ExamGecko
Login
Home / Cisco / 300-730 / List of questions
Ask Question

Cisco 300-730 Practice Test - Questions Answers, Page 10

Add to Whishlist

List of questions

Question 91

Report Export Collapse

In order to enable FlexVPN to use a AAA attribute list, which two tasks must be performed? (Choose two.)

Define the RADIUS server.

Define the RADIUS server.

Verify that clients are using the correct authorization policy.

Verify that clients are using the correct authorization policy.

Define the AAA server.

Define the AAA server.

Assign the list to an authorization policy.

Assign the list to an authorization policy.

Set the maximum segment size.

Set the maximum segment size.

Suggested answer: B, D
asked 10/10/2024
Tiago Martins
38 questions

Question 92

Report Export Collapse

Which technology and VPN component allows a VPN headend to dynamically learn post NAT IP addresses of remote routers at different sites?

DMVPN with ISAKMP

DMVPN with ISAKMP

GETVPN with ISAKMP

GETVPN with ISAKMP

DMVPN with NHRP

DMVPN with NHRP

GETVPN with NHRP

GETVPN with NHRP

Suggested answer: C
asked 10/10/2024
Ahmed Alghadeer
34 questions

Question 93

Report Export Collapse

An engineer must configure remote desktop connectivity for offsite admins via clientless SSL VPN, configured on a Cisco ASA to Windows Vista workstations. Which two configurations provide the requested access? (Choose two.)

Telnet bookmark via the Telnet plugin

Telnet bookmark via the Telnet plugin

RDP2 bookmark via the RDP2 plugin

RDP2 bookmark via the RDP2 plugin

VNC bookmark via the VNC plugin

VNC bookmark via the VNC plugin

Citrix bookmark via the ICA plugin

Citrix bookmark via the ICA plugin

SSH bookmark via the SSH plugin

SSH bookmark via the SSH plugin

Suggested answer: B, C
asked 10/10/2024
Vangelis Gouloutis
44 questions

Question 94

Report Export Collapse

A network engineer must design a clientless VPN solution for a company. VPN users must be able to access several internal web servers. When reachability to those web servers was tested, it was found that one website is not being rewritten correctly by the AS

What is a potential solution for this issue while still allowing it to be a clientless VPN setup?

What is a potential solution for this issue while still allowing it to be a clientless VPN setup?

Set up a smart tunnel with the IP address of the web server.

Set up a smart tunnel with the IP address of the web server.

Set up a NAT rule that translates the ASA public address to the web server private address on port 80.

Set up a NAT rule that translates the ASA public address to the web server private address on port 80.

Set up Cisco AnyConnect with a split tunnel that has the IP address of the web server.

Set up Cisco AnyConnect with a split tunnel that has the IP address of the web server.

Set up a WebACL to permit the IP address of the web server.

Set up a WebACL to permit the IP address of the web server.

Suggested answer: B
asked 10/10/2024
Marc-Antoine Meyssat
32 questions

Question 95

Report Export Collapse

Which two types of SSO functionality are available on the Cisco ASA without any external SSO servers? (Choose two.)

SAML

SAML

NTLM

NTLM

Kerberos

Kerberos

OAuth 2.0

OAuth 2.0

HTTP Basic

HTTP Basic

Suggested answer: B, E
Explanation:

The auto-signon command is a single sign-on method for users of clientless SSL VPN sessions. It passesthe login credentials (username and password) to internal servers for authentication using NTLMauthentication, basic authentication, or both. Multiple auto-signon commands can be entered and areprocessed according to the input order (early commands take precedence) https://www.cisco.com/c/en/us/td/docs/security/asa/asa916/configuration/vpn/asa-916-vpn-config/webvpn-configure-policy-groups.html#ID-2439-00001438

asked 10/10/2024
Andrew Staton
33 questions

Question 96

Report Export Collapse

Refer to the exhibit.

Cisco 300-730 image Question 96 114614 10102024232758000000

Which type of VPN implementation is displayed?

IKEv1 cluster

IKEv1 cluster

IKEv2 backup gateway

IKEv2 backup gateway

IKEv2 load balancer

IKEv2 load balancer

IKEv2 reconnect

IKEv2 reconnect

Suggested answer: C
asked 10/10/2024
Eddie Martinez
44 questions

Question 97

Report Export Collapse

A network engineer is setting up a clientless SSLVPN on a Cisco AS

Remote users must be able to access an internal webserver via the URL example.com. Which two steps accomplish this task? (Choose two.)

Remote users must be able to access an internal webserver via the URL example.com. Which two steps accomplish this task? (Choose two.)

Configure a bookmark for the webserver.

Configure a bookmark for the webserver.

Configure routing so that the user's computer can reach the webserver.

Configure routing so that the user's computer can reach the webserver.

Configure a DNS server that can resolve the webserver URL.

Configure a DNS server that can resolve the webserver URL.

Configure a browser plugin on the Cisco ASA.

Configure a browser plugin on the Cisco ASA.

Configure routing so that the Cisco ASA can reach the webserver.

Configure routing so that the Cisco ASA can reach the webserver.

Suggested answer: A, C
asked 10/10/2024
Sneh Fields
45 questions

Question 98

Report Export Collapse

A network engineer has set up a FlexVPN server to terminate multiple FlexVPN clients. The VPN tunnels are established without issue. However, when a Change of Authorization is issued by the RADIUS server, the FlexVPN server does not update the authorization of connected FlexVPN clients.

Which action resolves this issue?

Add the aaa server radius dynamic-author command on the FlexVPN clients.

Add the aaa server radius dynamic-author command on the FlexVPN clients.

Fix the RADIUS key mismatch between the RADIUS server and FlexVPN server.

Fix the RADIUS key mismatch between the RADIUS server and FlexVPN server.

Add the aaa server radius dynamic-author command on the FlexVPN server.

Add the aaa server radius dynamic-author command on the FlexVPN server.

Fix the RADIUS key mismatch between the RADIUS server and FlexVPN clients.

Fix the RADIUS key mismatch between the RADIUS server and FlexVPN clients.

Suggested answer: C
asked 10/10/2024
Chad Remick
40 questions

Question 99

Report Export Collapse

A company needs to ensure only corporate issued laptops and devices are allowed to connect with the Cisco AnyConnect client. The solution should be applicable to multiple operating systems, including Windows, MacOS, and Linux, and should allow for remote remediation if a corporate issued device is stolen. Which solution should be used to accomplish these goals?

Use a DAP registry check on the system to determine the relationship with the corporate domain.

Use a DAP registry check on the system to determine the relationship with the corporate domain.

Use a DAP file check on the system to determine the relationship with the corporate domain.

Use a DAP file check on the system to determine the relationship with the corporate domain.

Install and authenticate user certificates on the corporate devices.

Install and authenticate user certificates on the corporate devices.

Install and authenticate machine certificates on the corporate devices

Install and authenticate machine certificates on the corporate devices

Suggested answer: A
Explanation:

https://www.cisco.com/c/en/us/td/docs/security/asa/asa98/asdm78/vpn/asdm-78-vpn-config/vpnasdm-dap.html#ID-2184-00000017

asked 10/10/2024
Venkat Burri
47 questions

Question 100

Report Export Collapse

When a FlexVPN is configured, which two components must be configured for IKEv2? (Choose two.)

method

method

profile

profile

proposal

proposal

preference

preference

persistence

persistence

Suggested answer: B, C
asked 10/10/2024
Sathish M
54 questions
Total 175 questions
Go to page: of 18
Search
Open VPLUS File
Convert VPLUS to PDF

Related questions

Refer to the exhibit. The IKEv2 site-to-site VPN tunnel between two routers is down. Based on the debug output, which type of mismatch is the problem?
Which two NHRP functions are specific to DMVPN Phase 3 implementation? (Choose two.)
A company's remote locations connect to the data centers via MPLS. A new request requires that unicast and multicast traffic that exits in the remote locations be encrypted. Which non-tunneled technology should be used to satisfy this requirement?
A DMVPN spoke is configured with IKEv1 to secure the tunnel. Despite having a configuration similar to other working spokes, the tunnel is not coming up. Packet captures on the spoke show packets leaving the spoke router, but not making it to the hub router. Which solution resolves this issue?
Which feature allows a DMVPN Phase 3 spoke to switch to an alternate hub when the primary hub is unreachable?
Which two features provide headend resiliency for Cisco AnyConnect clients? (Choose two.)
What must be configured in a FlexVPN deployment to allow for direct communication between spokes connected to different hubs?
Which two statements about the Cisco ASA Clientless SSL VPN solution are true? (Choose two.)
A Cisco AnyConnect client establishes a SSL VPN connection with an ASA at the corporate office. An engineer must ensure that the client computer meets the enterprise security policy. Which feature can update the client to meet an enterprise security policy?
An administrator is designing a VPN with a partner's non-Cisco VPN solution. The partner's VPN device will negotiate an IKEv2 tunnel that will only encrypt subnets 192.168.0.0/24 going to 10.0.0.0/24. Which technology must be used to meet these requirements?