최신 300-730 무료덤프 - Cisco Implementing Secure Solutions with Virtual Private Networks

문제1

An engineer must design a remote access VPN solution that meet these requirements:
- supports use by telecommuters on the go
- encrypts user connections to the corporate network by using TLS-based tunnels
- is client-based
Which VPN technology must be used?

A. Dynamic Multipoint VPN

B. Secure Client SSL VPN

C. GET VPN

D. Clientless SSL VPN

정답: B

설명: (DumpTOP 회원만 볼 수 있음)

문제2

Refer to the exhibit. An engineer has configured two new VPN tunnels to 172.18.1.1 and
172.19.1.1. However, communication between 10.1.0.10 and 10.1.11.10 does not function.
Which action should be taken to resolve this issue?

A. Adjust the network objects to match the appropriate subnets.

B. Modify the transform set to use transport mode.

C. Insert routes for the 10.1.9.0/24 and 10.1.10.0/24 subnets.

D. Remove and reapply the crypto map to the interface.

정답: A

문제3

An engineer must configure remote desktop connectivity for offsite admins via clientless SSL VPN, configured on a Cisco ASA to Windows Vista workstations. Which two configurations provide the requested access? (Choose two.)

A. SSH bookmark via the SSH plugin

B. RDP2 bookmark via the RDP2 plugin

C. VNC bookmark via the VNC plugin

D. Telnet bookmark via the Telnet plugin

E. Citrix bookmark via the ICA plugin

정답: B,C

설명: (DumpTOP 회원만 볼 수 있음)

문제4

Refer to the exhibit. Which VPN technology is used in the exhibit?

A. VTI

B. DVTI

C. GRE

D. DMVPN

정답: A

설명: (DumpTOP 회원만 볼 수 있음)

문제5

Refer to the exhibit. Based on the exhibit, why are users unable to access CCNP Webserver bookmark?

A. The bookmark has been disabled.

B. The user cannot access the URL.

C. The ASA cannot resolve the URL.

D. The URL is being blocked by a WebACL.

정답: C

설명: (DumpTOP 회원만 볼 수 있음)

문제6

Refer to the exhibit. Which type of VPN is used?

A. clientless SSL VPN

B. GETVPN

C. Cisco Easy VPN

D. Cisco AnyConnect SSL VPN

정답: C

설명: (DumpTOP 회원만 볼 수 있음)

문제7

An administrator is designing a VPN with a partner's non-Cisco VPN solution. The partner's VPN device will negotiate an IKEv2 tunnel that will only encrypt subnets 192.168.0.0/24 going to
10.0.0.0/24. Which technology must be used to meet these requirements?

A. crypto map

B. VTI

C. GETVPN

D. DMVPN

정답: A

문제8

Refer to the exhibit. A network security administrator receives this error message after configuring a site-to-site IPsec VPN between two sites What is the solution to this problem?

A. IPsec policy must match between sites.

B. ISAKMP policy must match between sites.

C. Crypto map must be applied to correct interface.

D. Transport set must match between sites.

정답: C

설명: (DumpTOP 회원만 볼 수 있음)

문제9

Which type of VPN technology is being used when the ssl trust-point <trustpoint name>
<interface name> command is configured?

A. IPsec site-to-site VPN

B. GETVPN

C. SSL Remote Access VPN

D. DMVPN

정답: C

설명: (DumpTOP 회원만 볼 수 있음)

문제10

Under which section must a bookmark or URL list be configured on a Cisco ASA to be available for clientless SSLVPN users?

A. tunnel-group (webvpn-attributes)

B. webvpn (global configuration)

C. tunnel-group (general-attributes)

D. webvpn (group-policy)

정답: D

설명: (DumpTOP 회원만 볼 수 있음)

문제11

What action does the hub take when it receives a NHRP resolution request from a spoke for a network that exists behind another spoke?

A. The hub waits for the second spoke to send a request so that it can respond to both spokes.

B. The hub sends back a resolution reply to the requesting spoke.

C. The hub forwards the request to the destination spoke.

D. The hub updates its own NHRP mapping.

정답: C

문제12

Refer to the exhibit. A company has been using SAML to authenticate their clientless SSLVPN users. After about a year of uptime in production, users begin to experience issues authenticating. Based on the collected debugs, which action resolves the issue?

A. Replace the expired IdP signing certificate with a valid one.

B. Ensure that the ASA and IdP are synchronized to a NTP server.

C. Verify that the IdP is using the SAML-attribute NameID.

D. Increase the SAML Request Timeout value on the ASA.

정답: B

문제13

Refer to the exhibit. A network administrator is setting up a phone VPN on a Cisco ASA. The phone cannot connect and the error is presented in a debug on the Cisco ASA. Which action fixes this issue?

A. Configure the Cisco ASA to present an RSA certificate to the phone for authentication.

B. Disable Cisco Secure Desktop under the connection profile VPNPhone.

C. Install the posture module on the Cisco ASA.

D. Enable web-deploy of the posture module so that the module can be downloaded from the Cisco ASA to an IP phone.

정답: B

설명: (DumpTOP 회원만 볼 수 있음)

문제14

A network engineer must configure the Cisco ASA so that Cisco AnyConnect clients establishing an SSL VPN connection create an additional tunnel for real-time traffic that is sensitive to packet delays. If this additional tunnel experiences any issues, it must fall back to a TLS connection.
Which two Cisco AnyConnect features must be configured to accomplish this task? (Choose two.)

A. DPD

B. SSL Rekey

C. DTLS

D. OMTU

E. DSCP Preservation

정답: A,C

설명: (DumpTOP 회원만 볼 수 있음)

최신 300-730 무료덤프 - Cisco Implementing Secure Solutions with Virtual Private Networks

우리와 연락하기

유용한 링크

최신 업데이트