300-730試験無料問題集「Cisco Implementing Secure Solutions with Virtual Private Networks 認定」

ページ: 1 / 15
トータル 208 問
完全版を入手する
A second set of traffic selectors is negotiated between two peers using IKEv2.
Which IKEv2 packet will contain details of the exchange?

解説: (GoShiken メンバーにのみ表示されます)
A network engineer is configuring a server. The router will terminate encrypted VPN connections on g0/0, which is in the VRF "Internet". The clear-text traffic that must be encrypted before being sent out traverses g0/1, which is in the VRF "Internal". Which two VRF-specific configurations allow VPN traffic to traverse the VRF-aware interfaces? (Choose two.)

Which IKE identity does an IOS/IOS-XE headend expect to receive if an IPsec Cisco AnyConnect client uses default settings?

解説: (GoShiken メンバーにのみ表示されます)
A network engineer has been tasked with configuring SSL VPN to provide remote users with access to the corporate network. Traffic destined to the enterprise IP range should go through the tunnel, and all other traffic should go directly to the Internet. Which feature should be configured to achieve this?

Refer to the exhibit. The customer can establish a Cisco AnyConnect connection without using an XML profile. When the host "ikev2" is selected in the AnyConnect drop down, the connection fails.
What is the cause of this issue?

解説: (GoShiken メンバーにのみ表示されます)
Which feature allows a DMVPN Phase 3 spoke to switch to an alternate hub when the primary hub is unreachable?

解説: (GoShiken メンバーにのみ表示されます)
A network engineer must configure the Cisco ASA so that Cisco AnyConnect clients establishing an SSL VPN connection create an additional tunnel for real-time traffic that is sensitive to packet delays. If this additional tunnel experiences any issues, it must fall back to a TLS connection.
Which two Cisco AnyConnect features must be configured to accomplish this task? (Choose two.)

解説: (GoShiken メンバーにのみ表示されます)
Refer to the exhibit. The DMVPN tunnel is dropping randomly and no tunnel protection is configured.

Which spoke configuration mitigates tunnel drops?

解説: (GoShiken メンバーにのみ表示されます)
An engineer has successfully established a Phase 1 and Phase 2 tunnel between two sites. Site A has internal subnet 192.168.0.0/24 and Site B has internal subnet 10.0.0.0/24. The engineer notices that no packets are decrypted at Site B. Pings to 192.168.0.1 from internal Site B devices make it to the Site B router, and the Site A router has incrementing encrypt and decrypt counters.
What must be done to ensure bidirectional communication between both sites?

Refer to the exhibit. All internal clients behind the ASA are port address translated to the public outside interface that has an IP address of 3.3.3.3. Client 1 and client 2 have established successful SSL VPN connections to the ASA.
What must be implemented so that "3.3.3.3" is returned from a browser search on the IP address?

解説: (GoShiken メンバーにのみ表示されます)
Which configuration construct must be used in a FlexVPN tunnel?

Refer to the exhibit. A Cisco ASA is configured as a client to a router running as a FlexVPN server. The router is configured with a virtual template to terminate FlexVPN clients. Traffic between networks 192.168.0.0/24 and 172.16.20.0/24 does not work as expected. Based on the show crypto ikev2 sa output collected from the Cisco ASA in the exhibit, what is the solution to this issue?

解説: (GoShiken メンバーにのみ表示されます)
A network administrator is deploying a Cisco IPS appliance and needs it to operate initially without affecting traffic flows. It must also collect data to provide a baseline of unwanted traffic before being reconfigured to drop it. Which Cisco IPS mode meets these requirements?

解説: (GoShiken メンバーにのみ表示されます)
Refer to the exhibit. What is a result of this configuration?

解説: (GoShiken メンバーにのみ表示されます)
ページ: 1 / 15
トータル 208 問