- All Exams Instant Download
Which two statements are true when designing a SSL VPN solution using Cisco AnyConnect? (Choose two.)
Which two statements are true when designing a SSL VPN solution using Cisco AnyConnect? (Choose two.)A . The VPN server must have a self-signed certificate.B . A SSL group pre-shared key must be configured on the server.C . Server side certificate is optional if using AAA for client authentication.D ....
A spoke has two Internet connections for failover. How can you achieve optimum failover without affecting any other router in the DMVPN cloud?
A spoke has two Internet connections for failover. How can you achieve optimum failover without affecting any other router in the DMVPN cloud?A . Create another DMVPN cloud by configuring another tunnel interface that is sourced from the second ISP link.B . Use another router at the spoke site, because...
Which two IKEv1 policy options must match on each peer when you configure an IPsec site-to-site VPN? (Choose two.)
Which two IKEv1 policy options must match on each peer when you configure an IPsec site-to-site VPN? (Choose two.)A . priority numberB . hash algorithmC . encryption algorithmD . session lifetimeE . PRF algorithmView AnswerAnswer: B, C
Which statement describes a prerequisite for single-sign-on Netegrity Cookie Support in an IOC SSL VPN?
Which statement describes a prerequisite for single-sign-on Netegrity Cookie Support in an IOC SSL VPN?A . The Cisco AnyConnect Secure Mobility Client must be installed in flash.B . A SiteMinder plug-in must be installed on the Cisco SSL VPN gateway.C . A Cisco plug-in must be installed on a SiteMinder...
Which technology can rate-limit the number of tunnels on a DMVPN hub when system utilization is above a specified percentage?
Which technology can rate-limit the number of tunnels on a DMVPN hub when system utilization is above a specified percentage?A . NHRP Event PublisherB . interface state controlC . CACD . NHRP AuthenticationE . ip nhrp connectView AnswerAnswer: C
An IPsec peer is exchanging routes using IKEv2, but the routes are not installed in the RIB. Which configuration error is causing the failure?
Refer to the exhibit. An IPsec peer is exchanging routes using IKEv2, but the routes are not installed in the RIB. Which configuration error is causing the failure?A . IKEv2 routing requires certificate authentication, not pre-shared keys.B . An invalid administrative distance value was configured.C . The match identity command...
Which two qualify as Next Generation Encryption integrity algorithms? (Choose two.)
Which two qualify as Next Generation Encryption integrity algorithms? (Choose two.)A . SHA-512B . SHA-256C . SHA-192D . SHA-380E . SHA-192F . SHA-196View AnswerAnswer: A, B
A Cisco router may have a fan issue that could increase its temperature and trigger a failure. What troubleshooting steps would verify the issue without causing additional risks?
A Cisco router may have a fan issue that could increase its temperature and trigger a failure. What troubleshooting steps would verify the issue without causing additional risks?A . Configure logging using commands "logging on", "logging buffered 4", and check for fan failure logs using "show logging"B . Configure logging...
In FlexVPN, what command can an administrator use to create a virtual template interface that can be configured and applied dynamically to create virtual access interfaces?
In FlexVPN, what command can an administrator use to create a virtual template interface that can be configured and applied dynamically to create virtual access interfaces?A . interface virtual-template number type templateB . interface virtual-template number type tunnelC . interface template number type virtualD . interface tunnel-template numberView AnswerAnswer: B...
In a spoke-to-spoke DMVPN topology, which type of interface does a branch router require?
In a spoke-to-spoke DMVPN topology, which type of interface does a branch router require?A . Virtual tunnel interfaceB . Multipoint GRE interfaceC . Point-to-point GRE interfaceD . Loopback interfaceView AnswerAnswer: B
