300-730試験無料問題集（240題）「Cisco Implementing Secure Solutions with Virtual Private Networks 認定」

出題：1

A network administrator is deploying a Cisco IPS appliance and needs it to operate initially without affecting traffic flows. It must also collect data to provide a baseline of unwanted traffic before being reconfigured to drop it. Which Cisco IPS mode meets these requirements?

A. inline tap

B. failsafe

C. promiscuous

D. bypass

正解：C 解答を投票する

解説: (GoShiken メンバーにのみ表示されます)

出題：2

An engineer must configure remote desktop connectivity for offsite admins via clientless SSL VPN, configured on a Cisco ASA to Windows Vista workstations. Which two configurations provide the requested access? (Choose two.)

A. Citrix bookmark via the ICA plugin

B. RDP2 bookmark via the RDP2 plugin

C. SSH bookmark via the SSH plugin

D. Telnet bookmark via the Telnet plugin

E. VNC bookmark via the VNC plugin

正解：B,E 解答を投票する

解説: (GoShiken メンバーにのみ表示されます)

出題：3

Which feature allows the ASA to handle nonstandard applications and web resources so that they display correctly over a clientless SSL VPN connection?

A. WebType ACL

B. plug-ins

C. single sign-on

D. Smart Tunnel

正解：D 解答を投票する

解説: (GoShiken メンバーにのみ表示されます)

出題：4

Refer to the exhibit. The DMVPN spoke is not establishing a session with the hub. Which two actions resolve this issue? (Choose two.)

A. Change the transform set to mode tunnel.

B. Change the ISAKMP key address on the spoke to 0.0.0.0.

C. Change the nhrp authentication key on the spoke to cisco123.

D. Change the spoke nhs to 172.16.18.1 and the nbma to 10.0.0.1.

E. Change the ISAKMP policy authentication on the spoke to pre-shared.

正解：C,E 解答を投票する

出題：5

An engineer would like Cisco AnyConnect users to be able to reach servers within the
10.10.0.0/16 subnet while all other traffic is sent out to the Internet. Which IPsec configuration accomplishes this task?

A.

B.

C.

D.

正解：C 解答を投票する

出題：6

Which statement about GETVPN is true?

A. TEK rekeys can be load-balanced between two key servers operating in COOP.

B. The configuration that defines which traffic to encrypt originates from the key server.

C. The pseudotime that is used for replay checking is synchronized via NTP.

D. Group members must acknowledge all KEK and TEK rekeys, regardless of configuration.

正解：B 解答を投票する

出題：7

A network engineer is setting up a clientless SSLVPN on a Cisco ASA. Remote users must be able to access an internal webserver via the URL example.com. Which two steps accomplish this task? (Choose two.)

A. Configure routing so that the user's computer can reach the webserver.

B. Configure a bookmark for the webserver.

C. Configure a browser plugin on the Cisco ASA.

D. Configure a DNS server that can resolve the webserver URL.

E. Configure routing so that the Cisco ASA can reach the webserver.

正解：B,D 解答を投票する

解説: (GoShiken メンバーにのみ表示されます)

出題：8

Refer to the exhibit. What is configured as a result of this command set?

A. FlexVPN server to authorize groups by using an IPv6 external AAA

B. FlexVPN server to authenticate IPv6 peers by using EAP

C. FlexVPN client profile for IPv6

D. FlexVPN server for an IPv6 dVTI session

正解：D 解答を投票する

解説: (GoShiken メンバーにのみ表示されます)

出題：9

An engineer has configured Cisco AnyConnect VPN using IKEv2 on a Cisco IOS router. The user cannot connect in the Cisco AnyConnect client, but receives an alert message "Use a browser to gain access." Which action does the engineer take to resolve this issue?

A. Reset user login credentials.

B. Disable the HTTP server.

C. Connect using HTTPS.

D. Correct the URL address.

正解：B 解答を投票する

解説: (GoShiken メンバーにのみ表示されます)

出題：10

A network engineer must design a remote access solution to allow contractors to access internal servers. These contractors do not have permissions to install applications on their computers.
Which VPN solution should be used in this design?

A. Port forwarding

B. Clientless

C. SSL AnyConnect

D. IKEv2 AnyConnect

正解：B 解答を投票する

出題：11

An engineer is creating an URL object on Cisco FMC. How must it be configured so that the object will match for HTTPS traffic in an access control policy?

A. Define the path to the individual webpage that uses HTTPS.

B. Specify the protocol to match (HTTP or HTTPS).

C. Use the subject common name from the website certificate.

D. Use the FQDN including the subdomain for the website.

正解：D 解答を投票する

解説: (GoShiken メンバーにのみ表示されます)

出題：12

Which two tasks must be performed to implement a clientless VPN on the Cisco ASA? (Choose two.)

A. Install an enrolled X.509 Certificate.

B. Configure a portal customization.

C. Configure a connection profile

D. Configure a language translation file.

E. Upload an AnyConnect Package.

正解：A,C 解答を投票する

出題：13

A network administrator has been handed a VPN configuration with the ip nhrp summary-map command configured. Which type of VPN technology is being used?

A. Ipsec VPN

B. DMVPN Phase2

C. GETVPN

D. DMVPN Phase 3

正解：D 解答を投票する

解説: (GoShiken メンバーにのみ表示されます)

300-730試験無料問題集「Cisco Implementing Secure Solutions with Virtual Private Networks 認定」