CISCO NEWS: 300-209 Exam Questions has been Updated Today! Get Latest 300-209 VCE and 300-209 PDF Instantly! Welcome to Download the Newest Braindump2go 300-209 VCE&300-209 PDF Dumps: http://www.braindump2go.com/300-209.html (198 Q&As)
Exam Code: 300-209
Exam Name: Implementing Cisco Secure Mobility Solutions
Certification Provider: Cisco
300-209 Dumps,300-209 PDF,300-209 VCE,300-209 Study Guide,300-209 Book,300-209 Exam Questions,300-209 Braindump,300-209 Practice Exam,300-209 Practice Test,300-209 eBook,300-209 Implementing Cisco Secure Mobility Solutions

QUESTION 161
Which option describes what address preservation with IPsec Tunnel Mode allows when GETVPN is used?
A.    stronger encryption methods
B.    Network Address Translation of encrypted traffic
C.    traffic management based on original source and destination addresses
D.    Tunnel Endpoint Discovery
Answer: C
QUESTION 162
Which feature is available in IKEv1 but not IKEv2?
A.    Layer 3 roaming
B.    aggressive mode
C.    EAP variants
D.    sequencing
Answer: B
QUESTION 163
Which feature is enabled by the use of NHRP in a DMVPN network?
A.    host routing with Reverse Route Injection
B.    BGP multiaccess
C.    host to NBMA resolution
D.    EIGRP redistribution
Answer: C
QUESTION 164
Which statement about the hub in a DMVPN configuration with iBGP is true?
A.    It must be a route reflector client.
B.    It must redistribute EIGRP from the spokes.
C.    It must be in a different AS.
D.    It must be a route reflector.
Answer: D
QUESTION 166
Which command can you use to monitor the phase 1 establishment of a FlexVPN tunnel?
A.    show crypto ipsec sa
B.    show crypto isakmp sa
C.    show crypto ikev2 sa
D.    show ip nhrp
Answer: C
QUESTION 167
Which interface is managed by the VPN Access Interface field in the Cisco ASDM IPsec Site-to- Site VPN Wizard?
A.    the local interface named “VPN_access”
B.    the local interface configured with crypto enable
C.    the local interface from which traffic originates
D.    the remote interface with security level 0
Answer: B
QUESTION 168
You are troubleshooting a DMVPN NHRP registration failure. Which command can you use to view request counters?
A.    show ip nhrp nhs detail
B.    show ip nhrp tunnel
C.    show ip nhrp incomplete
D.    show ip nhrp incomplete tunnel tunnel_interface_number
Answer: A
QUESTION 170
Which three commands are included in the command show dmvpn detail? (Choose three.)
A.    show ip nhrp nhs
B.    show dmvpn
C.    show crypto session detail
D.    show crypto ipsec sa detail
E.    show crypto sockets
F.    show ip nhrp
Answer: ABC
QUESTION 172
Which option describes the purpose of the command show derived-config interface virtual-access 1?
A.    It verifies that the virtual access interface is cloned correctly with per-user attributes.
B.    It verifies that the virtual template created the tunnel interface.
C.    It verifies that the virtual access interface is of type Ethernet.
D.    It verifies that the virtual access interface is used to create the tunnel interface.
Answer: A
QUESTION 173
Which two RADIUS attributes are needed for a VRF-aware FlexVPN hub? (Choose two.)
A.    ip:interface-config=ip unnumbered loobackn
B.    ip:interface-config=ip vrf forwarding ivrf
C.    ip:interface-config=ip src route
D.    ip:interface-config=ip next hop
E.    ip:interface-config=ip neighbor 0.0.0.0
Answer: AB
QUESTION 174
Which functionality is provided by L2TPv3 over FlexVPN?
A.    the extension of a Layer 2 domain across the FlexVPN
B.    the extension of a Layer 3 domain across the FlexVPN
C.    secure communication between servers on the FlexVPN
D.    a secure backdoor for remote access users through the FlexVPN
Answer: A
QUESTION 175
When you troubleshoot Cisco AnyConnect, which step does Cisco recommend before you open a TAC case?
A.    Show applet Lifecycle exceptions.
B.    Disable cookies.
C.    Enable the WebVPN cache.
D.    Collect a DART bundle.
Answer: D
FREE DOWNLOAD: NEW UPDATED 300-209 PDF Dumps & 300-209 VCE Dumps from Braindump2go: http://www.braindump2go.com/300-209.html (198 Q&A)
