN but not DMVPN and FlexVPN? ...; Question 66: (Exhibit) If the IKEv2 tunnel were to establish successfully...; Question 67: A client has asked an engineer to assist in installing and u...; Question 68: Refer to the exhibit. (Exhibit) Which technology does this c...; Question 69: Which Cisco adaptive security appliance command can be used ...; Question 70: Refer to the exhibit. (Exhibit) What technology does the giv...; Question 71: Which feature enforces the corporate policy for Internet acc...; Question 72: Which protocol can be used for better throughput performance...; Question 73: Which three types of web resources or protocols are enabled ...; Question 74: What is the Cisco recommended TCP maximum segment on a DMVPN...; Question 75: Refer to the exhibit. (Exhibit) An IPsec peer is exchanging ...; Question 76: In the Diffie-Hellman protocol, which type of key is the sha...; Question 77: Which configuration construct must be used in a FlexVPN tunn...; Question 78: A customer requires all traffic to go through a VPN. However...; Question 79: Scenario: You are the senior network security administrator ...; Question 80: Refer to the exhibit. (Exhibit) Which VPN solution does this...; Question 81: Which Cisco IOS VPN feature simplifies IPsec VPN configurati...; Question 82: Refer to the exhibit. The IKEv2 site-to-site VPN tunnel betw...; 1 commentQuestion 83: The following configuration steps have been completeD. WebVP...; Question 84: Which two RADIUS attributes are needed for a VRF-aware FlexV...; Question 85: Refer to the exhibit. (Exhibit) Which type of VPN is being c...; Question 86: You are troubleshooting a DMVPN NHRP registration failure. W...; Question 87: Which command can you use to monitor the phase 1 establishme...; Question 88: An engineer is using DMVPN to provide secure connectivity be...; Question 89: Which PKI enrollment method allows the user to separate auth...; Question 90: Which two features are required when configuring a DMVPN net...; Question 91: Refer to the exhibit. (Exhibit) While configuring a site-to-...; Question 92: Refer to the exhibit. (Exhibit) Which VPN solution does this...; Question 93: Which is used by GETVPN, FlexVPN and DMVPN?...; Question 94: Which two qualify as Next Generation Encryption integrity al...; Question 95: An engineer wants to ensure that employees cannot access cor...; Question 96: When you are configuring a DMVPN network, which tunnel mode ...; Question 97: Which command enables IOS SSL VPN Smart Tunnel support for P...; Question 98: SIMULATION (Exhibit); Question 99: Which NGE IKE Diffie-Hellman group identifier has the strong...; Question 100: Which DAP endpoint attribute checks for the matching MAC add...; Question 101: Which Cisco ASDM option configures forwarding syslog message...; Question 102: Which two parameters help to map a VPN session to a tunnel g...; Question 103: Refer to the exhibit. (Exhibit) Which two characteristics of...; Question 104: Refer to the exhibit. (Exhibit) Which VPN solution does this...; Question 105: Which three configuration parameters are mandatory for an IK...; Question 106: Which two cryptographic technologies are recommended for use...; Question 107: Which VPN feature allows remote access clients to print docu...; Question 108: Which cryptographic algorithms are a part of the Cisco NGE s...; Question 109: When attempting to tunnel FTP traffic through a stateful fir...; Question 110: Which algorithm is replaced by elliptic curve cryptography i...; Question 111: Which command is used to determine how many GMs have registe...; Question 112: Refer to the exhibit. (Exhibit) The ABC Corporation is chang...; Question 113: Which option describes what address preservation with IPsec ...; Question 114: Which technology can you implement to reduce latency issues ...; Question 115: Which command enables the router to form EIGRP neighbor adja...; Question 116: As network consultant, you are asked to suggest a VPN techno...; Question 117: When implementing GET VPN, which of these is a characteristi...; Question 118: When an IPsec SVTI is configured, which technology processes...; Question 119: An administrator wishes to limit the networks reachable over...; Question 120: Refer to the exhibit. What is the problem with the IKEv2 sit...; Question 121: Which statement describes a prerequisite for single-sign-on ...; Question 122: Which are two main use cases for Clientless SSL VPN? (Choose...; Question 123: Which two statements are true when designing a SSL VPN solut...; Question 124: Which Cisco firewall platform supports Cisco NGE?...; Question 125: Which transform set is contained in the IKEv2 default propos...; Question 126: Which VPN solution is best for a collection of branch office...; Question 127: Which option is a possible solution if you cannot access a U...; 1 commentQuestion 128: Why must a network engineer avoid usage of the default X509 ...; Question 129: Which three remote access VPN methods in an ASA appliance pr...; Question 130: Refer to the exhibit. (Exhibit) The "level_2" digital certif...; Question 131: Refer to the exhibit. (Exhibit) Which statement about the gi...; Question 132: Which Cisco IOS feature provides secure, on-demand meshed co...; Question 133: Which option describes the purpose of the shared argument in...; Question 134: Which technology can rate-limit the number of tunnels on a D...; Question 135: (Exhibit) When a tunnel is initiated by the headquarter ASA,...; Question 136: Which two types of authentication are supported when you use...; Question 137: Which statement is true when implementing a router with a dy...; Question 138: Remote users want to access internal servers behind an ASA u...; Question 139: An IOS SSL VPN is configured to forward TCP ports. A remote ...; Question 140: With Cisco ASA active/standby failover, by default, how many...; Question 141: Which option is an example of an asymmetric algorithm?...; Question 142: Which two statements describe effects of the DoNothing optio...; Question 143: Which two statements regarding IKEv2 are true per RFC 4306? ...; Question 144: Scenario Your organization has just implemented a Cisco AnyC...; Question 145: A user with IP address 10.10.10.10 is unable to access a HTT...; Question 146: In DMVPN phase 2, which two EIGRP features need to be disabl...; Question 147: (Exhibit) After implementing the IKEv2 tunnel, it was observ...; Question 148: Which technology does a multipoint GRE interface require to ...; Question 149: (Exhibit) Refer to the exhibit. In this tunnel mode GRE mult...; Question 150: Which two examples of transform sets are contained in the IK...; Question 151: Which type of communication in a FlexVPN implementation uses...; Question 152: Which two statements about the Cisco ASA Clientless SSL VPN ...; Question 153: A company needs to provide secure access to its remote workf...; Question 154: Which command will prevent a group policy from inheriting a ...; Question 155: When troubleshooting established clientless SSL VPN issues, ...; Question 156: In a GET VPN solution, which two ways can the key server dis...; Question 157: Scenario Your organization has just implemented a Cisco AnyC...; Question 158: Refer to the exhibit. (Exhibit) What is the purpose of the g...; Question 159: A rogue static route is installed in the routing table of a ...; Question 160: If Web VPN bookmarks are grayed out on the home screen, whic...; Question 161: Which interface is managed by the VPN Access Interface field...; Question 162: Which statement about plug-ins is false?...; Question 163: You have deployed new Cisco AnyConnect start before logon mo...; Question 164: Which option is a required element of Secure Device Provisio...; Question 165: Which feature do you include in a highly available system to...; Question 166: Which cryptographic algorithms are approved to protect Top S...; Question 167: Which command configures IKEv2 symmetric identity authentica...; Question 168: Which statement about the hub in a DMVPN configuration with ...; Question 169: Which hash algorithm is required to protect classified infor...; Question 170: Refer to the exhibit. (Exhibit) A customer cannot establish ...; Question 171: What does NHRP stand for?; Question 172: Which protocol must be enabled on the inside interface to us...; Question 173: Which three parameters are specified in the isakmp (IKEv1) p...; Question 174: A company's remote locations connect to data centers via MPL...; Question 175: Refer to the exhibit. (Exhibit) Which two statements about t...; Question 176: Which protocol does DTLS use for its transport?...; Question 177: Which two statements comparing ECC and RSA are true? (Choose...; Question 178: What are two benefits of DMVPN Phase 3? (Choose two.)...; Question 179: Scenario: You are the senior network security administrator ...; Question 180: Which encryption and authentication algorithms does Cisco re...; Question 181: Refer to the exhibit. (Exhibit) The customer needs to launch...; Question 182: On which Cisco platform are dynamic virtual template interfa...; Question 183: Which feature is available in IKEv1 but not IKEv2?...; Question 184: An administrator desires that when work laptops are not conn...; Question 185: Which protocol supports high availability in a Cisco IOS SSL...; Question 186: Scenario Your organization has just implemented a Cisco AnyC...; Question 187: Which three commands are included in the command show dmvpn ...; 1 commentQuestion 188: A user is trying to connect to a Cisco IOS device using clie...

Question 33/188

LEAVE A REPLY

Download PDF File