300-730試験無料問題集「Cisco Implementing Secure Solutions with Virtual Private Networks 認定」
A network engineer is configuring a server. The router will terminate encrypted VPN connections on g0/0, which is in the VRF "Internet". The clear-text traffic that must be encrypted before being sent out traverses g0/1, which is in the VRF "Internal". Which two VRF-specific configurations allow VPN traffic to traverse the VRF-aware interfaces? (Choose two.)
正解:C,D
解答を投票する
A network engineer has been tasked with configuring SSL VPN to provide remote users with access to the corporate network. Traffic destined to the enterprise IP range should go through the tunnel, and all other traffic should go directly to the Internet. Which feature should be configured to achieve this?
正解:A
解答を投票する
A network engineer must configure the Cisco ASA so that Cisco AnyConnect clients establishing an SSL VPN connection create an additional tunnel for real-time traffic that is sensitive to packet delays. If this additional tunnel experiences any issues, it must fall back to a TLS connection.
Which two Cisco AnyConnect features must be configured to accomplish this task? (Choose two.)
Which two Cisco AnyConnect features must be configured to accomplish this task? (Choose two.)
正解:B,E
解答を投票する
解説: (GoShiken メンバーにのみ表示されます)
An engineer has successfully established a Phase 1 and Phase 2 tunnel between two sites. Site A has internal subnet 192.168.0.0/24 and Site B has internal subnet 10.0.0.0/24. The engineer notices that no packets are decrypted at Site B. Pings to 192.168.0.1 from internal Site B devices make it to the Site B router, and the Site A router has incrementing encrypt and decrypt counters.
What must be done to ensure bidirectional communication between both sites?
What must be done to ensure bidirectional communication between both sites?
正解:A
解答を投票する
Refer to the exhibit. All internal clients behind the ASA are port address translated to the public outside interface that has an IP address of 3.3.3.3. Client 1 and client 2 have established successful SSL VPN connections to the ASA.
What must be implemented so that "3.3.3.3" is returned from a browser search on the IP address?
What must be implemented so that "3.3.3.3" is returned from a browser search on the IP address?
正解:D
解答を投票する
解説: (GoShiken メンバーにのみ表示されます)
Refer to the exhibit. A Cisco ASA is configured as a client to a router running as a FlexVPN server. The router is configured with a virtual template to terminate FlexVPN clients. Traffic between networks 192.168.0.0/24 and 172.16.20.0/24 does not work as expected. Based on the show crypto ikev2 sa output collected from the Cisco ASA in the exhibit, what is the solution to this issue?
正解:A
解答を投票する
解説: (GoShiken メンバーにのみ表示されます)
A network administrator is deploying a Cisco IPS appliance and needs it to operate initially without affecting traffic flows. It must also collect data to provide a baseline of unwanted traffic before being reconfigured to drop it. Which Cisco IPS mode meets these requirements?
正解:C
解答を投票する
解説: (GoShiken メンバーにのみ表示されます)