Cisco (300-730-SVPN) Exam Questions And Answers page 5
Which two statements about the Cisco ASA Clientless SSL VPN solution are true? (Choose two.)
The rewriter enable command under the global webvpn configuration enables the rewriter functionality because that feature is disabled by default.
A Cisco ASA can simultaneously allow Clientless SSL VPN sessions and AnyConnect client sessions.
When a client connects to the Cisco ASA WebVPN portal and tries to access HTTP resources through the URL bar, the ASA uses its configured DNS servers to perform FQDN resolution.
Clientless SSLVPN provides Layer 3 connectivity into the secured network.
Architecture and Design
Implement and Troubleshoot Secure Communications
Which technology is used to send multicast traffic over a site-to-site VPN?
GRE over IPsec on IOS router
GRE over IPsec on FTD
IPsec tunnel on FTD
GRE tunnel on ASA
Architecture and Design
Implement and Troubleshoot Secure Communications
Which two features provide headend resiliency for Cisco AnyConnect clients? (Choose two.)
AnyConnect Auto Reconnect
AnyConnect Network Access Manager
AnyConnect Backup Servers
ASA failover
AnyConnect Always On
Implement and Troubleshoot Secure Communications
Secure Communications Architectures and Solutions
Refer to the exhibit. The DMVPN spoke is not establishing a session with the hub. Which two actions resolve this issue? (Choose two.)
Change the spoke nhs to 172.16.18.1 and the nbma to 10.0.0.1.
Change the transform set to mode tunnel.
Change the ISAKMP policy authentication on the spoke to pre-shared.
Change the ISAKMP key address on the spoke to 0.0.0.0.
Change the nhrp authentication key on the spoke to cisco123.
Implement and Troubleshoot Secure Communications
Secure Communications Architectures and Solutions
Which feature allows the ASA to handle nonstandard applications and web resources so that they display correctly over a clientless SSL VPN connection?
single sign-on
Smart Tunnel
WebType ACL
plug-ins
Architecture and Design
Implement and Troubleshoot Secure Communications
Refer to the exhibit. A network engineer is configuring a remote access SSLVPN and is unable to complete the connection using local credentials. What must be done to remediate this problem?
Enable the client protocol in the Cisco AnyConnect profile.
Configure a AAA server group to authenticate the client.
Change the authentication method to local.
Configure the group policy to force local authentication.
Implement and Troubleshoot Secure Communications
Secure Communications Architectures and Solutions
Which two types of SSO functionality are available on the Cisco ASA without any external SSO servers? (Choose two.)
SAML
NTLM
Kerberos
OAuth 2.0
HTTP Basic
Implement and Troubleshoot Secure Communications
Infrastructure Security
Refer to the exhibit. Which two tunnel types produce the show crypto ipsec sa output seen in the exhibit? (Choose two.)
crypto map
DMVPN
GRE
FlexVPN
VTI
Implement and Troubleshoot Secure Communications
Secure Communications Architectures and Solutions
What VPN technology is used in the exhibit?
Single Choice
Refer to the exhibit. Which VPN technology is used in the exhibit?
DVTI
VTI
DMVPN
GRE
Secure Solutions with Virtual Private Networks
A network engineer must implement an SSLVPN Cisco AnyConnect solution that supports 500 concurrent users, ensures all traffic from the client passes through the ASA, and allows users to access all devices on the inside interface subnet (192.168.0.0/24). Assuming all other configuration is set up appropriately, which configuration implements this solution?
Architecture and Design
Implement and Troubleshoot Secure Communications
Comments