Which three commands are included in the command show dmvpn detail? (Choose three.)
A.
show ip nhrp nhs
B.
show dmvpn
C.
show crypto session detail
D.
show crypto ipsec sa detail
E.
show crypto sockets
F.
show ip nhrp
Get 50% Discount on All Your Purchases
at PrepAway.com - Latest Exam Questions
This is ONE TIME OFFER
50%
22th/11/2017 New 300-209 Exam Questions and Answers Free Updated Today!
QUESTION
A network engineer must configure a now VPN tunnel Utilizing IKEv2 For with three reasons would a configuration use IKEv2 instead d KEv1? (Choose three.)
A. increased hash size
B. DOS protection
C. Preshared keys are used for authentication.
D. RSA-Sig used for authentication
E. native NAT traversal
F. asymmetric authentication
Answer: BCD
QUESTION
A network engineer is troubleshooting a site VPN tunnel configured on a Cisco ASA and wants to validate that the tunnel is sending and receiving traffic. Which command accomplishes this task?
A. show crypto ikev1 sa peer
B. show crypto ikev2 sa peer
C. show crypto ipsec sa peer
D. show crypto isakmp sa peer
Answer: C
QUESTION 242
When troubleshooting clientless SSL VPN connections, which option can be verified on the client PC?
A. address assignment
B. DHCP configuration
C. tunnel group attributes
D. host file misconfiguration
Answer: C
QUESTION
Which two commands are include in the command show dmvpn detail? (Choose two.)
A. Show ip nhrp
B. Show ip nhrp nhs
C. Show crypto ipsec sa detail
D. Show crypto session detail
E. Show crypto sockets
Answer: CE
QUESTION
An engineer has integrated a new DMVPN to link remote offices across the internet using Cisco IOS routers. When connecting to remote sites, pings and voice data appear to flow properly and all tunnel stats seem to show that are up. However, when trying to connect to a remote server using RDP, the connection fails. Which action resolves this issue?
A. Change DMVPN timeout values.
B. Adjust the MTU size within the routers.
C. Replace certificate on the RDP server.
D. Add RDP port to the extended ACL.
Answer: C
QUESTION
Which feature is a benefit of Dynamic Multipoint VPN?
A. geographic filtering of spoke devices
B. translation PAT
C. rotating wildcard preshared keys
D. dynamic spoke-to spoke tunnel establishment
Answer: D
QUESTION
An engineer has configured Cisco AnyConnect VPN using IKEv2 on a Cisco ISO router. The user cannot connect in the Cisco AnyConnect client, but receives an alert message “Use a browser to gain access.” Which action does the engineer take to eliminate this issue?
A. Reset user login credentials.
B. Disable the HTTP server.
C. Correct the URL address.
D. Connect using HTTPS.
Answer: C
QUESTION
Refer to the exhibit. A network administrator is running DMVPN with EIGRP, when the administrator looks at the routing table on spoken 1 it displays a route to the hub only.
Which command is missing on the hub router, which includes spoke 2 and spoke 3 in the spoke 1 routing table?
A. no inverse arp
B. neighbor (ip address)
C. no ip split-horizon egrp 1
D. redistribute static
Answer: A
QUESTION
Which algorithm provides both encryption and authentication for plane communication?
A. RC4
B. SHA-384
C. AES-256
D. SHA-96
E. 3DES
F. AES-GCM
Answer: F
More 2017 New 300-209 Questions PDF can read at here: https://drive.google.com/drive/folders/0B75b5xYLjSSNRkY3M21SbTdTNDg?usp=sharing
1
0
any one can provide update dumps…
0
0
2018/Jan new 300-209 Exam Questions Free Updated:
QUESTION 161
Which option describes what address preservation with IPsec Tunnel Mode allows when GETVPN is used?
A. stronger encryption methods
B. Network Address Translation of encrypted traffic
C. traffic management based on original source and destination addresses
D. Tunnel Endpoint Discovery
Answer: C
QUESTION 162
Which feature is available in IKEv1 but not IKEv2?
A. Layer 3 roaming
B. aggressive mode
C. EAP variants
D. sequencing
Answer: B
QUESTION 163
Which feature is enabled by the use of NHRP in a DMVPN network?
A. host routing with Reverse Route Injection
B. BGP multiaccess
C. host to NBMA resolution
D. EIGRP redistribution
Answer: C
QUESTION 164
Which statement about the hub in a DMVPN configuration with iBGP is true?
A. It must be a route reflector client.
B. It must redistribute EIGRP from the spokes.
C. It must be in a different AS.
D. It must be a route reflector.
Answer: D
QUESTION 165
Refer to the exhibit. Which technology is represented by this configuration?
A. AAA for FlexVPN
B. AAA for EzVPN
C. TACACS+ command authorization
D. local command authorization
Answer: A
QUESTION 166
Which command can you use to monitor the phase 1 establishment of a FlexVPN tunnel?
A. show crypto ipsec sa
B. show crypto isakmp sa
C. show crypto ikev2 sa
D. show ip nhrp
Answer: C
QUESTION 167
Which interface is managed by the VPN Access Interface field in the Cisco ASDM IPsec Site-to- Site VPN Wizard?
A. the local interface named “VPN_access”
B. the local interface configured with crypto enable
C. the local interface from which traffic originates
D. the remote interface with security level 0
Answer: B
QUESTION 168
You are troubleshooting a DMVPN NHRP registration failure. Which command can you use to view request counters?
A. show ip nhrp nhs detail
B. show ip nhrp tunnel
C. show ip nhrp incomplete
D. show ip nhrp incomplete tunnel tunnel_interface_number
Answer: A
QUESTION 169
Refer to the exhibit. What is the purpose of the given configuration?
A. Establishing a GRE tunnel.
B. Enabling IPSec to decrypt fragmented packets.
C. Resolving access issues caused by large packet sizes.
D. Adding the spoke to the routing table.
Answer: C
QUESTION 170
Which three commands are included in the command show dmvpn detail? (Choose three.)
A. show ip nhrp nhs
B. show dmvpn
C. show crypto session detail
D. show crypto ipsec sa detail
E. show crypto sockets
F. show ip nhrp
Answer: ABC
QUESTION 171
Refer to the exhibit. Which action is demonstrated by this debug output?
A. NHRP initial registration by a spoke.
B. NHRP registration acknowledgement by the hub.
C. Disabling of the DMVPN tunnel interface.
D. IPsec ISAKMP phase 1 negotiation.
Answer: A
And 2018 Latest Cisco 300-209 Exam Dumps with PDF and VCE Can be freely viewed at: https://www.braindump2go.com/300-209.html
1
0
“show dmvpn detail” returns the output of show ip nhrp nhs, show dmvpn,
and show crypto session detail
0
0