Attend this 300-209 CCNP Security Implementing Cisco Solutions Exam will get a Good Score 80% on Main Exam
What you will learn
Strong Knowledge on 300-209 CCNP Security Implementing
Strong Knowledge on 300-209 CCNP Security Implementing Cisco
Strong Knowledge on 300-209 CCNP Security Implementing Cisco Solutions
Strong Knowledge on 300-209 CCNP Security Implementing Cisco Solutions Exam
Description
Sample Questions:
Which type of communication in a Flex VPN implementation uses an NHRP shortcut?
spoke to hub
spoke to spoke
hub to spoke
hub to hub
Which three configurations are prerequisites for state full failover for IPsec? (Choose three.)
Only the IKE configuration that is set up on the active device must be duplicated on the standby device; the IPsec configuration is copied automatically.
Only crypto map configuration that is set up on the active device must be duplicated on the standby device.
The IPsec configuration that is set up on the active device must be duplicated on the standby device.
The active and standby devices can run different versions of the Cisco IOS software but need to be the same type of device.
The active and standby devices must run the same version of the Cisco IOS software and should be the same type of device.
The IKE configuration that is set up on the active device must be duplicated on the standby device.
Which option is a required element of Secure Device Provisioning communications?
the introducer
the certificate authority
the requestor
the registration authority
Remote users want to access internal servers behind an ASA using Microsoft terminal services. Which option outlines the steps required to allow users access via the ASA clientless VPN portal?
1. Configure a static pat rule for TCP port 3389 2. Configure an inbound access-list to allow traffic from remote users to the servers 3. Assign this access-list rule to the group policy
1. Configure a bookmark of the type http:// server-IP :3389 2. Enable Smart tunnel on this bookmark 3. Assign the bookmark to the desired group policy
1. Configure a Smart Tunnel application list 2. Add the rdp.exe process to this list 3. Assign the Smart Tunnel application list to the desired group policy
1. Upload an RDP plugin to the ASA 2. Configure a bookmark of the type rdp:// server-IP 3. Assign the bookmark list to the desired group policy
Which two statements are true when designing a SSL VPN solution using Cisco AnyConnect? (Choose two.)
The VPN server must have a self-signed certificate.
A SSL group pre-shared key must be configured on the server.
Server side certificate is optional if using AAA for client authentication.
The VPN IP address pool can overlap with the rest of the LAN networks.
The VPN IP address pool can overlap with the rest of the LAN networks.
In the Diffie-Hellman protocol, which type of key is the shared secret?
a symmetric key
an asymmetric key
a decryption key
an encryption key
Which DAP endpoint attribute checks for the matching MAC address of a client machine?
device
process
antispyware
BIA