It is more faster and easier to pass the Cisco 300-209 exam by using Printable Cisco Implementing Cisco Secure Mobility Solutions (SIMOS) questuins and answers. Immediate access to the Down to date 300-209 Exam and find the same core area 300-209 questions with professionally verified answers, then PASS your exam with a high score now.

Q11. Which.DAP endpoint attribute checks for the matching MAC address of a client machine? 

A. device 

B. process 

C. antispyware 



Q12. Which two parameters are configured within an IKEv2 proposal on an IOS router? (Choose two.) 

A. authentication 

B. encryption 

C. integrity 

D. lifetime 

Answer: B,C 

Q13. A user with IP address is unable to access a HTTP website at IP address through a Cisco ASA. Which two features and commands will help troubleshoot the issue? (Choose two.) 

A. Capture user traffic using command capture capin interface inside match ip host any 

B. After verifying that user traffic reaches the firewall using syslogs or captures, use packet tracer command packet-tracer input inside tcp 1234 80 

C. Enable logging at level 1 and check the syslogs using commands logging enable, logging buffered 1 and show logging | include 

D. Check if an access-list on the firewall is blocking the user by using command show running-config access-list | include 

E. Use packet tracer command packet-tracer input inside udp 1234192.168.1.3 161 to see what the firewall is doing with the user's traffic 

Answer: A,B 

Q14. When troubleshooting established clientless SSL VPN issues, which three steps should be taken? (Choose three.) 

A. Clear the browser history. 

B. Clear the browser and Java cache. 

C. Collect the information from the computer event log. 

D. Enable and use HTML capture tools. 

E. Gather crypto debugs on the adaptive security appliance. 

F. Use Wireshark to capture network traffic. 

Answer: B,E,F 

Q15. Which hash algorithm is required to protect classified information? 

A. MD5 

B. SHA-1 

C. SHA-256 

D. SHA-384 


Q16. In FlexVPN, what command can an administrator use to create a virtual template interface that can be configured and applied dynamically to create virtual access interfaces? 

A. interface virtual-template number type template 

B. interface virtual-template number type tunnel 

C. interface template number type virtual 

D. interface tunnel-template number 



Here is a reference an explanation that can be included with this test. 

Configuring the Virtual Tunnel Interface on FlexVPN Spoke 


1. enable 

2. configure terminal 

3. interface virtual-template number type tunnel 

4. ip unnumbered tunnel number 

5. ip nhrp network-id number 

6. ip nhrp shortcut virtual-template-number 

7. ip nhrp redirect [timeout seconds] 

8. exit 

Q17. Which adaptive security appliance command can be used to see a generic framework of the requirements for configuring a VPN tunnel between an adaptive security appliance and 

a Cisco IOS router at a remote office? 

A. vpnsetup site-to-site steps 

B. show running-config crypto 

C. show vpn-sessiondb l2l 

D. vpnsetup ssl-remote-access steps 


Q18. Refer to the exhibit. 

After the configuration is performed, which combination of devices can connect? 

A. a device with an identity type of IPv4 address of or or a certificate with subject name of "" 

B. a device with an identity type of IPv4 address of both and or a certificate with subject name containing "" 

C. a device with an identity type of IPv4 address of both and and a certificate with subject name containing "" 

D. a device with an identity type of IPv4 address of or or a certificate with subject name containing "" 


Q19. In which situation would you enable the Smart Tunnel option with clientless SSL VPN? 

A. when a user is using an outdated version of a web browser 

B. when an application is failing in the rewrite process 

C. when IPsec should be used over SSL VPN 

D. when a user has a nonsupported Java version installed 

E. when cookies are disabled 


Q20. Refer to the exhibit. 

An administrator is adding IPv6 addressing to an already functioning tunnel. The administrator is unable to ping 2001:DB8:100::2 but can ping Which configuration needs to be added or changed? 

A. No configuration change is necessary. Everything is working correctly. 

B. OSPFv3 needs to be configured on the interface. 

C. NHRP needs to be configured to provide NBMA mapping. 

D. Tunnel mode needs to be changed to GRE IPv4. 

E. Tunnel mode needs to be changed to GRE IPv6.