300-209 Exam Questions - Online Test
300-209 Premium VCE File
150 Lectures, 20 Hours
Q1. When troubleshooting established clientless SSL VPN issues, which three steps should be taken? (Choose three.)
A. Clear the browser history.
B. Clear the browser and Java cache.
C. Collect the information from the computer event log.
D. Enable and use HTML capture tools.
E. Gather crypto debugs on the adaptive security appliance.
F. Use Wireshark to capture network traffic.
Answer: B,E,F
Q2. Which VPN solution is best for a collection of branch offices connected by MPLS that frequenty make VoIP calls between branches?
A. GETVPN
B. Cisco AnyConnect
C. site-to-site
D. DMVPN
Answer: A
Q3. What are two variables for configuring clientless SSL VPN single sign-on? (Choose two.)
A. CSCO_WEBVPN_OTP_PASSWORD
B. CSCO_WEBVPN_INTERNAL_PASSWORD
C. CSCO_WEBVPN_USERNAME
D. CSCO_WEBVPN_RADIUS_USER
Answer: B,C
Q4. Refer to the exhibit.
Which exchange does this debug output represent?
A. IKE Phase 1
B. IKE Phase 2
C. symmetric key exchange
D. certificate exchange
Answer: A
Q5. The following configuration steps have been completeD.
. WebVPN was enabled on the ASA outside interface.
. SSL VPN client software was loaded to the ASA.
. A DHCP scope was configured and applied to a WebVPN Tunnel Group.
What additional step is required if the client software fails to load when connecting to the ASA SSL page?
A. The SSL client must be loaded to the client by an ASA administrator
B. The SSL client must be downloaded to the client via FTP
C. The SSL VPN client must be enabled on the ASA after loading
D. The SSL client must be enabled on the client machine before loading
Answer: C
Q6. Which two statements comparing.ECC and RSA are true? (Choose two.)
A. ECC can have the same security as RSA but with a shorter key size.
B. ECC lags in performance when compared with RSA.
C. Key generation in ECC is slower and less CPU intensive.
D. ECC cannot have the same security as RSA, even with an increased key size.
E. Key generation in ECC is faster and less CPU intensive.
Answer: A,E
Q7. Consider this scenario. When users attempt to connect via a Cisco AnyConnect VPN session, the certificate has changed and the connection fails.
What is a possible cause of the connection failure?
A. An invalid modulus was used to generate the initial key.
B. The VPN is using an expired certificate.
C. The Cisco ASA appliance was reloaded.
D. The Trusted Root Store is configured incorrectly.
Answer: C
- [2021-New] Cisco 200-355 Dumps With Update Exam Questions (131-140)
- [2021-New] Cisco 300-209 Dumps With Update Exam Questions (61-70)
- [2021-New] Cisco 300-320 Dumps With Update Exam Questions (31-40)
- The Secret Of Cisco 700-680 Practice
- [2021-New] Cisco 300-320 Dumps With Update Exam Questions (21-30)
- What Free 300-615 Preparation Is
- [2021-New] Cisco 300-070 Dumps With Update Exam Questions (6-15)
- [2021-New] Cisco 210-451 Dumps With Update Exam Questions (11-20)
- [2021-New] Cisco 200-310 Dumps With Update Exam Questions (21-30)
- Practical 200-155 Training Tools 2021