- All Exams Instant Download
Which protocol accomplishes this goal?
An engineer is configuring IPsec VPN and wants to choose an authentication protocol that is reliable supports ACK and sequence. Which protocol accomplishes this goal?A . ESPB . AES-192C . IKEv1D . AES-256View AnswerAnswer: A
Which action do you take in the hub configuration to resolve the issue?
Refer to the exhibit. You implement a DMVPN Phase 3 full-mesh design. Spoke-to-spoke tunnels fail to establish successfully via the hub. Which action do you take in the hub configuration to resolve the issue?A . Configure the hub to set itself as the next hop in the routing updates to...
Which model is needed to support an active/active solution?
A customer requires site-to-site VPNs to connect third-party business partners and has purchased two ASAs. The customer requests an active/active configuration. Which model is needed to support an active/active solution?A . NAT contextB . single contextC . multiple contextD . PAT context.View AnswerAnswer: C
In the Cisco ASDM interface, where do you enable the DTLS protocol setting?
In the Cisco ASDM interface, where do you enable the DTLS protocol setting?A . Configuration > Remote Access VPN > Network (Client) Access > Group Policies > Add or Edit > Add or Edit Internal Group PolicyB . Configuration > Remote Access VPN > Network (Client) Access > AAA Setup...
A rogue static route is installed in the routing table of a Cisco FlexVPN and is causing traffic to be blackholed. Which command should be used to identify the peer from which that route originated?
A rogue static route is installed in the routing table of a Cisco FlexVPN and is causing traffic to be blackholed. Which command should be used to identify the peer from which that route originated?A . show crypto ikev2 sa detailB . show crypto routeC . show crypto ikev2 client...
A user is unable to establish an AnyConnect VPN connection to an ASA. When using the Real-Time Log viewer within ASDM to troubleshoot the issue, which two filter options would the administrator choose to show only syslog messages relevant to the VPN connection? (Choose two.)
A user is unable to establish an AnyConnect VPN connection to an ASA. When using the Real-Time Log viewer within ASDM to troubleshoot the issue, which two filter options would the administrator choose to show only syslog messages relevant to the VPN connection? (Choose two.) A. Client's public IP address...
After completing a site-to-site VPN setup between two routers, application performance over the tunnel is slow. You issue the show crypto ipsec sa command and see the following output. What does this output suggest?
After completing a site-to-site VPN setup between two routers, application performance over the tunnel is slow. You issue the show crypto ipsec sa command and see the following output. What does this output suggest? interfacE. Tunnel100 Crypto map tag: Tunnel100-head-0, local addr 10.10.10.10 protected vrF. (none) local ident (addr/mask/prot/port): (10.10.10.10/255.255.255.255/47/0)...
Which hash algorithm is required to protect classified information?
Which hash algorithm is required to protect classified information?A . MD5B . SHA-1C . SHA-256D . SHA-384View AnswerAnswer: D
When a tunnel is initiated by the headquarter ASA, which one of the following Diffie-Hellman groups is selected by the headquarter ASA during CREATE_CHILD_SA exchange?
When a tunnel is initiated by the headquarter ASA, which one of the following Diffie-Hellman groups is selected by the headquarter ASA during CREATE_CHILD_SA exchange?A . 1B . 2C . 5D . 14E . 19View AnswerAnswer: C Explanation: Traffic initiated by the HQ ASA is assigned to the static outside...
