Cisco 300-730 Practice Test - Questions Answers, Page 15
Question list
Related questions
What are two differences between ECC and RSA? (Choose two.)
Key generation in ECC is slower and more CPU intensive than RSA.
ECC can have the same security as RSA but with a shorter key size.
ECC cannot have the same security as RSA, even with an increased key size.
Key generation in ECC is faster and less CPU intensive than RSA.
ECC lags in performance when compared with RSA.
Refer to the exhibit.
Based on the output of the show run command, which remote access VPN technology is configured?
PPTP
SSLVPN Full Tunnel
FlexVPN
clientless SSLVPN
Refer to the exhibit.
Which component must be configured on routers for a GETVPN deployment work properly?
PE3: Key Server – Customer 2 CEs: Group Members
Customer 1 CE1: Key Server – R1 and Customer 1 CE2: Group Members
R1: Key Server – Customer 1 CEs: Group Members
PE3: Key Server – all CEs: Group Members
Refer to the exhibit.
An engineer is diagnosing an issue that occurred after a router at a branch site was assigned a new address. Based on the debugs, what must be done to resolve this issue?
Add the remote peer’s IP address to the server's IKEv2 keyring.
Ensure that the correct preshared keys are set on both sides.
Ensure that the UDP 500 packets between devices are not dropped.
Add the remote peer’s identity to the server’s IKEv2 profile.
DRAG DROP
Drag and drop the correct commands from the right onto the blanks within the code on the left to implement a design that allow for dynamic spoke-to-spoke communication. Not all commands are used.
DRAG DROP
Drag and drop the code snippets from the right onto the blanks in the configuration to implement FlexVPN. Not all snippets are used.
The corporate network security policy requires that all internet and network traffic must be tunneled to the corporate office. Remote workers have been provided with printers to use locally at home while they are remotely connected to the corporate network. Which two steps must be executed to allow printing to the local printers? (Choose two.)
Configure the split-tunnel-policy on the Cisco ASA to tunnelall.
Check the Allow Local LAN access checkbox in the Cisco AnyConnect client.
Add a persistent static route in the client OS for the local LAN network.
Configure the split-tunnel-policy on the Cisco ASA to excludespecified.
Configure the split-tunnel-policy on the Cisco ASA to tunnelspecified.
A TCP based application that should be accessible over the VPN tunnel is not working. Pings to the appropriate IP address are failing.
Based on the output, what is a fix for this issue?
Add a route on the remote peer for 209.165.201.0/27.
Add a route on the local peer for 10.1.1.0/24.
Add a permit for TCP traffic going to 10.1.1.0/24.
Add a permit for TCP traffic going to 209.165.201.0/27.
When troubleshooting FlexVPN spoke-to-spoke tunnels, what should be verified first?
NHRP redirect is enabled on the hub.
The spokes have sent a resolution request.
NHRP cache entries exist on the spoke.
NHO routes exist on the spokes.
An engineer is building an IKEv1 tunnel to a peer Cisco ASA, but the tunnel is failing. Based on the configuration in the exhibit, which action must be taken to allow the VPN tunnel to come up?
Add a route for the 10.7.7.0/24 network to egress the outside interface.
Enable IKEv1 on the outside interface.
Change the IKEv1 policy number to be at least 256.
Change the transform set mode to transport.
Question