Valid 300-209 Dumps shared by ExamDiscuss.com for Helping Passing 300-209 Exam! ExamDiscuss.com now offer the newest 300-209 exam dumps, the ExamDiscuss.com 300-209 exam questions have been updated and answers have been corrected get the newest ExamDiscuss.com 300-209 dumps with Test Engine here:
Access 300-209 Dumps Premium Version
(180 Q&As Dumps, 35%OFF Special Discount Code: freecram)
<< Prev Question Next Question >>
Question 40/189
Scenario:
You are the senior network security administrator for your organization. Recently and junior engineer configured a site-to-site IPsec VPN connection between your headquarters Cisco ASA and a remote branch office.
You are now tasked with verifying the IKEvl IPsec installation to ensure it was properly configured according to designated parameters. Using the CLI on both the Cisco ASA and branch ISR, verify the IPsec configuration is properly configured between the two sites.
NOTE: the show running-config command cannot be used for this exercise.
Topology:
Which transform set is being used on the branch ISR?
You are the senior network security administrator for your organization. Recently and junior engineer configured a site-to-site IPsec VPN connection between your headquarters Cisco ASA and a remote branch office.
You are now tasked with verifying the IKEvl IPsec installation to ensure it was properly configured according to designated parameters. Using the CLI on both the Cisco ASA and branch ISR, verify the IPsec configuration is properly configured between the two sites.
NOTE: the show running-config command cannot be used for this exercise.
Topology:
Which transform set is being used on the branch ISR?
Correct Answer: B
Explanation/Reference:
Explanation:
This can be seen from the "show crypto ipsec sa" command as shown below:
Explanation:
This can be seen from the "show crypto ipsec sa" command as shown below:
- Question List (189q)
- Question 1: (Exhibit) A network administrator is running DMVPN with EIGR...
- Question 2: Which two command are included in the command show dmvpn det...
- Question 3: The following configuration steps have been completeD. WebVP...
- Question 4: An engineer is troubleshooting a DMVPN spoke router and sees...
- Question 5: Which equation describes an elliptic curve?...
- Question 6: Which two cryptographic technologies are recommended for use...
- Question 7: What URL do you use to download a packet capture file in a f...
- Question 8: What are two benefits of DMVPN Phase 3? (Choose two.)...
- Question 9: Refer to the exhibit. (Exhibit) Which type of VPN is being c...
- Question 10: Scenario: You are the senior network security administrator ...
- Question 11: (Exhibit) Based on the provided ASDM configuration for the r...
- Question 12: If Web VPN bookmarks are grayed out on the home screen, whic...
- Question 13: Refer to the exhibit. (Exhibit) A new NOC engineer, while vi...
- Question 14: Which protocol supports high availability in a Cisco IOS SSL...
- Question 15: Which cryptographic algorithms are a part of the Cisco NGE s...
- Question 16: Refer to the exhibit. (Exhibit) A junior network engineer co...
- Question 17: Which command can be used to troubleshoot an IPv6 FlexVPN sp...
- Question 18: Which adaptive security appliance command can be used to see...
- Question 19: Refer to the exhibit. (Exhibit) Which authentication method ...
- Question 20: (Exhibit) Refer to the exhibit. In this tunnel mode GRE mult...
- Question 21: Refer to the exhibit. (Exhibit) Which VPN solution does this...
- Question 22: Which statement about the hub in a DMVPN configuration with ...
- Question 23: Which command clears all Cisco AnyConnect VPN sessions on a ...
- Question 24: A temporary worker must use clientless SSL VPN with an SSH p...
- Question 25: Which two statements regarding IKEv2 are true per RFC 4306? ...
- Question 26: Which technology supports tunnel interfaces while remaining ...
- Question 27: An administrator desires that when work laptops are not conn...
- Question 28: Scenario: You are the senior network security administrator ...
- Question 29: Refer to the exhibit. (Exhibit) Which VPN solution does this...
- Question 30: Which statement regarding GET VPN is true?...
- Question 31: (Exhibit) Refer to the exhibit. VPN load balancing provides ...
- Question 32: (Exhibit) Refer to the exhibit. Client 1 cannot communicate ...
- Question 33: Which protocol must be enabled on the inside interface to us...
- Question 34: Which technology can rate-limit the number of tunnels on a D...
- Question 35: An administrator received a report that a user cannot connec...
- Question 36: Refer to the exhibit. (Exhibit) Which action is demonstrated...
- Question 37: Which feature do you include in a highly available system to...
- Question 38: An administrator wishes to limit the networks reachable over...
- Question 39: When troubleshooting clientless SSL VPN connections, which c...
- Question 40: Scenario: You are the senior network security administrator ...
- Question 41: Which three types of web resources or protocols are enabled ...
- Question 42: Which command clears all crypto configuration from a Cisco A...
- Question 43: A spoke has two Internet connections for failover. How can y...
- Question 44: What is the Cisco recommended TCP maximum segment on a DMVPN...
- Question 45: Which protocol can be used for better throughput performance...
- Question 46: Which two technologies are considered to be Suite B cryptogr...
- Question 47: Which option describes the purpose of the shared argument in...
- Question 48: Which two operational advantages does GetVPN offer over site...
- Question 49: After completing a site-to-site VPN setup between two router...
- Question 50: A custom desktop application needs to access an internal ser...
- Question 51: Which type of NHRP packet is unique to Phase 3 DMVPN topolog...
- Question 52: An engineer has configured Cisco AnyConnect VPN using IKEv2 ...
- Question 53: When troubleshooting established clientless SSL VPN issues, ...
- Question 54: Which protocol does DTLS use for its transport?...
- Question 55: Which statement is correct concerning the trusted network de...
- Question 56: You have been using pre-shared keys for IKE authentication o...
- Question 57: A Cisco IOS SSL VPN gateway is configured to operate in clie...
- Question 58: Refer to the exhibit. (Exhibit) You executed the show crypto...
- Question 59: An engineer is configuring an IPsec VPN with IKEv2. Which th...
- Question 60: Which is used by GETVPN, FlexVPN and DMVPN?...
- Question 61: Which option describes what address preservation with IPsec ...
- Question 62: What does NHRP stand for?
- Question 63: A customer requires all traffic to go through a VPN. However...
- Question 64: Refer to the exhibit. (Exhibit) An administrator is adding I...
- Question 65: Using the Next Generation Encryption technologies, which is ...
- Question 66: Which Cisco adaptive security appliance command can be used ...
- Question 67: Which two are features of GETVPN but not DMVPN and FlexVPN? ...
- Question 68: Which option is a possible solution if you cannot access a U...
- Question 69: Refer to the exhibit. (Exhibit) Which two statements about t...
- Question 70: Which type of communication in a FlexVPN implementation uses...
- Question 71: Instructions Enter CLI commands on the ASA and Branch router...
- Question 72: Refer to the exhibit. (Exhibit) A new NOC engineer is troubl...
- Question 73: Which command enables the router to form EIGRP neighbor adja...
- Question 74: Refer to the exhibit. (Exhibit) The customer needs to launch...
- Question 75: Refer to the exhibit. (Exhibit) Which type of mismatch is ca...
- Question 76: Which interface is managed by the VPN Access Interface field...
- Question 77: Which protocols does the Cisco AnyConnect client use to buil...
- Question 78: Which encryption and authentication algorithms does Cisco re...
- Question 79: (Exhibit) After implementing the IKEv2 tunnel, it was observ...
- Question 80: Your corporate finance department purchased a new non-web-ba...
- Question 81: Scenario: You are the senior network security administrator ...
- Question 82: Which alogrithm is an example of asymmetric encryption?...
- Question 83: Refer to the exhibit. (Exhibit) Which technology is represen...
- Question 84: Which two statements comparing ECC and RSA are true? (Choose...
- Question 85: Refer to the exhibit. (Exhibit) A customer cannot establish ...
- Question 86: Which Cisco adaptive security appliance command can be used ...
- Question 87: Refer to the exhibit. (Exhibit) You have implemented an SSL ...
- Question 88: Which functionality is provided by L2TPv3 over FlexVPN?...
- Question 89: Which hash algorithm is required to protect classified infor...
- Question 90: When you configure IPsec VPN High Availability Enhancements,...
- Question 91: Which technology must be installed on the client computer to...
- Question 92: Which feature enforces the corporate policy for Internet acc...
- Question 93: Refer to the exhibit. (Exhibit) Which two characteristics of...
- Question 94: Which feature is available in IKEv1 but not IKEv2?...
- Question 95: In DMVPN phase 2, which two EIGRP features need to be disabl...
- Question 96: Refer to the exhibit. (Exhibit) What technology does the giv...
- Question 97: Which NGE IKE Diffie-Hellman group identifier has the strong...
- Question 98: Refer to the exhibit. (Exhibit) The IKEv2 tunnel between Rou...
- Question 99: (Exhibit) When a tunnel is initiated by the headquarter ASA,...
- Question 100: An IOS SSL VPN is configured to forward TCP ports. A remote ...
- Question 101: Which three changes must be made to migrate from DMVPN Phase...
- Question 102: Refer to the exhibit. (Exhibit) The network administrator is...
- Question 103: Instructions Enter CLI commands on the ASA and Branch router...
- Question 104: Which command configures IKEv2 symmetric identity authentica...
- Question 105: Which option describes the purpose of the command show deriv...
- Question 106: Which two types of authentication are supported when you use...
- Question 107: An engineer has integrated a new DMVPN to link remote office...
- Question 108: Which technology does a multipoint GRE interface require to ...
- Question 109: Refer to the exhibit. (Exhibit) The ABC Corporation is chang...
- Question 110: A user is experiencing issues connecting to a Cisco AnyConne...
- Question 111: Which transform set is contained in the IKEv2 default propos...
- Question 112: Which DAP endpoint attribute checks for the matching MAC add...
- Question 113: Which Cisco firewall platform supports Cisco NGE?...
- Question 114: What is a valid reason for configuring a list of backup serv...
- Question 115: Refer to the exhibit. (Exhibit) An administrator had the abo...
- Question 116: Which are two main use cases for Clientless SSL VPN? (Choose...
- Question 117: Remote users want to access internal servers behind an ASA u...
- Question 118: Which command will prevent a group policy from inheriting a ...
- Question 119: When attempting to tunnel FTP traffic through a stateful fir...
- Question 120: An engineer notices that while an employee is connected remo...
- Question 121: When an IPsec SVTI is configured, which technology processes...
- Question 122: What action does the hub take when it receives a NHRP resolu...
- Question 123: On which Cisco platform are dynamic virtual template interfa...
- Question 124: Which PKI enrollment method allows the user to separate auth...
- Question 125: Which technology is FlexVPN based on?...
- Question 126: When you troubleshoot Cisco AnyConnect, which step does Cisc...
- Question 127: Refer to the exhibit. (Exhibit) Which statement about the gi...
- Question 128: As network consultant, you are asked to suggest a VPN techno...
- Question 129: Refer to the exhibit. (Exhibit) Which exchange does this deb...
- Question 130: Which three configurations are prerequisites for stateful fa...
- Question 131: Which command is used to determine how many GMs have registe...
- Question 132: Refer to the exhibit. (Exhibit) The "level_2" digital certif...
- Question 133: Where do you configure AnyConnect certificate-based authenti...
- Question 134: Which feature is enabled by the use of NHRP in a DMVPN netwo...
- Question 135: Which command clears all Cisco AnyConnect VPN sessions?...
- Question 136: Which command specifies the path to the Host Scan package in...
- Question 137: Which three parameters must match on all routers in a DMVPN ...
- Question 138: Which three configuration parameters are mandatory for an IK...
- Question 139: Refer to the exhibit. (Exhibit) Which technology does this c...
- Question 140: Which group-policy subcommand installs the Diagnostic AnyCon...
- Question 141: Which two changes must be made to migrate from DMVPN Phase 2...
- Question 142: Refer to the exhibit. (Exhibit) Which type of VPN implementa...
- Question 143: You are troubleshooting a site-to-site VPN issue where the t...
- Question 144: In the Diffie-Hellman protocol, which type of key is the sha...
- Question 145: A network engineer is troubleshooting a site-to-site VPN tun...
- Question 146: Which algorithm provides both encryption and authentication ...
- Question 147: Refer to the exhibit. The IKEv2 site-to-site VPN tunnel betw...
- Question 148: Which three commands are included in the command show dmvpn ...
- Question 149: An engineer wants to ensure that employees cannot access cor...
- Question 150: Which benefit of FlexVPN is not offered by DMVPN using IKEv1...
- Question 151: (Exhibit) If the IKEv2 tunnel were to establish successfully...
- Question 152: Refer to the exhibit. What is the problem with the IKEv2 sit...
- Question 153: Refer to the exhibit. (Exhibit) While configuring a site-to-...
- Question 154: Refer to the exhibit. (Exhibit) The customer can establish a...
- Question 155: A rogue static route is installed in the routing table of a ...
- Question 156: Refer to the exhibit. (Exhibit) A NOC engineer needs to tune...
- Question 157: Which two RADIUS attributes are needed for a VRF-aware FlexV...
- Question 158: Which statement about plug-ins is false?...
- Question 159: Which configuration construct must be used in a FlexVPN tunn...
- Question 160: A user is trying to connect to a Cisco IOS device using clie...
- Question 161: Refer to the exhibit. (Exhibit) An IPsec peer is exchanging ...
- Question 162: Which two statements about the Cisco ASA Clientless SSL VPN ...
- Question 163: Refer to the exhibit. (Exhibit) What is the purpose of the g...
- Question 164: After adding a remote-access IPsec tunnel via the VPN wizard...
- Question 165: Which IKEv2 feature minimizes the configuration of a FlexVPN...
- Question 166: Which two troubleshooting steps should be taken when Cisco A...
- Question 167: Which two parameters help to map a VPN session to a tunnel g...
- Question 168: A network engineer must configure a new VPN tunnel utilizing...
- Question 169: The Cisco AnyConnect client fails to connect via IKEv2 but w...
- Question 170: You are configuring a Cisco IOS SSL VPN gateway to operate w...
- Question 171: The Cisco AnyConnect client is unable to download an updated...
- Question 172: Which cryptographic algorithms are approved to protect Top S...
- Question 173: Which application does the Application Access feature of Cli...
- Question 174: (Exhibit) Which option shows the correct traffic selectors f...
- Question 175: Which algorithm is replaced by elliptic curve cryptography i...
- Question 176: Which feature is a benefit of Dynamic Multipoint VPN?...
- Question 177: Which command identifies an AnyConnect profile that was uplo...
- Question 178: What is the default storage location of user-level bookmarks...
- Question 179: You are troubleshooting a DMVPN NHRP registration failure. W...
- Question 180: Which two examples of transform sets are contained in the IK...
- Question 181: (Exhibit) Refer to the exhibit. An engineer encounters a deb...
- Question 182: Which VPN solution is best for a collection of branch office...
- Question 183: Which technology can provide high availability for an SSL VP...
- Question 184: Regarding licensing, which option will allow IKEv2 connectio...
- Question 185: Which two options are purposes of the key server in Cisco IO...
- Question 186: In which situation would you enable the Smart Tunnel option ...
- Question 187: (Exhibit) Refer to the exhibit. An engineer is troubleshooti...
- Question 188: Which command can you use to monitor the phase 1 establishme...
- Question 189: You are troubleshooting a site-to-site VPN issue where the t...
