★ Pass on Your First TRY ★ 100% Money Back Guarantee ★ Realistic Practice Exam Questions

Free Instant Download NEW 300-209 Exam Dumps (PDF & VCE):
Available on: https://www.certleader.com/300-209-dumps.html


Q1. Regarding licensing, which option will allow IKEv2 connections on the adaptive security appliance? 

A. AnyConnect Essentials can be used for Cisco AnyConnect IKEv2 connections. 

B. IKEv2 sessions are not licensed. 

C. The Advanced Endpoint Assessment license must be installed to allow Cisco AnyConnect IKEv2 sessions. 

D. Cisco AnyConnect Mobile must be installed to allow AnyConnect IKEv2 sessions. 

Answer:


Q2. Refer to the exhibit. 

Which type of mismatch is causing the problem with the IPsec VPN tunnel? 

A. PSK 

B. Phase 1 policy 

C. transform set 

D. crypto access list 

Answer:


Q3. What URL do you use to download a packet capture file in a format which can be used by a packet analyzer? 

A. ftp://<hostname>/capture/<capture_name>/ 

B. https://<asdm_enabled _interface:port>/<capture_name>/ 

C. https://<asdm_enabled_interface:port>/admin/capture/<capture_name>/pcap 

D. https://<hostname>/<capture_name>/pcap 

Answer:


Q4. Refer to the exhibit. 

The IKEv2 site-to-site VPN tunnel between two routers is down. Based on the debug output, which type of mismatch might be the problem? 

A. PSK 

B. crypto policy 

C. peer identity 

D. transform set 

Answer:


Q5. Which feature is available in IKEv1 but not IKEv2? 

A. Layer 3 roaming 

B. aggressive mode 

C. EAP variants 

D. sequencing 

Answer:


Q6. Which option is a required element of Secure Device Provisioning communications? 

A. the introducer 

B. the certificate authority 

C. the requestor 

D. the registration authority 

Answer:


Q7. Which hash algorithm is required to protect classified information? 

A. MD5 

B. SHA-1 

C. SHA-256 

D. SHA-384 

Answer:


Q8. Refer to the exhibit. 

You have implemented an SSL VPN as shown. Which type of communication takes place between the secure gateway R1 and the Cisco Secure ACS? 

A. HTTP proxy 

B. AAA 

C. policy 

D. port forwarding 

Answer:


Q9. Which algorithm provides both encryption and authentication for data plane communication? 

A. SHA-96 

B. SHA-384 

C. 3DES 

D. AES-256 

E. AES-GCM 

F. RC4 

Answer:


Q10. Refer to the exhibit. 

Which statement about the given IKE policy is true? 

A. The tunnel will be valid for 2 days, 88 minutes, and 00 seconds. 

B. It will use encrypted nonces for authentication. 

C. It has a keepalive of 60 minutes, checking every 5 minutes. 

D. It uses a 56-bit encryption algorithm. 

Answer: