Vendor Name: Cisco
Exam code: 300-209
Exam Name: Implementing Cisco Secure Mobility Solutions (SIMOS)
Click the link below to get full version
http://www.certifyguide.com/exam/300-209/
Question: 1
|
Which two are characteristics
of GETVPN? (Choose two.)
A. The IP header of the
encrypted packet is preserved
B. A key server is elected
among all configured Group Members
C. Unique encryption keys are
computed for each Group Member
D. The same key encryption and
traffic encryption keys are distributed to all Group Members
Answer: A, D
|
Question: 2
|
A company has decided to
migrate an existing IKEv1 VPN tunnel to IKEv2. Which two are valid
configuration constructs on a Cisco IOS router? (Choose two.)
A. crypto ikev2 keyring
keyring-name
peer peer1
address 209.165.201.1 255.255.255.255
pre-shared-key local key1
pre-shared-key remote key2
B. crypto ikev2 transform-set
transform-set-name
esp-3des esp-md5-hmac
esp-aes esp-sha-hmac
C. crypto ikev2 map
crypto-map-name
set crypto ikev2 tunnel-group
tunnel-group-name
set crypto ikev2 transform-set
transform-set-name
D. crypto ikev2 tunnel-group
tunnel-group-name
match identity remote address 209.165.201.1
authentication local pre-share
authentication remote pre-share
E. crypto ikev2 profile
profile-name
match identity remote address 209.165.201.1
authentication local pre-share
authentication remote pre-share
Answer: A, E
|
Question: 3
|
Which four activities does the
Key Server perform in a GETVPN deployment? (Choose four.)
A. authenticates group members
B. manages security policy
C. creates group keys
D. distributes policy/keys
E. encrypts endpoint traffic
F. receives policy/keys
G. defines group members
Answer: A, B, C, D
|
Question: 4
|
Where is split-tunneling
defined for remote access clients on an ASA?
A. Group-policy
B. Tunnel-group
C. Crypto-map
D. Web-VPN Portal
E. ISAKMP client
Answer: A
|
Question: 5
|
Which of the following could
be used to configure remote access VPN Host-scan and pre-login policies?
A. ASDM
B. Connection-profile CLI command
C. Host-scan CLI command under
the VPN group policy
D. Pre-login-check CLI command
Answer: A
|
Question: 6
|
In FlexVPN, what command can
an administrator use to create a virtual template interface that can be
configured and applied dynamically to create virtual access interfaces?
A. interface virtual-template
number type template
B. interface virtual-template
number type tunnel
C. interface template number
type virtual
D. interface tunnel-template
number
Answer: B
|