ExamTopics Logo
Mail Us[email protected]
Menu
Cisco Discussions
exam questions

Exam 300-209 All Questions

View all questions & answers for the 300-209 exam
Go to Exam

Exam 300-209 topic 1 question 253 discussion

Actual exam question from Cisco's 300-209
Question #: 253
Topic #: 1
[All 300-209 Questions]

Instructions -
✑ Enter CLI commands on the ASA and Branch router to verify network operation and answer the multiple-choice questions.
✑ THIS TASK DOES NOT REQUIRE DEVICE CONFIGURATION.
✑ Click on the devices or the lower menu bar to gain access to the console of that device. No console or enable passwords are required.
✑ Not all CLI commands are available for this exercise.
✑ To access the multiple-choice questions, click on Questions tab and then the numbered boxes on the left of the panel to view each question.
There are four multiple-choice questions with this task. Be sure to answer all four questions before selecting the Next button.


Scenario -
You are the senior network security administrator for your organization. Recently and junior engineer configured a site-to-site IPSec VPN connection between your headquarters Cisco ASA and a remote branch office.
You are now tasked with verifyng the IKEv1 IPSec installion to ensure it was properly configured according to designated parameters. Using the CLI on both the
Cisco ASA and branch ISR, verify the IPsec configuration is properly configured between the two sites.
NOTE: the show running-config command cannot be used for this exercise.

Topology -


Branch ISR -


ASA -

What is the name of the transform set being used on the ISR?

  • A. Default
  • B. ESP-AES ESP-SHA-HMAC
  • C. SP-AES-256-MD5-TRANS
  • D. TSET
Show Suggested Answer Hide Answer
Suggested Answer: B 🗳️
This can be seen from the "show crypto ipsec sa" command as shown below:
by Kilocron at Nov. 27, 2019, 11:35 p.m.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
depocu
5 years, 3 months ago
Good point
upvoted 1 times
...
Kilocron
5 years, 5 months ago
This question's answer SHOULD be "TSET". If you run a "show crypto ipsec transform-set" command, it will identify that the NAME of the transform-set that is being used is "TSET". The answer that it says is right is the types of protocols being used, NOT the 'Name' that the question is asking for.
upvoted 3 times
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel
exam
Someone Bought Contributor Access for:
SY0-701
London, 1 minute ago