Tag - 300-730 exam

Which benefit of FlexVPN is a limitation of DMVPN using IKEv1?A . GRE encapsulation allows for forwarding of non-IP traffic.B . IKE implementation can install routes in routing table.C . NHRP authentication provides enhanced security.D . Dynamic routing protocols can be configured.View AnswerAnswer: B Explanation: https://www.cisco.com/c/en/us/td/docs/ios-xml/ios/sec_conn_ike2vpn/configuration/15-mt/sec-flex-vpn-15-mt-book/sec-flex-spoke.html

Refer to the exhibit. The customer must launch Cisco AnyConnect in the RDP machine. Which IOS configuration accomplishes this task? A) B) C) D) A . Option AB . Option BC . Option CD . Option DView AnswerAnswer: C Explanation: Reference: https://community.cisco.com/t5/vpn/starting-anyconnect-vpn-through-rdp-session-on-cisco-891/td-p/2128284

Where is split tunneling defined for IKEv2 remote access clients on a Cisco router?A . IKEv2 authorization policyB . Group PolicyC . virtual templateD . webvpn contextView AnswerAnswer: A Explanation: https://www.cisco.com/c/en/us/support/docs/routers/3600-series-multiservice-platforms/91193-rtr-ipsec-internet-connect.html

Which parameter is initially used to elect the primary key server from a group of key servers?A . code versionB . highest IP addressC . highest-priority valueD . lowest IP addressView AnswerAnswer: C Explanation: Reference: https://www.cisco.com/c/en/us/products/collateral/security/group-encrypted-transport-vpn/deployment_guide_c07_554713.html

Refer to the exhibit. A customer cannot establish an IKEv2 site-to-site VPN tunnel between two Cisco ASA devices. Based on the syslog message, which action brings up the VPN tunnel? A. Reduce the maximum SA limit on the local Cisco ASA. B. Increase the maximum in-negotiation SA limit on the...

A Cisco AnyConnect client establishes a SSL VPN connection with an ASA at the corporate office. An engineer must ensure that the client computer meets the enterprise security policy. Which feature can update the client to meet an enterprise security policy?A . Endpoint AssessmentB . Cisco Secure DesktopC . Basic...

Refer to the exhibit. The IKEv2 site-to-site VPN tunnel between two routers is down. Based on the debug output, which type of mismatch is the problem?A . preshared keyB . peer identityC . transform setD . ikev2 proposalView AnswerAnswer: B

What are two functions of ECDH and ECDSA? (Choose two.)A . nonrepudiationB . revocationC . digital signatureD . key exchangeE . encryptionView AnswerAnswer: CD Explanation: Reference: https://tools.cisco.com/security/center/resources/next_generation_cryptography

Refer to the exhibit. Which value must be configured in the User Group field when the Cisco AnyConnect Profile is created to connect to an ASA headend with IPsec as the primary protocol?A . address-poolB . group-aliasC . group-policyD . tunnel-groupView AnswerAnswer: D Explanation: The user group is used in...

Which two features provide headend resiliency for Cisco AnyConnect clients? (Choose two.)A . AnyConnect Auto ReconnectB . AnyConnect Network Access ManagerC . AnyConnect Backup ServersD . ASA failoverE . AnyConnect Always OnView AnswerAnswer: CD Explanation: According to the Implementing Secure Solutions with Virtual Private Networks (SVPN) documents and learning resources...