[Free] 2018(July) Ensurepass Cisco 300-209 Dumps with VCE and PDF 31-40

Ensurepass.com : Ensure you pass the IT Exams
2018 July Cisco Official New Released 300-209
100% Free Download! 100% Pass Guaranteed!

Implementing Cisco Secure Mobility Solutions

Question No: 31

Which statement is correct concerning the trusted network detection (TND) feature?

  1. The Cisco AnyConnect 3.0 Client supports TND on Windows, Mac, and Linux platforms.

  2. With TND, one result of a Cisco Secure Desktop basic scan on an endpoint is to determine whether a device is a member of a trusted or an untrusted network.

  3. If enabled, and a CSD scan determines that a host is a member of an untrusted network, an administrator can configure the TND feature to prohibit an end user from launching the Cisco AnyConnect VPN Client.

  4. When the user is inside the corporate network, TND can be configured to automatically disconnect a Cisco AnyConnect session.

Answer: D Explanation:

http://www.cisco.com/en/US/docs/security/vpn_client/anyconnect/anyconnect25/administrat ion/guide/ac03features.html

Trusted Network Detection

Trusted Network Detection (TND) gives you the ability to have AnyConnect automatically disconnect a VPN connection when the user is inside the corporate network (the trusted network) and start the VPN connection when the user is outside the corporate network (the untrusted network). This feature encourages greater security awareness by initiating a VPN connection when the user is outside the trusted network.

If AnyConnect is also running Start Before Logon (SBL), and the user moves into the trusted network, the SBL window displayed on the computer automatically closes.

TND does not interfere with the ability of the user to manually establish a VPN connection. It does not disconnect a VPN connection that the user starts manually in the trusted network. TND only disconnects the VPN session if the user first connects in an untrusted network and moves into a trusted network. For example, TND disconnects the VPN session if the user makes a VPN connection at home and then moves into the corporate office.

Because the TND feature controls the AnyConnect GUI and automatically initiates connections, the GUI should run at all times. If the user exits the GUI, TND does not automatically start the VPN connection.

You configure TND in the AnyConnect profile. No changes are required to the ASA configuration.

Question No: 32

Scenario

Your organization has just implemented a Cisco AnyConnect SSL VPN solution. Using Cisco ASDM, answer the questions regarding the implementation.

Note: Not all screens or option selections are active for this exercise.

Ensurepass 2018 PDF and VCE

Topology

Ensurepass 2018 PDF and VCE

Default_Home

Ensurepass 2018 PDF and VCE

Ensurepass 2018 PDF and VCE

Ensurepass 2018 PDF and VCE

Ensurepass 2018 PDF and VCE

Ensurepass 2018 PDF and VCE

Ensurepass 2018 PDF and VCE

Ensurepass 2018 PDF and VCE

Ensurepass 2018 PDF and VCE

Ensurepass 2018 PDF and VCE

Ensurepass 2018 PDF and VCE

Ensurepass 2018 PDF and VCE

Ensurepass 2018 PDF and VCE

Ensurepass 2018 PDF and VCE

Ensurepass 2018 PDF and VCE

Ensurepass 2018 PDF and VCE

Ensurepass 2018 PDF and VCE

Ensurepass 2018 PDF and VCE

Ensurepass 2018 PDF and VCE

Which address pool is being assigned to the users connecting via the AnyConnect client?

  1. AC_Address_Pool

  2. Remote_Address_Pool

  3. Outside_Address_Pool

  4. VPN_Address_Pool

Answer: D Explanation:

First Navigate to the Configuration -gt; Remote Access VPN tab and then choose the 鈥淎nyConnect Connection Profile as shown below:

Ensurepass 2018 PDF and VCE

Capture

Then, clicking on the AnyConnect Profile at the bottom will bring you to the edit page shown below:

Ensurepass 2018 PDF and VCE

Capture

From here we can see that the Client Address Pools in use is the 鈥淰PN_Access_Pool鈥?/p>

Question No: 33

Which VPN feature allows remote access clients to print documents to local network printers?

  1. Reverse Route Injection

  2. split tunneling

  3. loopback addressing

  4. dynamic virtual tunnels

Answer: B

Question No: 34

Which option is a required element of Secure Device Provisioning communications?

  1. the introducer

  2. the certificate authority

  3. the requestor

  4. the registration authority

Answer: A

Question No: 35

Which protocol must be enabled on the inside interface to use cluster encryption in SSL VPN load balancing?

  1. TLS

  2. DTLS

  3. IKEv2

  4. ISAKMP

Answer: D

Question No: 36

Which application does the Application Access feature of Clientless VPN support?

  1. TFTP

  2. VoIP

  3. Telnet

  4. active FTP

Answer: C

Question No: 37

When initiating a new SSL or TLS session, the client receives the server SSL certificate and validates it. After validating the server certificate, what does the client use the certificate for?

  1. The client and server use the server public key to encrypt the SSL session data.

  2. The server creates a separate session key and sends it to the client. The client decrypts the session key by using the server public key.

  3. The client and server switch to a DH key exchange to establish a session key.

  4. The client generates a random session key, encrypts it with the server public key, and then sends it to the server.

Answer: D

Question No: 38

Which command clears all Cisco AnyConnect VPN sessions?

  1. vpn-sessiondb logoff anyconnect

  2. vpn-sessiondb logoff webvpn

  3. vpn-sessiondb logoff l2l

  4. clear crypto isakmp sa

Answer: A

Question No: 39

Refer to the exhibit.

Ensurepass 2018 PDF and VCE

Which VPN solution does this configuration represent?

  1. Cisco AnyConnect

  2. IPsec

  3. L2TP

  4. SSL VPN

Answer: B

Question No: 40

What are two variables for configuring clientless SSL VPN single sign-on? (Choose two.)

  1. CSCO_WEBVPN_OTP_PASSWORD

  2. CSCO_WEBVPN_INTERNAL_PASSWORD

  3. CSCO_WEBVPN_USERNAME

  4. CSCO_WEBVPN_RADIUS_USER

Answer: B,C

100% Ensurepass Free Download!
Download Free Demo:300-209 Demo PDF
100% Ensurepass Free Guaranteed!
300-209 Dumps

EnsurePass ExamCollection Testking
Lowest Price Guarantee Yes No No
Up-to-Dated Yes No No
Real Questions Yes No No
Explanation Yes No No
PDF VCE Yes No No
Free VCE Simulator Yes No No
Instant Download Yes No No

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.