Ask Question
Cisco 300-730 Practice Test - Questions Answers, Page 3
Add to Whishlist
List of questions
Question 21
Which feature allows the ASA to handle nonstandard applications and web resources so that they display correctly over a clientless SSL VPN connection?
single sign-on
Smart Tunnel
WebType ACL
plug-ins
Plug-ins are extensions to the Clientless SSL VPN feature that enable the ASA to handle non-standardapplications and Web resources so that they display correctly over a Clientless SSL VPN connection.Plug-ins are software components that the ASA downloads to the remote user's browser. The plug-insprovide support for applications and protocols that are not natively supported by Clientless SSL VPN,such as Java, ActiveX, SSH, Telnet, and RDP. Plug-ins can also provide enhanced functionality andsecurity for Web applications, such as Outlook Web Access and Lotus iNotes.You can read more about plug-ins and how to configure them in the document [ASDM Book 3: Cisco ASASeries VPN ASDM Configuration Guide, 7.7]1
Question 22
Which command automatically initiates a smart tunnel when a user logs in to the WebVPN portal page?
auto-upgrade
auto-connect
auto-start
auto-run
Reference:
https://www.cisco.com/c/en/us/td/docs/security/asa/asa91/configuration/vpn/asa_91_vpn_config/webvpn-configure-policy-group.html
Question 23
Refer to the exhibit.
The customer must launch Cisco AnyConnect in the RDP machine. Which IOS configuration accomplishes this task?
Option A
Option B
Option C
Option D
Reference: https://community.cisco.com/t5/vpn/starting-anyconnect-vpn-through-rdp-session-oncisco-891/td- p/2128284
Question 24
Refer to the exhibit.
Which two commands under the tunnel-group webvpn-attributes result in a Cisco AnyConnect user receiving the AnyConnect prompt in the exhibit? (Choose two.)
group-url https://172.16.31.10/General enable
group-policy General internal
authentication aaa
authentication certificate
group-alias General enable
https://www.cisco.com/c/en/us/support/docs/security/asa-5500-x-series-next-generationfirewalls/98580-enable-group-dropdown.html
Question 25
Which requirement is needed to use local authentication for Cisco AnyConnect Secure Mobility Clients that connect to a FlexVPN server?
use of certificates instead of username and password
EAP-AnyConnect
EAP query-identity
AnyConnect profile
https://www.cisco.com/c/en/us/support/docs/security/flexvpn/200555-FlexVPN-AnyConnect-IKEv2-Remote-Access.pdf
Reference: https://www.cisco.com/c/en/us/support/docs/security/flexvpn/200555-FlexVPNAnyConnect-IKEv2- Remote-Access.html
Question 26
Which IKE identity does an IOS/IOS-XE headend expect to receive if an IPsec Cisco AnyConnect client uses default settings?
*$SecureMobilityClient$*
*$AnyConnectClient$*
*$RemoteAccessVpnClient$*
*$DfltlkeldentityS*
Reference: https://www.cisco.com/c/en/us/support/docs/security/flexvpn/200555-FlexVPNAnyConnect-IKEv2- Remote-Access.html
Question 27
Refer to the exhibit.
Which VPN technology is allowed for users connecting to the Employee tunnel group?
SSL AnyConnect
IKEv2 AnyConnect
crypto map
clientless
When you configure other group policies, any attribute that you do not explicitly specify takes its value from the default group policy. To view the default group policy.
https://www.cisco.com/c/en/us/td/docs/security/asa/asa72/configuration/guide/conf_gd/vpngrp.html
Question 28
Refer to the exhibit.
An engineer is troubleshooting a new GRE over IPsec tunnel. The tunnel is established but the engineer cannot ping from spoke 1 to spoke 2. Which type of traffic is being blocked?
ESP packets from spoke2 to spoke1
ISAKMP packets from spoke2 to spoke1
ESP packets from spoke1 to spoke2
ISAKMP packets from spoke1 to spoke2
Question 29
Which command is used to troubleshoot an IPv6 FlexVPN spoke-to-hub connectivity failure?
show crypto ikev2 sa
show crypto isakmp sa
show crypto gkm
show crypto identity
Reference: https://www.cisco.com/c/en/us/support/docs/security/flexvpn/116413-configureflexvpn-00.pdf
Question 30
In a FlexVPN deployment, the spokes successfully connect to the hub, but spoke-to-spoke tunnels do not form. Which troubleshooting step solves the issue?
Verify the spoke configuration to check if the NHRP redirect is enabled.
Verify that the spoke receives redirect messages and sends resolution requests.
Verify the hub configuration to check if the NHRP shortcut is enabled.
Verify that the tunnel interface is contained within a VRF.
Reference: https://www.cisco.com/c/en/us/td/docs/ios-xml/ios/sec_conn_dmvpn/configuration/15-mt/sec-conn- dmvpn-15-mt-book/sec-conn-dmvpn-summ-maps.pdf
Related questions
Export
If you didn't receive an email within 5 minutes, you should submit a support request to [email protected].
|
BASIC - 1 Month
$
10
Full latest questions
No CAPTCHA
New Updates
Export to VPLUS
Export to PDF - All questions
Team support
|
PLUS - 2 Months
$
15
Full latest questions
No CAPTCHA
New Updates
Export to VPLUS
Export to PDF - All questions
Team support
|
PRO - 6 Months
$
40
Full latest questions
No CAPTCHA
New Updates
Export to VPLUS
Export to PDF - All questions
Team support
|
Full latest questions
No CAPTCHA
New Updates
Export to VPLUS
Export to PDF - All questions
Team support
Full latest questions
No CAPTCHA
New Updates
Export to VPLUS
Export to PDF - All questions
Team support
Full latest questions
No CAPTCHA
New Updates
Export to VPLUS
Export to PDF - All questions
Team support
Selling illegal goods, money scams etc.
Serious attack on a group.
Harassing an individual (including doxing)
Threatening or glorifying violence or serious harm, including self-harm
Nudity/Sexual content
Sexually explicit or suggestive imagery or writing involving minors
Sexually explicit or suggestive imagery or writing involving non-consenting adults or non-humans
Reusing content without attribution (link and blockquotes)
Not in English or has very bad formatting, grammar, and spelling
Author's credential is offensive, spam, or impersonation
Ex. Illegal content, incomplete question...
Question