aiotestking uk

300-209 Exam Questions - Online Test


300-209 Premium VCE File

Learn More 100% Pass Guarantee - Dumps Verified - Instant Download
150 Lectures, 20 Hours

Q1. When troubleshooting established clientless SSL VPN issues, which three steps should be taken? (Choose three.) 

A. Clear the browser history. 

B. Clear the browser and Java cache. 

C. Collect the information from the computer event log. 

D. Enable and use HTML capture tools. 

E. Gather crypto debugs on the adaptive security appliance. 

F. Use Wireshark to capture network traffic. 

Answer: B,E,F 

Q2. Which VPN solution is best for a collection of branch offices connected by MPLS that frequenty make VoIP calls between branches? 

A. GETVPN 

B. Cisco AnyConnect 

C. site-to-site 

D. DMVPN 

Answer:

Q3. What are two variables for configuring clientless SSL VPN single sign-on? (Choose two.) 

A. CSCO_WEBVPN_OTP_PASSWORD 

B. CSCO_WEBVPN_INTERNAL_PASSWORD 

C. CSCO_WEBVPN_USERNAME 

D. CSCO_WEBVPN_RADIUS_USER 

Answer: B,C 

Q4. Refer to the exhibit. 

Which exchange does this debug output represent? 

A. IKE Phase 1 

B. IKE Phase 2 

C. symmetric key exchange 

D. certificate exchange 

Answer:

Q5. The following configuration steps have been completeD. 

. WebVPN was enabled on the ASA outside interface. 

. SSL VPN client software was loaded to the ASA. 

. A DHCP scope was configured and applied to a WebVPN Tunnel Group. 

What additional step is required if the client software fails to load when connecting to the ASA SSL page? 

A. The SSL client must be loaded to the client by an ASA administrator 

B. The SSL client must be downloaded to the client via FTP 

C. The SSL VPN client must be enabled on the ASA after loading 

D. The SSL client must be enabled on the client machine before loading 

Answer:

Q6. Which two statements comparing.ECC and RSA are true? (Choose two.) 

A. ECC can have the same security as RSA but with a shorter key size. 

B. ECC lags in performance when compared with RSA. 

C. Key generation in ECC is slower and less CPU intensive. 

D. ECC cannot have the same security as RSA, even with an increased key size. 

E. Key generation in ECC is faster and less CPU intensive. 

Answer: A,E 

Q7. Consider this scenario. When users attempt to connect via a Cisco AnyConnect VPN session, the certificate has changed and the connection fails. 

What is a possible cause of the connection failure? 

A. An invalid modulus was used to generate the initial key. 

B. The VPN is using an expired certificate. 

C. The Cisco ASA appliance was reloaded. 

D. The Trusted Root Store is configured incorrectly. 

Answer: