which option will allow IKEv2 connections on the adapti…

Regarding licensing, which option will allow IKEv2 connections on the adaptive security appliance?

Regarding licensing, which option will allow IKEv2 connections on the adaptive security appliance?

A.
AnyConnect Essentials can be used for Cisco AnyConnect IKEv2 connections.

B.
IKEv2 sessions are not licensed.

C.
The Advanced Endpoint Assessment license must be installed to allow Cisco AnyConnect IKEv2 sessions.

D.
Cisco AnyConnect Mobile must be installed to allow AnyConnect IKEv2 sessions.

Show Hint

Leave a Reply 4

Your email address will not be published. Required fields are marked *

FactChecker

FactChecker

The answer is “A”, AnyConnect Essentials can be used for Cisco AnyConnect IKEv2 connections.

From Cisco Press book page 42, CCNP Security VPN 642-648 Official Cert Guide
By Howard Hoope

KEv1 IPsec sessions are not licensed, and the maximum number of sessions available equal the maximum number available for the ASA platform used. IKEv2 site-to-site VPNs are not licensed either.
IKEv2 IPsec remote-access VPN sessions are available for use only with the AnyConnect client and as such are licensed using the same AnyConnect Essentials or AnyConnect Premium licenses used with SSL VPNs.

Reply

rawr

rawr

Yes answer is A

Reply

Ronald Ammons

Ronald Ammons

New 300-209 Exam Questions and Answers (4/July/2017 Updated):

NEW QUESTION 294
Refer to the exhibit, which result of this command is true?

A. Makes the router generate a certificate signing request

NEW QUESTION 295
An engineer is attempting to establish a new site-to-site VPN connection. The tunnel terminates on an ASA 5506-X which is behind an ASA 5515-X. The engineer notices that the tunnel is not establishing. Which option is a potential cause?

D. NAT – traversal is not configured

NEW QUESTION 296
Which algorithm does ISAKMP use to securely derive encryption and integrity keys?

A. Diffie – Hellman
B. AES
C. ECDSA
D. RSA
E. 3DES

Answer: D

NEW QUESTION 297
Which purpose of configuring perfect Forward secret is true?

A. For every negotiation of a new phase 1 SA, the two gateways generate a new set of phase 2 keys.
B. For every negotiation of a new phase 2 SA, the two gateways generate a new set of phase 1 keys.
C. For every negotiation of a new phase 1 SA, the two gateways generate a new set of phase 1 keys.
D. For every negotiation of a new phase 2 SA, the two gateways generate a new set of phase 2 keys.

Answer: A

NEW QUESTION 298
An engineer has successfully established a phase 1 tunnel, but notices that no packets are decrypted on the head end side of the tunnel. What is a potential cause for this issue?

A. different phase 2 encryption
B. misconfigured DH group
C. disabled PFS
D. firewall blocking Phase 2 ESP or AH

Answer: A

NEW QUESTION 299
Which option describes traffic that will initiate a VPN connection?

A. trusted
B. external
C. internal
D. interesting

Answer: D

NEW QUESTION 300
……

P.S. You Can Get The Newest 300-209 Dumps In PDF And VCE From — http://www.passleader.com/300-209.html (307q VCE and PDF)

Good Luck!

Reply