Which two parameters help to map a VPN session to a tunnel group without using the tunnelgroup list?

Which two parameters help to map a VPN session to a tunnel group without using the tunnelgroup list? (Choose two.)

Which two parameters help to map a VPN session to a tunnel group without using the tunnelgroup list? (Choose two.)

A.
group-alias

B.
certificate map

C.
use gateway command

D.
group-url

E.
AnyConnect client version

Show Hint

Leave a Reply 3

Your email address will not be published. Required fields are marked *

six + 4 =

FactChecker

FactChecker

hxxp://www.cisco.com/c/en/us/support/docs/security/asa-5500-x-series-next-generation-firewalls/98580-enable-group-dropdown.html

Reply

KAMRAN MEHDI

KAMRAN MEHDI

New 300-209 Exam Questions and Answers Updated Recently (4/July/2017):

NEW QUESTION 294
Refer to the exhibit, which result of this command is true?

A. Makes the router generate a certificate signing request
B. Generates an RSA key called TRIALFOUR
C. It displays the RSA public keys of the router
D. It specifies self- signed enrollment for a trust point

Answer: A

NEW QUESTION 295
An engineer is attempting to establish a new site-to-site VPN connection. The tunnel terminates on an ASA 5506-X which is behind an ASA 5515-X. The engineer notices that the tunnel is not establishing. Which option is a potential cause?

A. Certificates were not configured
B. Diffie – Helman Group is not set
C. Access lists were not applied
D. NAT – traversal is not configured

Answer: D

NEW QUESTION 296
Which algorithm does ISAKMP use to securely derive encryption and integrity keys?

A. Diffie – Hellman
B. AES
C. ECDSA
D. RSA
E. 3DES

Answer: D

NEW QUESTION 297
Which purpose of configuring perfect Forward secret is true?

A. For every negotiation of a new phase 1 SA, the two gateways generate a new set of phase 2 keys.
B. For every negotiation of a new phase 2 SA, the two gateways generate a new set of phase 1 keys.
C. For every negotiation of a new phase 1 SA, the two gateways generate a new set of phase 1 keys.
D. For every negotiation of a new phase 2 SA, the two gateways generate a new set of phase 2 keys.

Answer: A

NEW QUESTION 298
An engineer has successfully established a phase 1 tunnel, but notices that no packets are decrypted on the head end side of the tunnel. What is a potential cause for this issue?

A. different phase 2 encryption
B. misconfigured DH group
C. disabled PFS
D. firewall blocking Phase 2 ESP or AH

Answer: A

NEW QUESTION 299
Which option describes traffic that will initiate a VPN connection?

A. trusted
B. external
C. internal
D. interesting

Answer: D

NEW QUESTION 300
……

P.S. These New 300-209 Exam Questions Were Just Updated From The Real 300-209 Exam, You Can Get The Newest 300-209 Dumps In PDF And VCE From — http://www.passleader.com/300-209.html (307q VCE and PDF)

Good Luck!

Reply