Cisco (300-730-SVPN) Exam Questions And Answers page 9
Refer to the exhibit. What is a result of this configuration?
Spoke 2 passes the authentication to the hub and successfully proceeds to phase 2.
Spoke 2 fails the authentication because the remote authentication method is incorrect.
Spoke 1 passes the authentication to the hub and successfully proceeds to phase 2.
Implement and Troubleshoot Secure Communications
Secure Communications Architectures and Solutions
What is a true statement about GETVPN?
Single Choice
Which statement about GETVPN is true?
The configuration that defines which traffic to encrypt originates from the key server.
TEK rekeys can be load-balanced between two key servers operating in COOP.
The pseudotime that is used for replay checking is synchronized via NTP.
Group members must acknowledge all KEK and TEK rekeys, regardless of configuration.
Implement and Troubleshoot Secure Communications
Secure Communications Architectures and Solutions
Refer to the exhibit. An SSL client is connecting to an ASA headend. The session fails with the message Connection attempt has timed out. Please verify Internet connectivity. Based on how the packet is processed, which phase is causing the failure?
phase 9: rpf-check
phase 5: NAT
phase 4: ACCESS-LIST
phase 3: UN-NAT
Implement and Troubleshoot Secure Communications
Secure Communications Architectures and Solutions
What type of Cisco VPN is shown for group Cisc012345678?
Single Choice
Refer to the exhibit. Which type of Cisco VPN is shown for group Cisc012345678?
Cisco AnyConnect Client VPN
DMVPN
Clientless SSLVPN
GETVPN
Secure Solutions with Virtual Private Networks
Refer to the exhibit. Which value must be configured in the User Group field when the Cisco AnyConnect Profile is created to connect to an ASA headend with IPsec as the primary protocol?
address-pool
group-alias
group-policy
tunnel-group
Implement and Troubleshoot Secure Communications
Infrastructure Security
Refer to the exhibit. Based on the exhibit, why are users unable to access CCNP Webserver bookmark?
The URL is being blocked by a WebACL.
The ASA cannot resolve the URL.
The bookmark has been disabled.
The user cannot access the URL.
Implement and Troubleshoot Secure Communications
Infrastructure Security
Cisco AnyConnect clients need to transfer large files over the VPN sessions. Which protocol provides the best throughput?
SSL/TLS
L2TP
DTLS
IPsec IKEv1
Secure Solutions with Virtual Private Networks
Implement and Troubleshoot Secure Communications
After a user configures a connection profile with a bookmark list and tests the clientless SSLVPN connection, all of the bookmarks are grayed out. What must be done to correct this behavior?
Apply the bookmark to the correct group policy.
Specify the correct port for the web server under the bookmark.
Configure a DNS server on the Cisco ASA and verify it has a record for the web server.
Verify HTTP/HTTPS connectivity between the Cisco ASA and the web server.
Architecture and Design
Implement and Troubleshoot Secure Communications
Which VPN technology must be used to ensure that routers are able to dynamically form connections with each other rather than sending traffic through a hub and be able to advertise routes without the use of a dynamic routing protocol?
FlexVPN
DMVPN Phase 3
DMVPN Phase 2
GETVPN
Architecture and Design
Implement and Troubleshoot Secure Communications
Refer to the exhibit. Which type of Cisco VPN is shown for group Cisc012345678?
Cisco AnyConnect Client VPN
DMVPN
Clientless SSLVPN
GETVPN
Secure Solutions with Virtual Private Networks
Comments