ExamGecko
Login
Home / Cisco / 300-730 / List of questions
Ask Question

Cisco 300-730 Practice Test - Questions Answers, Page 5

Add to Whishlist

List of questions

Question 41

Report Export Collapse

Which technology works with IPsec stateful failover?

GLBR

GLBR

HSRP

HSRP

GRE

GRE

VRRP

VRRP

Suggested answer: B
Explanation:

HSRP (Hot Standby Router Protocol). HSRP is a Cisco proprietary protocol that provides stateful failover for IPsec virtual private networks (VPNs). It is used to create a virtual router in order to provide redundancy in the event of an IPsec VPN failure. HSRP works by assigning a single primary router to manage the connection and forwarding traffic to the secondary router if the primary router fails.

asked 10/10/2024
hotthefish shark
39 questions

Question 42

Report Export Collapse

What are two functions of ECDH and ECDSA? (Choose two.)

nonrepudiation

nonrepudiation

revocation

revocation

digital signature

digital signature

key exchange

key exchange

encryption

encryption

Suggested answer: C, D
Explanation:

Reference: https://tools.cisco.com/security/center/resources/next_generation_cryptography

asked 10/10/2024
Ubeydullah Kara
41 questions

Question 43

Report Export Collapse

What uses an Elliptic Curve key exchange algorithm?

ECDSA

ECDSA

ECDHE

ECDHE

AES-GCM

AES-GCM

SHA

SHA

Suggested answer: B
Explanation:

Reference: https://blog.cloudflare.com/a-relatively-easy-to-understand-primer-on-elliptic-curvecryptography/

asked 10/10/2024
Michael Geary
42 questions

Question 44

Report Export Collapse

Which two remote access VPN solutions support SSL? (Choose two.)

FlexVPN

FlexVPN

clientless

clientless

EZVPN

EZVPN

L2TP

L2TP

Cisco AnyConnect

Cisco AnyConnect

Suggested answer: B, E
asked 10/10/2024
Alejandro Yepez
51 questions

Question 45

Report Export Collapse

Which VPN solution uses TBAR?

GETVPN

GETVPN

VTI

VTI

DMVPN

DMVPN

Cisco AnyConnect

Cisco AnyConnect

Suggested answer: A
Explanation:

Reference: https://www.cisco.com/c/en/us/td/docs/ios-xml/ios/sec_conn_getvpn/configuration/xe-3s/sec-get- vpn-xe-3s-book/sec-get-vpn.html

asked 10/10/2024
Daniel Ramos
40 questions

Question 46

Report Export Collapse

Which two commands help determine why the NHRP registration process is not being completed even after the IPsec tunnel is up? (Choose two.)

show crypto isakmp sa

show crypto isakmp sa

show ip traffic

show ip traffic

show crypto ipsec sa

show crypto ipsec sa

show ip nhrp traffic

show ip nhrp traffic

show dmvpn detail

show dmvpn detail

Suggested answer: A, D
Explanation:

https://www.cisco.com/c/en/us/support/docs/security/dynamic-multipoint-vpn-dmvpn/111976-dmvpn-troubleshoot-00.html

asked 10/10/2024
Yogen Trikannad
40 questions

Question 47

Report Export Collapse

Refer to the exhibit.

Cisco 300-730 image Question 47 114565 10102024232758000000

All internal clients behind the ASA are port address translated to the public outside interface that has an IP address of 3.3.3.3. Client 1 and client 2 have established successful SSL VPN connections to the ASA. What must be implemented so that "3.3.3.3" is returned from a browser search on the IP address?

Same-security-traffic permit inter-interface under Group Policy


Same-security-traffic permit inter-interface under Group Policy


Exclude Network List Below under Group Policy


Exclude Network List Below under Group Policy


Tunnel All Networks under Group Policy


Tunnel All Networks under Group Policy


Tunnel Network List Below under Group Policy


Tunnel Network List Below under Group Policy


Suggested answer: C
Explanation:

The reason is that by default, the SSL VPN clients use split tunneling, which means they only send trafficdestined for the corporate network through the VPN tunnel, and use their local gateway for other

traffic, such as browsing the internet. This means that when they search for their IP address on abrowser, they will see their local IP address, not the IP address of the ASA.To change this behavior, you need to configure the Group Policy on the ASA to tunnel all networks,which means that all traffic from the SSL VPN clients will go through the VPN tunnel, regardless of thedestination. This way, when they search for their IP address on a browser, they will see the IP address ofthe ASA, which is 3.3.3.3.To configure tunnel all networks under Group Policy, you can use either ASDM or CLI.For example, usingASDM, you can follow these steps1:Choose Configuration > Remote Access VPN > Network (Client) Access > Group Policies.Select the group policy that you want to modify and click Edit.In the Edit Internal Group Policy window, choose Advanced > Split Tunneling.In the Policy drop-down list, choose Tunnel All Networks.Click OK and then Apply.Using CLI, you can enter these commands:ciscoasa(config)# group-policy <group_policy_name> attributes ciscoasa(config-group-policy)# split-tunnel-policy tunnelall

asked 10/10/2024
juan otero
34 questions

Question 48

Report Export Collapse

Cisco AnyConnect clients need to transfer large files over the VPN sessions. Which protocol provides the best throughput?

SSL/TLS

SSL/TLS

L2TP

L2TP

DTLS

DTLS

IPsec IKEv1

IPsec IKEv1

Suggested answer: C
asked 10/10/2024
Ibrahim Ramku
51 questions

Question 49

Report Export Collapse

Refer to the exhibit.

Cisco 300-730 image Question 49 114567 10102024232758000000

Which VPN technology is used in the exhibit?

DVTI

DVTI

VTI

VTI

DMVPN

DMVPN

GRE

GRE

Suggested answer: B
Explanation:

Reference: https://www.cisco.com/c/en/us/td/docs/ios-xml/ios/sec_conn_vpnips/configuration/zZArchive/IPsec_Virtual_Tunnel_Interface.html#GUID-EB8C433B-2394-42B9-997F-B40803E58A91

asked 10/10/2024
Benito Gonzalez
40 questions

Question 50

Report Export Collapse

Which VPN does VPN load balancing on the ASA support?

VTI

VTI

IPsec site-to-site tunnels

IPsec site-to-site tunnels

L2TP over IPsec

L2TP over IPsec

Cisco AnyConnect

Cisco AnyConnect

Suggested answer: D
asked 10/10/2024
Gurdeep Girn
38 questions
Total 175 questions
Go to page: of 18
Open VPLUS File
Convert VPLUS to PDF

Related questions

Refer to the exhibit. The IKEv2 site-to-site VPN tunnel between two routers is down. Based on the debug output, which type of mismatch is the problem?
Which two NHRP functions are specific to DMVPN Phase 3 implementation? (Choose two.)
A company's remote locations connect to the data centers via MPLS. A new request requires that unicast and multicast traffic that exits in the remote locations be encrypted. Which non-tunneled technology should be used to satisfy this requirement?
A DMVPN spoke is configured with IKEv1 to secure the tunnel. Despite having a configuration similar to other working spokes, the tunnel is not coming up. Packet captures on the spoke show packets leaving the spoke router, but not making it to the hub router. Which solution resolves this issue?
Which feature allows a DMVPN Phase 3 spoke to switch to an alternate hub when the primary hub is unreachable?
Which two features provide headend resiliency for Cisco AnyConnect clients? (Choose two.)
What must be configured in a FlexVPN deployment to allow for direct communication between spokes connected to different hubs?
Which two statements about the Cisco ASA Clientless SSL VPN solution are true? (Choose two.)
A Cisco AnyConnect client establishes a SSL VPN connection with an ASA at the corporate office. An engineer must ensure that the client computer meets the enterprise security policy. Which feature can update the client to meet an enterprise security policy?
An administrator is designing a VPN with a partner's non-Cisco VPN solution. The partner's VPN device will negotiate an IKEv2 tunnel that will only encrypt subnets 192.168.0.0/24 going to 10.0.0.0/24. Which technology must be used to meet these requirements?