300-209 - Implementing Cisco Secure Mobility Solutions (SIMOS)

Go back to Cisco

Exam FAQ

How many questions are there on the 300-209 exam? How long is the 300-209 exam? How much does the 300-209 exam cost? What is the best way to study for the 300-209 exam?

Example Questions

Which NGE IKE Diffie-Hellman group identifier has the strongest cryptographic properties? Which Cisco ASDM option configures forwarding syslog messages to email? Which two troubleshooting steps should be taken when Cisco AnyConnect cannot establish an IKEv2 connection, while SSL works fine? (Choose two.) A company has decided to migrate an existing IKEv1 VPN tunnel to IKEv2. Which two are valid configuration constructs on a Cisco IOS router? (Choose two.) A user with IP address 10.10.10.10 is unable to access a HTTP website at IP address 209.165.200.225 through a Cisco ASA. Which two features and commands will help troubleshoot the issue? (Choose two.) Which two are characteristics of GETVPN? (Choose two.) What are two forms of SSL VPN? (Choose two.) Which Cisco IPS signature parameter cannot be edited using IDM? What does NHRP stand for? Which command clears all crypto configuration from a Cisco Adaptive Security Appliance? In FlexVPN, what command can an administrator use to create a virtual template interface that can be configured and applied dynamically to create virtual access interfaces? You are troubleshooting a site-to-site VPN issue where the tunnel is not establishing. After issuing the debug crypto isakmp command on the headend router, you see the following output. What does this output suggest? 1d00h: ISAKMP (0:1): atts are not acceptable. Next payload is 0 1d00h: ISAKMP (0:1); no offers accepted! 1d00h: ISAKMP (0:1): SA not acceptable! 1d00h: %CRYPTO-6-IKMP_MODE_FAILURE. Processing of Main Mode failed with peer at 10.10.10.10 Which Cisco adaptive security appliance command can be used to view the count of all active VPN sessions? Which cryptographic algorithms are approved to protect Top Secret information? Which encryption and authentication algorithms does Cisco recommend when deploying a Cisco NGE supported VPN solution? Which two statements are true regarding the Cisco IPS appliance traffic normalizer? (Choose two.) Which technology is FlexVPN based on? In the Cisco ASDM interface, where do you enable the DTLS protocol setting? Which command configures IKEv2 symmetric identity authentication? Which application does the Application Access feature of Clientless VPN support? With Cisco ASA active/standby failover, what is needed to enable subsecond failover? Which of the following could be used to configure remote access VPN Host-scan and pre-login policies? Which command enables IOS SSL VPN Smart Tunnel support for PuTTY? In Cisco IDM, the Configuration > Sensor Setup > SSH > Known Host Keys screen is used for what purpose? Which Cisco ASDM option configures WebVPN access on a Cisco ASA? Which cryptographic algorithms are a part of the Cisco NGE suite? Which option describes the purpose of the shared argument in the DMVPN interface command tunnel protection IPsec profile ProfileName shared? Which command will prevent a group policy from inheriting a filter ACL in a clientless SSL VPN? Which technology can rate-limit the number of tunnels on a DMVPN hub when system utilization is above a specified percentage? Which technology supports tunnel interfaces while remaining compatible with legacy VPN implementations? Which is used by GETVPN, FlexVPN and DMVPN? Which statement is true when implementing a router with a dynamic public IP address in a crypto map based site-to-site VPN? Which technology must be installed on the client computer to enable users to launch applications from a Clientless SSL VPN? Which two GDOI encryption keys are used within a GET VPN network? (Choose two.) Which two cryptographic technologies are recommended for use with FlexVPN? (Choose two.) Refute users want to access internal servers behind an ASA using Microsoft terminal services. Which option outlines the steps required to allow users access via the ASA clientless VPN portal? When Cisco ASA applies VPN permissions, what is the first set of attributes that it applies? Which access rule is disabled automatically after the global access list has been defined and applied? Which command specifies the path to the Host Scan package in an ASA AnyConnect VPN? What is the default storage location of user-level bookmarks in an IOS clientless SSL VPN? Numerous attacks using duplicate packets, changed packets, or out-of-order packets are able to successfully evade and pass through the Cisco IPS appliance when it is operating in inline mode. What could be causing this problem? An internet-based VPN solution is being considered to replace an existing private WAN connecting remote offices. A multimedia application is used that relies on multicast for communication. Which two VPN solutions meet the application's network requirement? (Choose two.) Which statement describes a prerequisite for single-sign-on Netegrity Cookie Support in an IOC SSL VPN? On Cisco ASA Software Version 8.4.1 and later, which three EtherChannel modes are supported? (Choose three.) By default, which access rule is applied inbound to the inside interface? Which algorithm is replaced by elliptic curve cryptography in Cisco NGE? In the Diffie-Hellman protocol, which type of key is the shared secret? Which IKEv2 feature minimizes the configuration of a FlexVPN on Cisco IOS devices? Which command simplifies the task of converting an SSL VPN to an IKEv2 VPN on a Cisco ASA appliance that has an invalid IKEv2 configuration? Which two types of authentication are supported when you use Cisco ASDM to configure site-to- site IKEv2 with IPv6? (Choose two.)