300-730 Practice Questions

Which VPN solution uses TBAR?

Which two commands help determine why the NHRP registration process is not being completed even after the IPsec tunnel is up? (Choose two.)

Refer to the exhibit. An internal clients behind the ASA are port address translated to the public outside interface that has an IP address of 3.3.3.3. Client 1 and client 2 have e...

Cisco AnyConnect clients need to transfer large files over the VPN sessions. Which protocol provides the best throughput?

Which VPN does VPN load balancing on the ASA support?

Which parameter must match on all routers in a DMVPN Phase 3 cloud?

Which parameter is initially used to elect the primary key server from a group of key servers?

A Cisco ASA is configured in active/standby mode. What is needed to ensure that Cisco AnyConnect users can connect after a failover event?

Which benefit of FlexVPN is a limitation of DMVPN using IKEv1?

What is a requirement for smart tunnels to function properly?

Where is split tunneling defined for IKEv2 remote access clients on a Cisco router?

Which technology is used to send multicast traffic over a site-to-site VPN?

Which feature of GETVPN is a limitation of DMVPN and FlexVPN?

Refer to the exhibit. ip access-list extended CCNP permit 192.168.0.10 permit 192.168.0.11 webvpn gateway SSL_Gateway ip address 172.16.0.25 port 443 ssl trustpoint AnyConnect_Cert...

Drag and Drop Question Drag and drop the correct commands from the right onto the blanks in the code on the left to implement a design that allow for dynamic spoke-to-spoke communi...

Which two are characteristics of GETVPN? (Choose two.)

In FlexVPN, what is the role of a NHRP resolution request?

A second set of traffic selectors is negotiated between two peers using IKEv2. Which IKEv2 packet will contain details of the exchange?

Refer to the exhibit: HUB#show ip nhrp 0.0.0.2/32 via 10.0.0.2 Tunnel0 created 00:02:09, expire 00:00:01 Type: dynamic, Flags: unique registered used nhop NBMA address: 2.2.2.1 0.0...

On a FlexVPN hub-and-spoke topology where spoke-to-spoke tunnels are not allowed, which command is needed for the hub to be able to terminate FlexVPN tunnels?

Which statement about GETVPN is true?

Refer to the exhibit: Interface: Tunnel1 Crypto map tag: Tunnel-head-0, local addr 192.168.0.1 protected vrf: (none) local ident (addr/mask/prot/port): (0.0.0.0/0.0.0.0/0) remote i...

Which two changes must be made in order to migrate from DMVPN Phase 2 to Phase 3 when EIGRP is configured? (Choose two.)

Refer to the exhibit: ASA-4-751015 Local:0.0.0.0:0 Remote:0.0.0.0:0 Username:Unknown SA request rejected by CAC. Reason: IN-NEGOTIATION SA LIMIT REACHED A customer cannot establish...

Refer to the exhibit: %LINK-3-UPDOWN: Interface Tunnel0, changed state to up %NHRP-5-REGISTRATION: Tunnel0: Spoke 10.1.1.25, NBMA 1.1.1.25 registered. %NHRP-5-REGISTRATION_COMPLETE...

Which is used by GETVPN, FlexVPN and DMVPN?

Which IKEv2 feature minimizes the configuration of a FlexVPN on Cisco IOS devices?

Which two parameters help to map a VPN session to a tunnel group using the tunnel-group-list? (Choose two.)

Which method dynamically installs the network routes for remote tunnel endpoints?

Which command identifies a Cisco AnyConnect profile that was uploaded to the flash of an IOS router?

Refer to the exhibit. Which value must be configured in the User Group field when the Cisco AnyConnect profile is created to connect to an ASA headend with IPsec as the primary pro...

Refer to the exhibit. What is configured as a result of this command set?

Which two types of web resources or protocols are enabled by default on the Cisco ASA Clientless SSL VPN portal? (Choose two.)

Which configuration construct must be used in a FlexVPN tunnel?

A Cisco AnyConnect client establishes a SSL VPN connection with an ASA at the corporate office. An engineer must ensure that the client computer meets the enterprise security polic...

Refer to the exhibit. The customer can establish an AnyConnect connection on the corporate office only. Subsequent attempts fail. What might be the issue?

Regarding licensing, which option will allow IKEv2 connections on the adaptive security appliance?

Which two features provide headend resiliency for Cisco AnyConnect clients? (Choose two.)

Cisco AnyConnect Secure Mobility Client has been configured to use IKEv2 for one group of users and SSL for another group. When the administrator configures a new AnyConnect releas...

Under which section must a bookmark or URL list be configured on a Cisco ASA to be available for clientless SSLVPN users?

Refer to the exhibit. Based on the exhibit, why are users unable to access CCNP Webserver bookmark?

Which two statements about the Cisco ASA Clientless SSL VPN solution are true? (Choose two.)

Which feature allows the ASA to handle nonstandard applications and web resources so that they display correctly over a clientless SSL VPN connection?

Which command automatically initiates a smart tunnel when a user logs in to the WebVPN portal page?

Refer to the exhibit. The customer must launch Cisco AnyConnect in the RDP machine. Which IOS configuration accomplishes this task?

Refer to the exhibit. Which two commands under the tunnel-group webvpn-attributes result in a Cisco AnyConnect user receiving the AnyConnect prompt in the exhibit? (Choose two.)

Which two statements are true when designing a SSL VPN solution using Cisco AnyConnect? (Choose two.)

An engineer is configuring IPsec VPN and wants to choose an authentication protocol that is reliable and supports ACK and sequence. Which protocol accomplishes this goal?

Refer to the exhibit. What is the problem with the IKEv2 site-to-site VPN tunnel?

Which requirement is needed to use local authentication for Cisco AnyConnect Secure Mobility Clients that connect to a FlexVPN server?