Home

Home / Cisco / 300-730

Question list

List of questions

Question 1

(0)

A second set of traffic selectors is negotiated between two peers using IKEv2. Which IKEv2 packet will contain details of the exchange?

Question 2

(0)

Refer to the exhibit. The DMVPN tunnel is dropping randomly and no tunnel protection is configured. Which spoke configuration mitigates tunnel drops?

Question 3

(0)

On a FlexVPN hub-and-spoke topology where spoke-to-spoke tunnels are not allowed, which command is needed for the hub to be able to terminate FlexVPN tunnels?

Question 4

(0)

Which statement about GETVPN is true?

Question 5

(0)

Refer to the exhibit. Which two tunnel types produce the show crypto ipsec sa output seen in the exhibit? (Choose two.)

Question 6

(0)

Which two changes must be made in order to migrate from DMVPN Phase 2 to Phase 3 when EIGRP is configured? (Choose two.)

Question 7

(0)

Refer to the exhibit. A customer cannot establish an IKEv2 site-to-site VPN tunnel between two Cisco ASA devices. Based on the syslog message, which action brings up the VPN tunnel?

Question 8

(0)

Which two parameters help to map a VPN session to a tunnel group without using the tunnel-group list? (Choose two.)

Question 9

(0)

Which method dynamically installs the network routes for remote tunnel endpoints?

Question 10

(0)

Which command identifies a Cisco AnyConnect profile that was uploaded to the flash of an IOS router?

Open VPLUS File

Convert VPLUS to PDF

Related questions

Refer to the exhibit. The IKEv2 site-to-site VPN tunnel between two routers is down. Based on the debug output, which type of mismatch is the problem?

A DMVPN spoke is configured with IKEv1 to secure the tunnel. Despite having a configuration similar to other working spokes, the tunnel is not coming up. Packet captures on the spoke show packets leaving the spoke router, but not making it to the hub router. Which solution resolves this issue?

Cisco AnyConnect Secure Mobility Client has been configured to use IKEv2 for one group of users and SSL for another group. When the administrator configures a new AnyConnect release on the Cisco ASA, the IKEv2 users cannot download it automatically when they connect. What might be the problem?

Refer to the exhibit. An engineer must allow Cisco AnyConnect users to access the outside interface using protocol UDP 500/4500. In addition, these clients must be able to establish an SSL connection to update Cisco AnyConnect software over the same connection. Which two actions must be taken to achieve this goal? (Choose two.)

An engineer has successfully established a Phase 1 and Phase 2 tunnel between two sites. Site A has internal subnet 192.168.0.0/24 and Site B has internal subnet 10.0.0.0/24. The engineer notices that no packets are decrypted at Site B. Pings to 192.168.0.1 from internal Site B devices make it to the Site B router, and the Site A router has incrementing encrypt and decrypt counters. What must be done to ensure bidirectional communication between both sites?

What must be configured in a FlexVPN deployment to allow for direct communication between spokes connected to different hubs?

What are two advantages of using GETVPN to traverse over the network between corporate offices? (Choose two.)

Which feature allows a DMVPN Phase 3 spoke to switch to an alternate hub when the primary hub is unreachable?

An administrator is planning a VPN configuration that will encrypt traffic between multiple servers that will be passing unicast and multicast traffic. This configuration must be able to be implemented without the need to modify routing within the network. Which VPN technology must be used for this task?

Users cannot log in to a Cisco ASA using clientless SSLVPN. Troubleshooting reveals the error message "WebVPN session terminated: Client type not supported". Which step does the administrator take to resolve this issue?

Question 60 - 300-730 discussion

Report

An engineer is configuring clientless SSL VPN. The finance department has a database server that only they should access, but the sales department can currently access it. The finance and the sales departments are configured as separate group-policies. What must be added to the configuration to make sure the users in the sales department cannot access the finance department server?

A.

tunnel group lock

B.

smart tunnel

C.

port forwarding

D.

webtype ACL

Show Answer

asked 10/10/2024

Brandy Butman

34 questions

User

Your answer: A B C D

0 comments

Sorted by

Leave a comment first