300-730 Dumps
          300-730 Braindumps
          300-730 Real Questions
          300-730 Practice Test
          300-730 dumps free






















































            Cisco



            300-730







            Implementing Secure Solutions with Virtual Private
            Networks








            http://killexams.com/pass4sure/exam-detail/300-730







             Section: Secure  Communications Architectures






             QUESTION 50







































             Refer to the exhibit. Which VPN technology is used in the exhibit?

             A.  DVTI
             B.  VTI
             C.  DMVPN
             D.  GRE

             Correct Answer: B
             Section:  Secure  Communications  Architectures




             Reference: https://www.cisco.com/c/en/us/td/docs/ios-xml/ios/sec_conn_vpnips/configuration/zZ-Archive/IPsec_Virtual_Tunnel_Interface.html#GUID-EB8C433B-2394-42B9-997F-B40803E58A91

             QUESTION 51
             Which VPN does VPN load balancing on the ASA support?

             A.  VTI
             B.  IPsec site-to-site tunnels
             C.  L2TP over IPsec
             D.  Cisco AnyConnect

             Correct Answer: D
             Section: Secure Communications Architectures










             QUESTION 52 Which parameter must match on all routers in a DMVPN
             Phase 3 cloud?

             A.  GRE tunnel key
             B.  NHRP network ID
             C.  tunnel VRF
             D.  EIGRP split-horizon setting

             Correct Answer: A
             Section:  Secure  Communications  Architectures





             QUESTION 53 Which parameter is initially used to elect the primary key server from a group
             of key servers?

             A.  code version
             B.  highest IP address
             C.  highest-priority value
             D.  lowest IP address

             Correct Answer: C
             Section:  Secure  Communications  Architectures



             Reference: https://www.cisco.com/c/en/us/products/collateral/security/group-encrypted-transport-vpn/deployment_guide_c07_554713.html
             QUESTION 54 A Cisco ASA is configured in active/standby mode. What is needed to ensure that Cisco AnyConnect users can connect after a
             failover event?

             A.  AnyConnect images must be uploaded to both failover ASA devices.
             B.  The vpnsession-db must be cleared manually.
             C.  Configure a backup server in the XML profile.
             D.  AnyConnect client must point to the standby IP address.

             Correct Answer: A
             Section:  Secure  Communications  Architectures



             Reference: https://www.cisco.com/c/en/us/td/docs/security/asa/asa90/configuration/guide/asa_90_cli_config/ha_active_standby.html

             QUESTION 55 Which benefit of FlexVPN is a limitation of
             DMVPN using IKEv1?

             A.  GRE encapsulation allows for forwarding of non-IP traffic.
             B.  IKE implementation can install routes in routing table.
             C.  NHRP authentication provides enhanced security.
             D.  Dynamic routing protocols can be configured.

             Correct Answer: B







             Section: Secure  Communications Architectures





             QUESTION 56 What is a requirement for smart tunnels to
             function properly?

             A.  Java or ActiveX must be enabled on the client machine.
             B.  Applications must be UDP.
             C.  Stateful failover must not be configured.
             D.  The user on the client machine must have admin access.

             Correct Answer: A
             Section:  Secure  Communications  Architectures



             Reference: https://www.cisco.com/c/en/us/support/docs/security/asa-5500-x-series-next-generation-firewalls/111007-smart-tunnel-asa-00.html

             QUESTION 57 Where is split tunneling defined for IKEv2 remote access clients on
             a Cisco router?

             A.  IKEv2 authorization policy
             B.  Group Policy
             C.  virtual template
             D.  webvpn context

             Correct Answer: B
             Section:  Secure  Communications  Architectures





             QUESTION 58 Which technology is used to send multicast traffic over a
             site-to-site VPN?


             A.  GRE over IPsec on IOS router
             B.  GRE over IPsec on FTD
             C.  IPsec tunnel on FTD
             D.  GRE tunnel on ASA

             Correct Answer: B
             Section:  Secure  Communications  Architectures


             Explanation/Reference:


             QUESTION 59 Which feature of GETVPN is a limitation of DMVPN
             and FlexVPN?

             A.  sequence numbers that enable scalable replay checking
             B.  enabled use of ESP or AH
             C.  design for use over public or private WAN
             D.  no requirement for an overlay routing protocol







             Correct Answer: D
             Section:  Secure  Communications  Architectures





             QUESTION 60





































             Refer to the exhibit. Cisco AnyConnect must be set up on a router to allow users to access internal servers 192.168.0.10 and 192.168.0.11. All other traffic should go out of the client's local NIC. Which command accomplishes this
             configuration?

             A.  svc split include 192.168.0.0 255.255.255.0
             B.  svc split exclude 192.168.0.0 255.255.255.0
             C.  svc split include acl CCNP
             D.  svc split exclude acl CCNP

             Correct Answer: C
             Section:  Secure  Communications  Architectures
















                            For More exams visit https://killexams.com/vendors-exam-list







































































                               Kill your exam at First Attempt....Guaranteed!