- All Exams Instant Download
Which two descriptions of the characteristics of Cisco GET VPN are true? (Choose two.)
Which two descriptions of the characteristics of Cisco GET VPN are true? (Choose two.)A . provides a tunnelless transport mechanismB . encrypts the data payload and IP header of a packetC . requires that GRE tunnels exist between participating routersD . uses a common set of traffic encryption keys shared...
What are two benefits of using DTLS when implementing a Cisco AnyConnect SSI VPN on a Cisco ASA or router? (Choose two.)
What are two benefits of using DTLS when implementing a Cisco AnyConnect SSI VPN on a Cisco ASA or router? (Choose two.)A . provides latency avoidanceB . has enhanced dead peer detectionC . uses TLS Only for the tunnelD . provides greater security and integrity of the tunnelE . establishes...
Which troubleshooting step is valid in this situation?
In a new DMVPN deployment, phase 1 completes successfully. However, phase2 experiences issues. Which troubleshooting step is valid in this situation?A . Temporarily remove encryption to check if the GRE tunnel is working.B . Verify IP routing between the external IPs of the two peers is correct.C . Remove NHRP...
Which possible cause of the connection failure is most likely?
Refer to the exhibit. You configure Clientless SSL VPN on a Cisco ASA. Users from Company A cannot connect to the Clientless SSL VPN. Which possible cause of the connection failure is most likely? A. The users have authentication issues B. The users are behind the same NAT IP address...
What is a functional difference between IKEv1 and IKEv2 on a router?
What is a functional difference between IKEv1 and IKEv2 on a router?A . HSRPB . RRIC . DPDD . Stateful FailoverView AnswerAnswer: C Explanation: Reference: https://www.cisco.com/en/US/docs/ios-xml/ios/sec_conn_ikevpn/configuration/15-1mt/ Configuring_Internet_Key_Exchange_Version_2.html
Which command will allow a referenced ASA interface to become accessible across a site-to-site VPN?
Which command will allow a referenced ASA interface to become accessible across a site-to-site VPN?A . access-list 101 extended permit ICMP any anyB . crypto map vpn 10 match address 101C . crypto map vpn interface insideD . management-access <interface name>View AnswerAnswer: B
Which two options are key advantages to choosing GET VPN EssaVPN?
An engineer must configure HET VPN transverse over the network between corporate offices. Which two options are key advantages to choosing GET VPN EssaVPN? (Choose two.)A . GET VPN has unique session keys for improved security.B . GET VPN supports multicast.C . GET VPN supports a hub and-spoke topology.D ....
Which cryptographic method provides passphrase protection while importing or exporting keys?
Which cryptographic method provides passphrase protection while importing or exporting keys?A . AESB . RSAC . SerpentD . BlowfishView AnswerAnswer: B Explanation: Reference: https://www.cisco.com/c/en/us/td/docs/ios-xml/ios/sec_conn_pki/configuration/xe3s/sec-pki-xe-3sbook/sec-deploy-rsa-pki.pdf
Which two components are required a Cisco IOS-based PKI solution?
Which two components are required a Cisco IOS-based PKI solution?A . preshared keyB . NTPC . RADIUS serverD . certificate authorityE . FT/HTTP serverView AnswerAnswer: A,D
What does DAK l stand for?
What does DAK l stand for?A . Device and Report ToolB . Diagnostic AnyConnect Reporting ToolC . Diagnostics and Reporting ToolD . Delivery and Reporting ToolView AnswerAnswer: C
