- All Exams Instant Download
A network security engineer is troubleshooting intermittent connectivity issues across a tunnel. Based on the output from the show crypto ipsec sa command, which cause is most likely?
Refer to the Exhibit: A network security engineer is troubleshooting intermittent connectivity issues across a tunnel. Based on the output from the show crypto ipsec sa command, which cause is most likely?A . ISAKMP and/or IP sec may be bouncing up and down.B . The security association lifetimes are set...
Which description of how DTLS improves application performance is true?
Which description of how DTLS improves application performance is true?A . uses connection-oriented sessionsB . creates less overhead by using UDPC . avoids bandwidth and latency issuesD . uses a flow control mechanismView AnswerAnswer: C Explanation: Reference: https://learningnetwork.cisco.com/thread/21470
Which command displays the NBMA IP addresses when DMVPN is configured with tunnel protection?
Which command displays the NBMA IP addresses when DMVPN is configured with tunnel protection?A . show crypto sessionB . show ip nhrpC . show ip interface tunnelD . show crypto socketView AnswerAnswer: B
Which option is one of the difference between FlexVPN and DMVPN?
Which option is one of the difference between FlexVPN and DMVPN?A . flexvpn uses ikev2 and dmvpn can use ikev1 or ikev2B . dmvpn can use ikev1 and ikev2 where flexvpn only uses ikev1C . flexvpn can use ikev1 and ikev2 where dmvpn uses only ikev2D . dmvp uses ikev1...
Within a PKI system, which option is a trusted entity?
Within a PKI system, which option is a trusted entity?A . registration authorityB . root certificateC . certificate authorityD . RSA authentication serverView AnswerAnswer: C
Which encryption algorithm does Cisco recommend that you avoid?
Which encryption algorithm does Cisco recommend that you avoid?A . HMAC-SHA1B . AES-CBCC . DESD . HMAC-MD5View AnswerAnswer: C
Which VPN solution enables you to publish applications to users by using bookmarks?
Which VPN solution enables you to publish applications to users by using bookmarks?A . IPsec clientB . SSL VPN full network accessC . Clientless SSL VPND . port forwardView AnswerAnswer: C
A network engineer is troubleshooting a VPN configured on an ASA and has found Phase 1 is not completing.
A network engineer is troubleshooting a VPN configured on an ASA and has found Phase 1 is not completing. Which configured parameter must match for the IKE Phase 1 tunnel to get successfully negotiated/A . SA lifetimeB . idle timeoutC . transform-setD . DH groupView AnswerAnswer: D
Which two options are features of Cisco GET VPN? (Choose two.)
Which two options are features of Cisco GET VPN? (Choose two.)A . Allows for optimal routingB . provides point to point IPsec SAC . Provides encryption for MPLSD . uses public InternetE . uses MOREView AnswerAnswer: A,C
When configuring a FlexVPN, which two components must be configured for IKEv2? (Choose two.)
When configuring a FlexVPN, which two components must be configured for IKEv2? (Choose two.)A . persistenceB . profileC . proposalD . preferenceE . methodView AnswerAnswer: B,C Explanation: Reference: https://www.cisco.com/c/en/us/td/docs/ios-xml/ios/sec_conn_ike2vpn/configuration/15mt/sec-flexvpn-15-mt-book/sec-cfg-ikev2-flex.html
