ExamGecko
Login
Home / Cisco / 300-730 / List of questions
Ask Question

Cisco 300-730 Practice Test - Questions Answers, Page 7

Add to Whishlist

List of questions

Question 61

Report Export Collapse

An engineer has integrated a new DMVPN to link remote offices across the internet using Cisco IOS routers. When connecting to remote sites, pings and voice data appear to flow properly, and all tunnel stats show that they are up.

However, when trying to connect to a remote server using RDP, the connection fails. Which action resolves this issue?

Adjust the MTU size within the routers.

Adjust the MTU size within the routers.

Add RDP port to the extended ACL.

Add RDP port to the extended ACL.

Replace certificate on the RDP server.

Replace certificate on the RDP server.

Change DMVPN timeout values.

Change DMVPN timeout values.

Suggested answer: A
asked 10/10/2024
Rakesh Prasad
30 questions

Question 62

Report Export Collapse

Where must an engineer configure a preshared key for a site-to-site VPN tunnel configured on a Cisco ASA?

isakmp policy

isakmp policy

group policy

group policy

crypto map

crypto map

tunnel group

tunnel group

Suggested answer: D
asked 10/10/2024
Matthew Wunder
44 questions

Question 63

Report Export Collapse

A network engineer has been tasked with configuring SSL VPN to provide remote users with access to the corporate network. Traffic destined to the enterprise IP range should go through the tunnel, and all other traffic should go directly to the Internet. Which feature should be configured to achieve this?

U-turning

U-turning

hairpinning

hairpinning

split-tunnel

split-tunnel

dual-homing

dual-homing

Suggested answer: C
asked 10/10/2024
Wasawatt Ch
42 questions

Question 64

Report Export Collapse

A network engineer must design a remote access solution to allow contractors to access internal servers. These contractors do not have permissions to install applications on their computers. Which VPN solution should be used in this design?

IKEv2 AnyConnect

IKEv2 AnyConnect

Clientless

Clientless

Port forwarding

Port forwarding

SSL AnyConnect

SSL AnyConnect

Suggested answer: B
asked 10/10/2024
Andrea Chichiarelli
43 questions

Question 65

Report Export Collapse

Refer to the exhibit.

Cisco 300-730 image Question 65 114583 10102024232758000000

Which type of Cisco VPN is shown for group Cisc012345678?

Cisco AnyConnect Client VPN

Cisco AnyConnect Client VPN

DMVPN

DMVPN

Clientless SSLVPN

Clientless SSLVPN

GETVPN

GETVPN

Suggested answer: A
asked 10/10/2024
Houshang Ardekani
43 questions

Question 66

Report Export Collapse

Which command shows the smart default configuration for an IPsec profile?

show run all crypto ipsec profile

show run all crypto ipsec profile

ipsec profile does not have any smart default configuration

ipsec profile does not have any smart default configuration

show smart-defaults ipsec profile

show smart-defaults ipsec profile

show crypto ipsec profile default

show crypto ipsec profile default

Suggested answer: D
Explanation:

The following table lists the commands that are enabled with the IKEv2 Smart Defaults feature, alongwith the default values....Device# show crypto ipsec profile defaultIPSEC profile defaultSecurity association lifetime: 4608000 kilobytes/3600 secondsResponder-Only (Y/N): NPFS (Y/N): NTransform sets={default: { esp-aes esp-sha-hmac },}https://www.cisco.com/c/en/us/td/docs/ios-xml/ios/sec_conn_ike2vpn/configuration/xe-3s/sec-flex-vpn-xe-3s-book/sec-cfg-ikev2-flex.htm

asked 10/10/2024
Eric Hebert
41 questions

Question 67

Report Export Collapse

Refer to the exhibit.

Cisco 300-730 image Question 67 114585 10102024232758000000

The DMVPN spoke is not establishing a session with the hub. Which two actions resolve this issue?

(Choose two.)

Change the spoke nhs to 172.16.18.1 and the nbma to 10.0.0.1.

Change the spoke nhs to 172.16.18.1 and the nbma to 10.0.0.1.

Change the transform set to mode tunnel.

Change the transform set to mode tunnel.

Change the ISAKMP policy authentication on the spoke to pre-shared.

Change the ISAKMP policy authentication on the spoke to pre-shared.

Change the ISAKMP key address on the spoke to 0.0.0.0.

Change the ISAKMP key address on the spoke to 0.0.0.0.

Change the nhrp authentication key on the spoke to cisco123.

Change the nhrp authentication key on the spoke to cisco123.

Suggested answer: C, E
asked 10/10/2024
fritz villanueva
51 questions

Question 68

Report Export Collapse

Refer to the exhibit.

Cisco 300-730 image Question 68 114586 10102024232758000000

A network engineer is configuring a remote access SSLVPN and is unable to complete the connection using local credentials. What must be done to remediate this problem?

Enable the client protocol in the Cisco AnyConnect profile.

Enable the client protocol in the Cisco AnyConnect profile.

Configure a AAA server group to authenticate the client.

Configure a AAA server group to authenticate the client.

Change the authentication method to local.

Change the authentication method to local.

Configure the group policy to force local authentication.

Configure the group policy to force local authentication.

Suggested answer: A
asked 10/10/2024
Prakash Varghese
41 questions

Question 69

Report Export Collapse

Which two NHRP functions are specific to DMVPN Phase 3 implementation? (Choose two.)

registration reply

registration reply

redirect

redirect

resolution reply

resolution reply

registration request

registration request

resolution request

resolution request

Suggested answer: B, C
Explanation:

NHRP redirect is a function that allows the hub to inform the source spoke of a better path to reach thedestination spoke, by sending an NHRP redirect message containing the IP address of the destinationspoke.This triggers the source spoke to send an NHRP resolution request to the destination spoke, inorder to establish a direct spoke-to-spoke tunnel1.NHRP resolution reply is a function that allows the destination spoke to respond to the NHRP resolutionrequest from the source spoke, by sending an NHRP resolution reply containing its own IP address andthe IP address of the source spoke.This confirms the establishment of the direct spoke-to-spoke tunnel,and also allows the destination spoke to create a reciprocal tunnel to the source spoke2.These two functions are specific to DMVPN Phase 3, because they enable spoke-to-spokecommunication without requiring a dynamic routing protocol or going through the hub.In DMVPN Phase1 and Phase 2, NHRP registration request, registration reply, and resolution request are also used, butthey have different purposes and effects3.

asked 10/10/2024
Armindo Malafaia Neto
40 questions

Question 70

Report Export Collapse

A network engineer must implement an SSLVPN Cisco AnyConnect solution that supports 500 concurrent users, ensures all traffic from the client passes through the ASA, and allows users to access all devices on the inside interface subnet

(192.168.0.0/24). Assuming all other configuration is set up appropriately, which configuration implements this solution?

Cisco 300-730 image Question 70 114588 10102024232758000000

Option A

Option A

Option B

Option B

Option C

Option C

Option D

Option D

Suggested answer: A
Explanation:

ensures all traffic from the client passes through the ASA' that is one of the requirements. Meaning alltraffic should pass through the tunnel, I know they mention 192.168.0.0 network but that is just toconfuse

asked 10/10/2024
Joe Pardee
58 questions
Total 175 questions
Go to page: of 18
Search
Open VPLUS File
Convert VPLUS to PDF

Related questions

Refer to the exhibit. The IKEv2 site-to-site VPN tunnel between two routers is down. Based on the debug output, which type of mismatch is the problem?
Which two NHRP functions are specific to DMVPN Phase 3 implementation? (Choose two.)
A company's remote locations connect to the data centers via MPLS. A new request requires that unicast and multicast traffic that exits in the remote locations be encrypted. Which non-tunneled technology should be used to satisfy this requirement?
A DMVPN spoke is configured with IKEv1 to secure the tunnel. Despite having a configuration similar to other working spokes, the tunnel is not coming up. Packet captures on the spoke show packets leaving the spoke router, but not making it to the hub router. Which solution resolves this issue?
Which feature allows a DMVPN Phase 3 spoke to switch to an alternate hub when the primary hub is unreachable?
Which two features provide headend resiliency for Cisco AnyConnect clients? (Choose two.)
What must be configured in a FlexVPN deployment to allow for direct communication between spokes connected to different hubs?
Which two statements about the Cisco ASA Clientless SSL VPN solution are true? (Choose two.)
A Cisco AnyConnect client establishes a SSL VPN connection with an ASA at the corporate office. An engineer must ensure that the client computer meets the enterprise security policy. Which feature can update the client to meet an enterprise security policy?
An administrator is designing a VPN with a partner's non-Cisco VPN solution. The partner's VPN device will negotiate an IKEv2 tunnel that will only encrypt subnets 192.168.0.0/24 going to 10.0.0.0/24. Which technology must be used to meet these requirements?