Ask Question
Cisco 300-730 Practice Test - Questions Answers, Page 6
Add to Whishlist
List of questions
Question 51
Which parameter must match on all routers in a DMVPN Phase 3 cloud?
GRE tunnel key
NHRP network ID
tunnel VRF
EIGRP split-horizon setting
NHRP network IDs are locally significant and can be different. It makes sense from a deployment andmaintenance perspective to use unique network ID numbers (using the ip nhrp network-id command)across all routers in a DMVPN network, but it is not necessary that they be the same.https://www.cisco.com/c/en/us/td/docs/ios-xml/ios/sec_conn_dmvpn/configuration/15-mt/sec-conn-dmvpn-15-mt-book/sec-conn-dmvpn-dmvpn.html
Question 52
Which parameter is initially used to elect the primary key server from a group of key servers?
code version
highest IP address
highest-priority value
lowest IP address
Reference: https://www.cisco.com/c/en/us/products/collateral/security/group-encrypted-transportvpn/deployment_guide_c07_554713.html
Question 53
A Cisco ASA is configured in active/standby mode. What is needed to ensure that Cisco AnyConnect users can connect after a failover event?
AnyConnect images must be uploaded to both failover ASA devices.
The vpnsession-db must be cleared manually.
Configure a backup server in the XML profile.
AnyConnect client must point to the standby IP address.
Reference:
https://www.cisco.com/c/en/us/td/docs/security/asa/asa90/configuration/guide/asa_90_cli_config/ha_active_standby.html
Question 54
Which benefit of FlexVPN is a limitation of DMVPN using IKEv1?
GRE encapsulation allows for forwarding of non-IP traffic.
IKE implementation can install routes in routing table.
NHRP authentication provides enhanced security.
Dynamic routing protocols can be configured.
Question 55
What is a requirement for smart tunnels to function properly?
Java or ActiveX must be enabled on the client machine.
Applications must be UDP.
Stateful failover must not be configured.
The user on the client machine must have admin access.
Reference: https://www.cisco.com/c/en/us/support/docs/security/asa-5500-x-series-nextgeneration-firewalls/111007-smart-tunnel-asa-00.html
Question 56
Where is split tunneling defined for IKEv2 remote access clients on a Cisco router?
IKEv2 authorization policy
Group Policy
virtual template
webvpn context
https://www.cisco.com/c/en/us/support/docs/routers/3600-series-multiservice-platforms/91193-rtr-ipsec-internet-connect.html
Question 57
Which technology is used to send multicast traffic over a site-to-site VPN?
GRE over IPsec on IOS router
GRE over IPsec on FTD
IPsec tunnel on FTD
GRE tunnel on ASA
https://www.cisco.com/c/en/us/support/docs/security-vpn/ipsec-negotiation-ike-protocols/216276-configure-route-based-site-to-site-vpn-t.html#anc6
Question 58
Which feature of GETVPN is a limitation of DMVPN and FlexVPN?
sequence numbers that enable scalable replay checking
enabled use of ESP or AH
design for use over public or private WAN
no requirement for an overlay routing protocol
Question 59
Refer to the exhibit.
Cisco AnyConnect must be set up on a router to allow users to access internal servers 192.168.0.10 and 192.168.0.11. All other traffic should go out of the client's local NIC. Which command accomplishes this configuration?
svc split include 192.168.0.0 255.255.255.0
svc split exclude 192.168.0.0 255.255.255.0
svc split include acl CCNP
svc split exclude acl CCNP
https://www.cisco.com/c/en/us/support/docs/security/anyconnect-secure-mobility-client/200533-AnyConnect-Configure-Basic-SSLVPN-for-I.html
Question 60
An engineer is configuring clientless SSL VPN. The finance department has a database server that only they should access, but the sales department can currently access it. The finance and the sales departments are configured as separate group-policies. What must be added to the configuration to make sure the users in the sales department cannot access the finance department server?
tunnel group lock
smart tunnel
port forwarding
webtype ACL
https://www.cisco.com/c/en/us/td/docs/security/asa/asa92/configuration/general/asa-generalcli/acl-webtype.pdf
Related questions
Export
If you didn't receive an email within 5 minutes, you should submit a support request to [email protected].
|
BASIC - 1 Month
$
3
Full latest questions
No CAPTCHA
New Updates
Export to VPLUS
Export to PDF - All questions
Team support
|
PLUS - 2 Months
$
15
Full latest questions
No CAPTCHA
New Updates
Export to VPLUS
Export to PDF - All questions
Team support
|
PRO - 6 Months
$
40
Full latest questions
No CAPTCHA
New Updates
Export to VPLUS
Export to PDF - All questions
Team support
|
Full latest questions
No CAPTCHA
New Updates
Export to VPLUS
Export to PDF - All questions
Team support
Full latest questions
No CAPTCHA
New Updates
Export to VPLUS
Export to PDF - All questions
Team support
Full latest questions
No CAPTCHA
New Updates
Export to VPLUS
Export to PDF - All questions
Team support
Selling illegal goods, money scams etc.
Serious attack on a group.
Harassing an individual (including doxing)
Threatening or glorifying violence or serious harm, including self-harm
Nudity/Sexual content
Sexually explicit or suggestive imagery or writing involving minors
Sexually explicit or suggestive imagery or writing involving non-consenting adults or non-humans
Reusing content without attribution (link and blockquotes)
Not in English or has very bad formatting, grammar, and spelling
Author's credential is offensive, spam, or impersonation
Ex. Illegal content, incomplete question...
Question