Exam Code: 300-209 (Practice Exam Latest Test Questions VCE PDF)
Exam Name: Implementing Cisco Secure Mobility Solutions (SIMOS)
Certification Provider: Cisco
Free Today! Guaranteed Training- Pass 300-209 Exam.

### 2021 Jun 300-209 Study Guide Questions:

Q121. Refer to the exhibit.

Which VPN solution does this configuration represent?

A. DMVPN

B. GETVPN

C. FlexVPN

D. site-to-site

Q122. Scenario

Your organization has just implemented a Cisco AnyConnect SSL VPN solution. Using Cisco ASDM, answer the questions regarding the implementation.

Note: Not all screens or option selections are active for this exercise.

Topology

Default_Home

Which address range will be assigned to the AnyConnect users?

A. 10.10.15.40-50/24

B. 209.165.201.20-30/24

C. 192.168.1.100-150/24

D. 10.10.15.20-30/24

Explanation:

First Navigate to the Configuration -> Remote Access VPN tab and then choose the “AnyConnect Connection Profile as shown below:

C:UsersdanielkellerAppDataLocalMicrosoftWindowsINetCacheContent.WordCapture. png

Then, clicking on the AnyConnect Profile at the bottom will bring you to the edit page shown below:

C:UsersdanielkellerAppDataLocalMicrosoftWindowsINetCacheContent.WordCapture. png

From here, click the Select button on the “VPN_Address_Pool” and you will see the following pools defined:

Here we see that the VPN_Address_Pool contains the IP address range of 10.10.15.20-10.10.15.30/24.

Q123. Which equation describes an elliptic curve?

A. y3 = x3 + ax + b

B. x3 = y2 + ab + x

C. y4 = x2 + ax + b

D. y2 = x3 + ax + b

E. y2 = x2 + ax + b2

### Improve 300-209 simos study guide:

Q124. Which cryptographic algorithms are a part of the Cisco NGE suite?

A. HIPPA DES

B. AES-CBC-128

C. RC4-128

D. AES-GCM-256

Explanation: Reference:

https://www.cisco.com/web/learning/le21/le39/docs/tdw166_prezo.pdf

Q125. Which statement describes a prerequisite for single-sign-on Netegrity Cookie Support in an IOC SSL VPN?

A. The Cisco AnyConnect Secure Mobility Client must be installed in flash.

B. A SiteMinder plug-in must be installed on the Cisco SSL VPN gateway.

C. A Cisco plug-in must be installed on a SiteMinder server.

D. The Cisco Secure Desktop software package must be installed in flash.

Q126. Which feature is available in IKEv1 but not IKEv2?

A. Layer 3 roaming

B. aggressive mode

C. EAP variants

D. sequencing

### Realistic cisco ccnp security 300-209 simos:

Q127. As network consultant, you are asked.to suggest a VPN technology that can support a multivendor environment and secure traffic between sites. Which technology should you recommend?

A. DMVPN

B. FlexVPN

C. GET VPN

D. SSL VPN

Q128. When you configure IPsec VPN High Availability Enhancements, which technology does Cisco recommend that you enable to make reconvergence faster?

A. EOT

B. IP SLAs

C. periodic IKE keepalives

D. VPN fast detection

Q129. Which command clears all Cisco AnyConnect VPN sessions?

A. vpn-sessiondb logoff anyconnect

B. vpn-sessiondb logoff webvpn

C. vpn-sessiondb logoff l2l

D. clear crypto isakmp sa

Q130. You are troubleshooting a site-to-site VPN issue where the tunnel is not establishing. After issuing the debug crypto isakmp command on the headend router, you see the following output. What does this output suggest?

1d00h: ISAKMP (0:1): atts are not acceptable. Next payload is 0

1d00h: ISAKMP (0:1); no offers accepted!

1d00h: ISAKMP (0:1): SA not acceptable!

1d00h: %CRYPTO-6-IKMP_MODE_FAILURE. Processing of Main Mode failed with peer at 10.10.10.10

A. Phase 1 policy does not match on both sides.

B. The transform set does not match on both sides.

C. ISAKMP is not enabled on the remote peer.

D. There is a mismatch in the ACL that identifies interesting traffic.