Passed Cisco 300-209 Exam with Pass4sure and Lead2pass PDF & VCE (41-50)

19 Jun

QUESTION 41
Guaranteed success with TestInsides practice guides 22 Cisco 300-209 : Practice Test
Which NGE IKE Diffie-Hellman group identifier has the strongest cryptographic properties?

A.    group 20
B.    group 24
C.    group 5
D.    group 20

Answer: D

QUESTION 42
What is the Cisco recommended TCP maximum segment on a DMVPN tunnel interface when the MTU is set to 1400 bytes?

A.    1160 bytes
B.    1260 bytes
C.    1360 bytes
D.    1240 bytes

Answer: C

QUESTION 43
Which technology does a multipoint GRE interface require to resolve endpoints?

A.    ESP
B.    dynamic routing
C.    NHRP
D.    CEF
E.    IPSec

Answer: C

QUESTION 44
Which two cryptographic technologies are recommended for use with FlexVPN? (Choose two.)

A.    SHA (HMAC variant)
B.    Diffie-Hellman
C.    DES
D.    MD5 (HMAC variant)

Answer: AB

QUESTION 45
Which command configures IKEv2 symmetric identity authentication?

A.    match identity remote address 0.0.0.0
B.    authentication local pre-share
C.    authentication pre-share
D.    authentication remote rsa-sig

Answer: D

QUESTION 46
Which two examples of transform sets are contained in the IKEv2 default proposal? (Choose two.)

A.    aes-cbc-192, sha256, 14
B.    3des, md5, 5
C.    3des, sha1, 1
D.    aes-cbc-128, sha, 5

Answer: BD

QUESTION 47
What is the default storage location of user-level bookmarks in an IOS clientless SSL VPN?

A.    disk0:/webvpn/{context name}/
B.    disk1:/webvpn/{context name}/
C.    flash:/webvpn/{context name}/
D.    nvram:/webvpn/{context name}/

Answer: C

QUESTION 48
Which command will prevent a group policy from inheriting a filter ACL in a clientless SSL VPN?

A.    vpn-filter none
B.    no vpn-filter
C.    filter value none
D.    filter value ACLname

Answer: C

QUESTION 49
Which command specifies the path to the Host Scan package in an ASA AnyConnect VPN?

A.    csd hostscan path image
B.    csd hostscan image path
C.    csd hostscan path
D.    hostscan image path

Answer: B

QUESTION 50
Hotspot Questions
image

image

image

When a tunnel is initiated by the headquarter ASA, which one of the following Diffie- Hellman groups is selected by the headquarter ASA during CREATE_CHILD_SA exchange?

A.    1
B.    2
C.    5
D.    14
E.    19

Answer: C
Explanation:
Traffic initiated by the HQ ASA is assigned to the static outside crypto map, which shown below to use DH group 5.

 

image

If you want to pass Cisco 300-209 successfully, donot missing to read latest lead2pass Cisco 300-209 exam questions.
If you can master all lead2pass questions you will able to pass 100% guaranteed.

http://www.lead2pass.com/300-209.html

Why Choose Lead2pass?

If you want to pass the exam successfully in first attempt you have to choose the best IT study material provider, in my opinion, Lead2pass is one of the best way to prepare for the exam.

Lead2pass Testking Pass4sure Actualtests Others
$99.99 $124.99 $125.99 $189 $29.99-$49.99
Up-to-Dated
Real Questions
Error Correction
Printable PDF
Premium VCE
VCE Simulator
One Time Purchase
Instant Download
Unlimited Install
100% Pass Guarantee
100% Money Back