300-209 CCNP Security Implementing Cisco Solutions Exam

Attend this 300-209 CCNP Security Implementing Cisco Solutions Exam will get a Good Score 80% on Main Exam

Description

Sample Questions:

Which type of communication in a Flex VPN implementation uses an NHRP shortcut?

spoke to hub

spoke to spoke

hub to spoke

hub to hub

Which three configurations are prerequisites for state full failover for IPsec? (Choose three.)

Only the IKE configuration that is set up on the active device must be duplicated on the standby device; the IPsec configuration is copied automatically.

Only crypto map configuration that is set up on the active device must be duplicated on the standby device.

The IPsec configuration that is set up on the active device must be duplicated on the standby device.

The active and standby devices can run different versions of the Cisco IOS software but need to be the same type of device.

The active and standby devices must run the same version of the Cisco IOS software and should be the same type of device.

The IKE configuration that is set up on the active device must be duplicated on the standby device.

Which option is a required element of Secure Device Provisioning communications?

the introducer

the certificate authority

the requestor

the registration authority

Remote users want to access internal servers behind an ASA using Microsoft terminal services. Which option outlines the steps required to allow users access via the ASA clientless VPN portal?

1. Configure a static pat rule for TCP port 3389 2. Configure an inbound access-list to allow traffic from remote users to the servers 3. Assign this access-list rule to the group policy

1. Configure a bookmark of the type http:// server-IP :3389 2. Enable Smart tunnel on this bookmark 3. Assign the bookmark to the desired group policy

1. Configure a Smart Tunnel application list 2. Add the rdp.exe process to this list 3. Assign the Smart Tunnel application list to the desired group policy

1. Upload an RDP plugin to the ASA 2. Configure a bookmark of the type rdp:// server-IP 3. Assign the bookmark list to the desired group policy

Which two statements are true when designing a SSL VPN solution using Cisco AnyConnect? (Choose two.)

The VPN server must have a self-signed certificate.

A SSL group pre-shared key must be configured on the server.

Server side certificate is optional if using AAA for client authentication.

The VPN IP address pool can overlap with the rest of the LAN networks.

The VPN IP address pool can overlap with the rest of the LAN networks.

In the Diffie-Hellman protocol, which type of key is the shared secret?

a symmetric key

an asymmetric key

a decryption key

an encryption key

Which DAP endpoint attribute checks for the matching MAC address of a client machine?

device

process

antispyware

BIA

Who this course is for:

  • Those who want to get knowledge on Certifications & Check your Skill Test while attend this Practice Test

Tutorial Bar
Logo