Tag - 300-730 exam

Which technology works with IPsec stateful failover?A . GLBRB . HSRPC . GRED . VRRPView AnswerAnswer: B Explanation: HSRP (Hot Standby Router Protocol). HSRP is a Cisco proprietary protocol that provides stateful failover for IPsec virtual private networks (VPNs). It is used to create a virtual router in order to...

Refer to the exhibit. An SSL client is connecting to an ASA headend. The session fails with the message “Connection attempt has timed out. Please verify Internet connectivity.” Based on how the packet is processed, which phase is causing the failure?A . phase 9: rpf-checkB . phase 5: NATC ....

DRAG DROP Drag and drop the correct commands from the night onto the blanks within the code on the left to implement a design that allow for dynamic spoke-to-spoke communication. Not all comments are used. View AnswerAnswer: Explanation: Reference: https://www.cisco.com/c/en/us/td/docs/ios-xml/ios/sec_conn_dmvpn/configuration/xe-16/sec-conn-dmvpn-xe-16-book/sec-conn-dmvpn-summ-maps.html

Refer to the exhibit. Client 1 cannot communicate with client 2. Both clients are using Cisco AnyConnect and have established a successful SSL VPN connection to the hub ASA. Which command on the ASA is missing? A. dns-server value 10.1.1.2 B. same-security-traffic permit intra-interface C. same-security-traffic permit inter-interface D. dns-server...

Refer to the exhibit. Based on the exhibit, why are users unable to access CCNP Webserver bookmark?A . The URL is being blocked by a WebACL.B . The ASA cannot resolve the URL.C . The bookmark has been disabled.D . The user cannot access the URL.View AnswerAnswer: B Explanation: https://community.cisco.com/t5/network-security/missing-ssl-vpn-bookmarks/td-p/1597023

Which method dynamically installs the network routes for remote tunnel endpoints?A . policy-based routingB . CEFC . reverse route injectionD . route filteringView AnswerAnswer: C Explanation: Reverse route injection (RRI) is a method that dynamically installs the network routes for remote tunnel endpoints. The RRI feature allows the router to...

Which two parameters help to map a VPN session to a tunnel group without using the tunnel-group list? (Choose two.)A . group-aliasB . certificate mapC . optimal gateway selectionD . group-urlE . AnyConnect client versionView AnswerAnswer: AD Explanation: https://www.cisco.com/c/en/us/support/docs/security/asa-5500-x-series-next-generation-firewalls/98580-enable-group-dropdown.html

Which technology is used to send multicast traffic over a site-to-site VPN?A . GRE over IPsec on IOS routerB . GRE over IPsec on FTDC . IPsec tunnel on FTDD . GRE tunnel on ASAView AnswerAnswer: A Explanation: https://www.cisco.com/c/en/us/support/docs/security-vpn/ipsec-negotiation-ike-protocols/216276-configure-route-based-site-to-site-vpn-t.html#anc6

Refer to the exhibit. The customer can establish a Cisco AnyConnect connection without using an XML profile. When the host "ikev2" is selected in the AnyConnect drop down, the connection fails. What is the cause of this issue?A . The HostName is incorrect.B . The IP address is incorrect.C ....

Which VPN solution uses TBAR?A . GETVPNB . VTIC . DMVPND . Cisco AnyConnectView AnswerAnswer: A Explanation: Reference: https://www.cisco.com/c/en/us/td/docs/ios-xml/ios/sec_conn_getvpn/configuration/xe-3s/sec-get-vpn-xe-3s-book/sec-get-vpn.html