최신 300-730 무료덤프 - Cisco Implementing Secure Solutions with Virtual Private Networks

문제1

Which VPN solution uses TBAR?

A. VTI

B. GETVPN

C. DMVPN

D. Cisco AnyConnect

정답: B

설명: (DumpTOP 회원만 볼 수 있음)

문제2

Which requirement is needed to use local authentication for Cisco AnyConnect Secure Mobility Clients that connect to a FlexVPN server?

A. EAP query-identity

B. AnyConnect profile

C. EAP-AnyConnect

D. use of certificates instead of username and password

정답: B

설명: (DumpTOP 회원만 볼 수 있음)

문제3

Refer to the exhibit. A network engineer is configuring a remote access SSLVPN and is unable to complete the connection using local credentials. What must be done to remediate this problem?

A. Change the authentication method to local.

B. Enable the client protocol in the Cisco AnyConnect profile.

C. Configure a AAA server group to authenticate the client.

D. Configure the group policy to force local authentication.

정답: B

문제4

Over the weekend, an administrator upgraded the Cisco ASA image on the firewalls and noticed that users cannot connect to the headquarters site using Cisco AnyConnect.
What is the solution for this issue?

A. Upgrade the Cisco AnyConnect client version to be compatible with the Cisco ASA software image.

B. Upgrade the Cisco AnyConnect client driver to be compatible with the Cisco ASA software image.

C. Upgrade the Cisco AnyConnect Network Access module to be compatible with the Cisco ASA software image.

D. Upgrade the Cisco AnyConnect Start Before Logon module to be compatible with the Cisco ASA software image.

정답: A

설명: (DumpTOP 회원만 볼 수 있음)

문제5

Cisco AnyConnect clients need to transfer large files over the VPN sessions. Which protocol provides the best throughput?

A. L2TP

B. SSL/TLS

C. DTLS

D. IPsec IKEv1

정답: C

문제6

A network engineer is setting up a clientless SSLVPN on a Cisco ASA. Remote users must be able to access an internal webserver via the URL example.com. Which two steps accomplish this task? (Choose two.)

A. Configure a browser plugin on the Cisco ASA.

B. Configure a DNS server that can resolve the webserver URL.

C. Configure routing so that the user's computer can reach the webserver.

D. Configure a bookmark for the webserver.

E. Configure routing so that the Cisco ASA can reach the webserver.

정답: B,D

설명: (DumpTOP 회원만 볼 수 있음)

문제7

Which configuration construct must be used in a FlexVPN tunnel?

A. IKEv2 profile

B. multipoint GRE tunnel interface

C. IKEv1 policy

D. EAP configuration

정답: A

문제8

Refer to the exhibit. Which type of VPN is used?

A. clientless SSL VPN

B. GETVPN

C. Cisco Easy VPN

D. Cisco AnyConnect SSL VPN

정답: C

설명: (DumpTOP 회원만 볼 수 있음)

문제9

Which VPN does VPN load balancing on the ASA support?

A. VTI

B. L2TP over IPsec

C. Cisco AnyConnect

D. IPsec site-to-site tunnels

정답: C

문제10

Refer to the exhibit. Given the output of the show ip route command, which remote access VPN technology is in use?

A. FlexVPN

B. DMVPN

C. Reverse Route Injection

D. Dynamic Crypto Map

정답: A

문제11

Refer to the exhibit. The network security engineer identified that the hub router cannot send traffic to the spoke router. Based on the provided output, which action resolves the issue?

A. Adjust the ip nhrp network-id command on the hub router.

B. Permit UDP ports 500 and 4500 between the hub and spoke.

C. Correct the next hop server IP address on the spoke router.

D. Ensure the preshared key on the hub-and-spoke router matches.

정답: C

문제12

Refer to the exhibit. The customer can establish a Cisco AnyConnect connection without using an XML profile. When the host "ikev2" is selected in the AnyConnect drop down, the connection fails.
What is the cause of this issue?

A. Primary protocol should be SSL.

B. The HostName is incorrect.

C. UserGroup must match connection profile.

D. The IP address is incorrect.

정답: C

설명: (DumpTOP 회원만 볼 수 있음)

문제13

문제14

Regarding licensing, which option will allow IKEv2 connections on the adaptive security appliance?

A. IKEv2 sessions are not licensed.

B. AnyConnect Essentials can be used for Cisco AnyConnect IKEv2 connections.

C. Cisco AnyConnect Mobile must be installed to allow AnyConnect IKEv2 sessions.

D. The Advanced Endpoint Assessment license must be installed to allow Cisco AnyConnect IKEv2 sessions.

정답: B

문제15

Refer to the exhibit. Which type of mismatch is causing the problem with the IPsec VPN tunnel?

A. transform set

B. Phase 1 policy

C. crypto access list

D. preshared key

정답: D

설명: (DumpTOP 회원만 볼 수 있음)

문제16

An administrator is setting up AnyConnect for the first time for a few users. Currently, the router does not have access to a RADIUS server. Which AnyConnect protocol must be used to allow users to authenticate?

A. EAP-MSCHAPv2

B. EAP-AnyConnect

C. EAP-MD5

D. EAP-GTC

정답: B

문제17

When deploying a site-to-site VPN, what must be used to minimize IP fragmentation?

A. IKE version 1

B. ISAKMP over UDP 500

C. Dead Peer Detection

D. Path MTU Discovery

정답: D

문제18

Refer to the exhibit. Which action must be taken on the IPsec tunnel configuration to resolve the issue?

A. The transform set on each peer must be compatible.

B. The access lists on each peer must be identical.

C. The access lists on each peer must mirror each other.

D. The transform set on each peer must match.

정답: C

문제19

Which feature allows a DMVPN Phase 3 spoke to switch to an alternate hub when the primary hub is unreachable?

A. per-tunnel jitter probes

B. NHRP shortcut

C. backup NHS

D. multicast PIM

정답: C

설명: (DumpTOP 회원만 볼 수 있음)

문제20

A network engineer must expand a company's Cisco AnyConnect solution. Currently, a Cisco ASA is set up in North America and another will be installed in Europe with a different IP address.
Users should connect to the ASA that has the lowest Round Trip Time from their network location as measured by the AnyConnect client. Which solution must be implemented to meet this requirement?

A. Optimal Gateway Selection

B. VPN Load Balancing

C. IP SLA

D. DNS Load Balancing

정답: A

설명: (DumpTOP 회원만 볼 수 있음)

최신 300-730 무료덤프 - Cisco Implementing Secure Solutions with Virtual Private Networks

우리와 연락하기

유용한 링크

최신 업데이트