how many questions of 300-209 braindumps?

Q1. Remote users want to access internal servers behind an ASA using Microsoft terminal services. Which option outlines the steps required to allow users access via the ASA clientless VPN portal? 

A. 1. Configure a static pat rule for TCP port 3389 

2. Configure an inbound access-list to allow traffic from remote users to the servers 

3. Assign this access-list rule to the group policy 

B. 1. Configure a bookmark of the type http:// server-IP :3389 

2. Enable Smart tunnel on this bookmark 

3. Assign the bookmark to the desired group policy 

C. 1. Configure a Smart Tunnel application list 

2. Add the rdp.exe process to this list 

3. Assign the Smart Tunnel application list to the desired group policy 

D. 1. Upload an RDP plugin to the ASA 

2. Configure a bookmark of the type rdp:// server-IP 

3. Assign the bookmark list to the desired group policy 

View Answer

Q2. What must be enabled in the web browser of the client computer to support Clientless SSL VPN? 

A. cookies 

B. ActiveX 

C. Silverlight 

D. popups 

View Answer

Q3. Which command is used to determine how many GMs have registered in a GETVPN environment? 

A. show crypto isakmp sa 

B. show crypto gdoi ks members 

C. show crypto gdoi gm 

D. show crypto ipsec sa 

E. show crypto isakmp sa count 

View Answer

Q4. Which configuration is used to build a tunnel between a Cisco ASA and ISR? 

A. crypto map 

B. DMVPN 

C. GET VPN 

D. GRE with IPsec 

E. GRE without IPsec 

View Answer

Q5. Which Cisco adaptive security appliance command can be used to view the IPsec PSK of a tunnel group in cleartext? 

A. more system:running-config 

B. show running-config crypto 

C. show running-config tunnel-group 

D. show running-config tunnel-group-map 

E. clear config tunnel-group 

F. show ipsec policy 

View Answer

Q6. A customer requires all traffic to go through a VPN. However, access to the local network is also required. Which two options can enable this configuration? (Choose two.) 

A. split exclude 

B. use of an XML profile 

C. full tunnel by default 

D. split tunnel 

E. split include 

View Answer

Q7. Which command clears all Cisco AnyConnect VPN sessions? 

A. vpn-sessiondb logoff anyconnect 

B. vpn-sessiondb logoff webvpn 

C. vpn-sessiondb logoff l2l 

D. clear crypto isakmp sa 

View Answer

Q8. A spoke has two Internet connections for failover. How can you achieve optimum failover without affecting any other router in the DMVPN cloud? 

A. Create another DMVPN cloud by configuring another tunnel interface that is sourced from the second ISP link. 

B. Use another router at the spoke site, because two ISP connections on the same router for the same hub is not allowed. 

C. Configure SLA tracking, and when the primary interface goes down, manually change the tunnel source of the tunnel interface. 

D. Create another tunnel interface with same configuration except the tunnel source, and configure the if-state nhrp and backup interface commands on the primary tunnel interface. 

View Answer

Q9. An IOS SSL VPN is configured to forward TCP ports. A remote user cannot access the corporate FTP site with a Web browser. What is a possible reason for the failure? 

A. The user's FTP application is not supported. 

B. The user is connecting to an IOS VPN gateway configured in Thin Client Mode. 

C. The user is connecting to an IOS VPN gateway configured in Tunnel Mode. 

D. The user's operating system is not supported. 

View Answer

Q10. Refer to the exhibit. 

Which VPN solution does this configuration represent? 

A. Cisco AnyConnect 

B. IPsec 

C. L2TP 

D. SSL VPN 

View Answer