ExamGecko
Search Search Login
Home Home / Cisco / 300-730

Cisco 300-730 Practice Test - Questions Answers, Page 11

Question list
Search
Search

List of questions

Search
Open VPLUS File
Convert VPLUS to PDF

Related questions

Refer to the exhibit. The IKEv2 site-to-site VPN tunnel between two routers is down. Based on the debug output, which type of mismatch is the problem?
A DMVPN spoke is configured with IKEv1 to secure the tunnel. Despite having a configuration similar to other working spokes, the tunnel is not coming up. Packet captures on the spoke show packets leaving the spoke router, but not making it to the hub router. Which solution resolves this issue?
Cisco AnyConnect Secure Mobility Client has been configured to use IKEv2 for one group of users and SSL for another group. When the administrator configures a new AnyConnect release on the Cisco ASA, the IKEv2 users cannot download it automatically when they connect. What might be the problem?
Refer to the exhibit. An engineer must allow Cisco AnyConnect users to access the outside interface using protocol UDP 500/4500. In addition, these clients must be able to establish an SSL connection to update Cisco AnyConnect software over the same connection. Which two actions must be taken to achieve this goal? (Choose two.)
An engineer has successfully established a Phase 1 and Phase 2 tunnel between two sites. Site A has internal subnet 192.168.0.0/24 and Site B has internal subnet 10.0.0.0/24. The engineer notices that no packets are decrypted at Site B. Pings to 192.168.0.1 from internal Site B devices make it to the Site B router, and the Site A router has incrementing encrypt and decrypt counters. What must be done to ensure bidirectional communication between both sites?
What must be configured in a FlexVPN deployment to allow for direct communication between spokes connected to different hubs?
What are two advantages of using GETVPN to traverse over the network between corporate offices? (Choose two.)
Which feature allows a DMVPN Phase 3 spoke to switch to an alternate hub when the primary hub is unreachable?
An administrator is planning a VPN configuration that will encrypt traffic between multiple servers that will be passing unicast and multicast traffic. This configuration must be able to be implemented without the need to modify routing within the network. Which VPN technology must be used for this task?
Users cannot log in to a Cisco ASA using clientless SSLVPN. Troubleshooting reveals the error message "WebVPN session terminated: Client type not supported". Which step does the administrator take to resolve this issue?

Question 101

Report
Export
Collapse

A DMVPN spoke router tunnel is up and passing traffic, but it cannot establish an EIGRP neighbor relationship with the hub router. Which solution resolves this issue?

A.

Enable EIGRP Split Horizon on the hub tunnel interface.

A.

Enable EIGRP Split Horizon on the hub tunnel interface.

Answers
B.

Remove the EIGRP stub configuration on the spoke tunnel interface.

B.

Remove the EIGRP stub configuration on the spoke tunnel interface.

Answers
C.

Enable the EIGRP next hop self feature on the hub tunnel interface.

C.

Enable the EIGRP next hop self feature on the hub tunnel interface.

Answers
D.

Configure the dynamic NHRP multicast map on the hub tunnel interface.

D.

Configure the dynamic NHRP multicast map on the hub tunnel interface.

Answers
Suggested answer: D

Question 102

Report
Export
Collapse

Refer to the exhibit.

An IPsec Cisco AnyConnect client is failing to connect and generates these debugs every time a connection to an IOS headend is attempted. Which action resolves this issue?

A.

Correct the DH group setting.

A.

Correct the DH group setting.

Answers
B.

Correct the PFS setting.

B.

Correct the PFS setting.

Answers
C.

Correct the integrity setting.

C.

Correct the integrity setting.

Answers
D.

Correct the encryption setting.

D.

Correct the encryption setting.

Answers
Suggested answer: A

Question 103

Report
Export
Collapse

Refer to the exhibit.

An engineer must allow Cisco AnyConnect users to access the outside interface using protocol UDP 500/4500. In addition, these clients must be able to establish an SSL connection to update Cisco AnyConnect software over the same connection. Which two actions must be taken to achieve this goal? (Choose two.)

A.

IPsec (IKEv2) Allow Access must be checked on the outside interface.

A.

IPsec (IKEv2) Allow Access must be checked on the outside interface.

Answers
B.

SSL Enable DTLS must be checked on the outside interface.

B.

SSL Enable DTLS must be checked on the outside interface.

Answers
C.

Bypass interface access lists for inbound VPN sessions must be unchecked.

C.

Bypass interface access lists for inbound VPN sessions must be unchecked.

Answers
D.

IPsec (IKEv2) Enable Client Services must be checked on the outside interface.

D.

IPsec (IKEv2) Enable Client Services must be checked on the outside interface.

Answers
E.

SSL Allow Access must be checked on the outside interface.

E.

SSL Allow Access must be checked on the outside interface.

Answers
Suggested answer: A, D

Question 104

Report
Export
Collapse

Refer to the exhibit.

Based on the configuration output, what is the VPN technology?

A.

site-to-site

A.

site-to-site

Answers
B.

DMVPN

B.

DMVPN

Answers
C.

L2VPN

C.

L2VPN

Answers
D.

multicast VPN

D.

multicast VPN

Answers
Suggested answer: B

Explanation:


Question 105

Report
Export
Collapse

A user at a company HQ is having trouble accessing a network share at a branch site that is connected with a L2L IPsec VPN. While troubleshooting, a network security engineer runs a packet tracer on the Cisco ASA to simulate the user traffic and discovers that the encryption counter is increasing but the decryption counter is not. What must be configured to correct this issue?

A.

Adjust the routing on the remote peer device to direct traffic back over the tunnel.

A.

Adjust the routing on the remote peer device to direct traffic back over the tunnel.

Answers
B.

Adjust the preshared key on the remote peer to allow traffic to flow over the tunnel.

B.

Adjust the preshared key on the remote peer to allow traffic to flow over the tunnel.

Answers
C.

Adjust the transform set to allow bidirectional traffic.

C.

Adjust the transform set to allow bidirectional traffic.

Answers
D.

Adjust the peer IP address on the remote peer to direct traffic back to the ASA.

D.

Adjust the peer IP address on the remote peer to direct traffic back to the ASA.

Answers
Suggested answer: A

Question 106

Report
Export
Collapse

A user is experiencing delays on audio calls over a Cisco AnyConnect VPN. Which implementation step resolves this issue?

A.

Change to 3DES Encryption.

A.

Change to 3DES Encryption.

Answers
B.

Shorten the encryption key lifetime.

B.

Shorten the encryption key lifetime.

Answers
C.

Install the Cisco AnyConnect 2.3 client for the user to download.

C.

Install the Cisco AnyConnect 2.3 client for the user to download.

Answers
D.

Enable DTLS.

D.

Enable DTLS.

Answers
Suggested answer: D

Question 107

Report
Export
Collapse

Users cannot log in to a Cisco ASA using clientless SSLVPN. Troubleshooting reveals the error message "WebVPN session terminated: Client type not supported". Which step does the administrator take to resolve this issue?

A.

Enable the Cisco AnyConnect premium license on the Cisco ASA.

A.

Enable the Cisco AnyConnect premium license on the Cisco ASA.

Answers
B.

Have the user upgrade to a supported browser.

B.

Have the user upgrade to a supported browser.

Answers
C.

Increase the simultaneous logins on the group policy.

C.

Increase the simultaneous logins on the group policy.

Answers
D.

Enable the clientless VPN protocol on the group policy.

D.

Enable the clientless VPN protocol on the group policy.

Answers
Suggested answer: D

Question 108

Report
Export
Collapse

An administrator is setting up a VPN on an ASA for users who need to access an internal RDP server.

Due to security restrictions, the Microsoft RDP client is blocked from running on client workstations via Group Policy. Which VPN feature should be implemented by the administrator to allow these users to have access to the RDP server?

A.

clientless proxy

A.

clientless proxy

Answers
B.

smart tunneling

B.

smart tunneling

Answers
C.

clientless plug-in

C.

clientless plug-in

Answers
D.

clientless rewriter

D.

clientless rewriter

Answers
Suggested answer: C

Question 109

Report
Export
Collapse

An administrator is planning a VPN configuration that will encrypt traffic between multiple servers that will be passing unicast and multicast traffic. This configuration must be able to be implemented without the need to modify routing within the network. Which VPN technology must be used for this task?

A.

FlexVPN

A.

FlexVPN

Answers
B.

VTI

B.

VTI

Answers
C.

GETVPN

C.

GETVPN

Answers
D.

DMVPN

D.

DMVPN

Answers
Suggested answer: C

Explanation:

The VPN technology that must be used for this task is GETVPN (Group Encrypted Transport VPN).GETVPN is designed to encrypt both unicast and multicast traffic while preserving the original sourceand destination IP addresses, and it does not require any changes to the existing routing infrastructure.Additionally, GETVPN provides a scalable and efficient solution for encrypting traffic within a network,making it a good choice for this scenario

Question 110

Report
Export
Collapse

Refer to the exhibit.

VPN tunnels between a spoke and two DMVPN hubs are not coming up. The network administrator has verified that the encryption, hashing, and DH group proposals for Phase 1 and Phase 2 match on both ends. What is the solution to this issue?

A.

Ensure bidirectional UDP 500/4500 traffic.

A.

Ensure bidirectional UDP 500/4500 traffic.

Answers
B.

Increase the isakmp phase 1 lifetime.

B.

Increase the isakmp phase 1 lifetime.

Answers
C.

Add NAT statements for VPN traffic.

C.

Add NAT statements for VPN traffic.

Answers
D.

Enable shared tunnel protection.

D.

Enable shared tunnel protection.

Answers
Suggested answer: A
Total 175 questions
Go to page: of 18
ExamGecko

Copyright @2023 ExamGecko | All right reserved

Mail us: [email protected]
About us
Contact us
Twitter X
Facebook
Medium
Convert VPLUS to PDF
Open VPLUS files Easily and Quickly
Privacy Policy
Disclaimer
Terms