300-209無料問題集「Cisco Implementing Cisco Secure Mobility Solutions」

質問 1

Refer to the exhibit,

Which result of this command is true?

（A）Makes the router generate a certificate signing request

（B）It displays the RSA public keys of the Router

（C）Generates an RSA key called TRIALFOUR (

（D）It specifies self-signed enrollment for a trustpoint

正解：A 解答を投票する

質問 2

An internet-based VPN solution is being considered to replace an existing private WAN connecting remote office. A multimedia application is used that relies on multiple for communication. Which two VPN solutions meet the application's network requirement? (Choose two.)

（A）DMVPN

（B）AnyConnect VPN

（C）Crypto-map based site-to-site IPsec VPNs

（D）FlexVPN

（E）Group Encrypted Transport VPN

正解：A、D 解答を投票する

質問 3

What represents a possible network configuration issue in clientless SSI VPN deployments?

（A）The AnyConnect version is not up to date.

（B）NAT exemption has not been configured

（C）The SSL server public certificate is untrusted

（D）The VPN IP pool is exhausts

正解：C 解答を投票する

解説: (JPNTest メンバーにのみ表示されます)

質問 4

Refer to the exhibit.

A network administrator is running DMVPN with EIGRP, when
the administrator looks at the routing table on spoke 1 it displays a route to the hub only. Which command is missing on the hub router which includes spoke2 and spoke 3 in the spoke 1 routing table?

（A）No ip split-horizon eigrp 1

（B）Neighbor (ipaddress)

（C）No inverse arp

（D）Redistribute static

正解：A 解答を投票する

質問 5

Refer to the exhibit.

Which VPN solution does this configuration represent?

（A）DMVPN

（B）SSL VPN

（C）site-to-site

（D）Cisco AnyConnect (IKEv2)

正解：B 解答を投票する

質問 6

An engineer is configuring clientless SSL VPN . The finance department has a database server that only they should access,but the sales department can currently access it ,The finance and the sales departments are configured as separate group-policies.Which option must be added to the configuration to make sure the users in the sales department cannot access the finance department server?

（A）VPN filter ACL

（B）port forwarding

（C）tunnel group lock

（D）Webtype ACL

正解：D 解答を投票する

質問 7

An engineer is configuring SSL VPN for remote access. A real-time application that is sensitive to packet delays will be used. Which feature should the engineer confirm is enabled to avoid latency and bandwidth problem associated with SSL connections?

（A）DPD

（B）IKEv2

（C）SVC

（D）DTLS

正解：D 解答を投票する

解説: (JPNTest メンバーにのみ表示されます)

質問 8

Which two attributes can be matched from the identity of the remote peer when using IKEv2 Name Mangler?
(choose two)

（A）IP address

（B）Hostname

（C）Fqdn

（D）kerberos

（E）Email

正解：C、E 解答を投票する

質問 9

Where must an engineer configure a preshared key for site to site VPN tunnel configured on a Cisco ASA?

（A）isakmp policy

（B）group policy

（C）tunnel group

（D）crypto map

正解：C 解答を投票する

解説: (JPNTest メンバーにのみ表示されます)

質問 10

A Cisco AnyConnect client establishes a SSL VPN connection with an ASA at the corporate office.The client has not established a SSL VPN connection in some time .An engineer wants to make sure the client computer meets the enterpnse security policy .Which feature can update a client to meet an enterprose security policy?

（A）Basic Host Scan

（B）Endpoint Assessment

（C）Advanced Endpoint Assessment

（D）FirePOWER Advanced Malware Protection

正解：C 解答を投票する

質問 11

An engineer must set up a site-to site VPN implementation with an any-to-any topology that provides secure routing across the router backbone. Which VPN technology allows a shared IPSec SA to be used?

（A）DMVPN

（B）GET VPN

（C）FlexVPN

（D）IPsec VPN

正解：A 解答を投票する

質問 12

An engineer is attempting to establish a new site to site VPN connection. The tunnel terminates on an ASA 5506-X. The engineer notices that the tunnel is not establishing, Which option is a potential cause?

（A）Certificate were not configured

（B）NAT- traversal is not configured.

（C）DiffieHelman Group is not set.

（D）Access List were not applied.

正解：B 解答を投票する

質問 13

Which command clears all Cisco AnyConnect VPN sessions on a Cisco Adaptive Security Appliance?

（A）Vpn-sessiondb logoff I2I

（B）Clear crypto isakmp sa

（C）Vpn-sessiondb logoff webvpn

（D）Vpn-sessiondb logoff anyconnect

正解：D 解答を投票する

質問 14

A Cisco AnyConnect VPN user receives this message every 30 minutes.
Secure VPN Connection terminated locally by the Client. Reason 426: Maximum Configured Lifetime Exceeded Which configuration changes on the ASA firewall address this issue?

（A）ASA(config)# isakmp policy 1 lifetime 1800

（B）ASA(config)# isakmp policy 1 lifetime 0

（C）ASA(config)# clear crypto isakmp sa

（D）ASA(config)# clear crypto ipsec sa

正解：B 解答を投票する

300-209 無料問題集「Cisco Implementing Cisco Secure Mobility Solutions」

弊社を連絡する

関連リンク

トップ試験