300-730 Dumps
300-730 Braindumps
300-730 Real Questions
300-730 Practice Test
300-730 dumps free
Cisco
300-730
Implementing Secure Solutions with Virtual Private Networks
http://killexams.com/pass4sure/exam-detail/300-730
QUESTION 50
Refer to the exhibit. Which VPN technology is used in the exhibit?
DVTI
VTI
DMVPN
GRE
Correct Answer: B
Section: Secure Communications Architectures
Reference: https://www.cisco.com/c/en/us/td/docs/ios-xml/ios/sec_conn_vpnips/configuration/zZ-Archive/IPsec_Virtual_Tunnel_Interface.html#GUID-EB8C433B-2394-42B9-997F-B40803E58A91
QUESTION 51
Which VPN does VPN load balancing on the ASA support?
VTI
IPsec site-to-site tunnels
L2TP over IPsec
Cisco AnyConnect
Correct Answer: D
Section: Secure Communications Architectures
QUESTION 52 Which parameter must match on all routers in a DMVPN Phase 3 cloud?
GRE tunnel key
NHRP network ID
tunnel VRF
EIGRP split-horizon setting
Correct Answer: A
Section: Secure Communications Architectures
QUESTION 53 Which parameter is initially used to elect the primary key server from a group of key servers?
code version
highest IP address
highest-priority value
lowest IP address
Correct Answer: C
Section: Secure Communications Architectures
Reference: https://www.cisco.com/c/en/us/products/collateral/security/group-encrypted-transport-vpn/deployment_guide_c07_554713.html
QUESTION 54 A Cisco ASA is configured in active/standby mode. What is needed to ensure that Cisco AnyConnect users can connect after a failover event?
AnyConnect images must be uploaded to both failover ASA devices.
The vpnsession-db must be cleared manually.
Configure a backup server in the XML profile.
AnyConnect client must point to the standby IP address.
Correct Answer: A
Section: Secure Communications Architectures
Reference: https://www.cisco.com/c/en/us/td/docs/security/asa/asa90/configuration/guide/asa_90_cli_config/ha_active_standby.html
QUESTION 55 Which benefit of FlexVPN is a limitation of DMVPN using IKEv1?
GRE encapsulation allows for forwarding of non-IP traffic.
IKE implementation can install routes in routing table.
NHRP authentication provides enhanced security.
Dynamic routing protocols can be configured.
Correct Answer: B
QUESTION 56 What is a requirement for smart tunnels to function properly?
Java or ActiveX must be enabled on the client machine.
Applications must be UDP.
Stateful failover must not be configured.
The user on the client machine must have admin access.
Correct Answer: A
Section: Secure Communications Architectures
Reference: https://www.cisco.com/c/en/us/support/docs/security/asa-5500-x-series-next-generation-firewalls/111007-smart-tunnel-asa-00.html
QUESTION 57 Where is split tunneling defined for IKEv2 remote access clients on a Cisco router?
IKEv2 authorization policy
Group Policy
virtual template
webvpn context
Correct Answer: B
Section: Secure Communications Architectures
QUESTION 58 Which technology is used to send multicast traffic over a site-to-site VPN?
GRE over IPsec on IOS router
GRE over IPsec on FTD
IPsec tunnel on FTD
GRE tunnel on ASA
Correct Answer: B
Section: Secure Communications Architectures
Explanation/Reference:
QUESTION 59 Which feature of GETVPN is a limitation of DMVPN and FlexVPN?
sequence numbers that enable scalable replay checking
enabled use of ESP or AH
design for use over public or private WAN
no requirement for an overlay routing protocol
Correct Answer: D
Section: Secure Communications Architectures
QUESTION 60
Refer to the exhibit. Cisco AnyConnect must be set up on a router to allow users to access internal servers 192.168.0.10 and 192.168.0.11. All other traffic should go out of the client's local NIC. Which command accomplishes this configuration?
A. svc split include 192.168.0.0 255.255.255.0
B. svc split exclude 192.168.0.0 255.255.255.0
svc split include acl CCNP
svc split exclude acl CCNP
Correct Answer: C
Section: Secure Communications Architectures
For More exams visit https://killexams.com/vendors-exam-list
Kill your exam at First Attempt....Guaranteed!