- All Exams Instant Download
Which two cryptographic technologies are recommended for use with FlexVPN? (Choose two.)
Which two cryptographic technologies are recommended for use with FlexVPN? (Choose two.)A . SHA (HMAC variant)B . Diffie-HellmanC . DESD . MD5 (HMAC variant)View AnswerAnswer: A, B
Which command will prevent a group policy from inheriting a filter ACL in a clientless SSL VPN?
Which command will prevent a group policy from inheriting a filter ACL in a clientless SSL VPN?A . vpn-filter noneB . no vpn-filterC . filter value noneD . filter value ACLnameView AnswerAnswer: C Explanation: http://www.cisco.com/c/en/us/td/docs/security/asa/asa-command-reference/T-Z/cmdref4/v.html#pgfId-1842564
A network administrator is configuring AES encryption for the ISAKMP policy on an IOS router. Which two configurations are valid? (Choose two.)
A network administrator is configuring AES encryption for the ISAKMP policy on an IOS router. Which two configurations are valid? (Choose two.)A . crypto isakmp policy 10 encryption aes 254B . crypto isakmp policy 10 encryption aes 192C . crypto isakmp policy 10 encryption aes 256D . crypto isakmp policy...
What is the default storage location of user-level bookmarks in an IOS clientless SSL VPN?
What is the default storage location of user-level bookmarks in an IOS clientless SSL VPN?A . disk0:/webvpn/{context name}/B . disk1:/webvpn/{context name}/C . flash:/webvpn/{context name}/D . nvram:/webvpn/{context name}/View AnswerAnswer: C
Which two are characteristics of GETVPN? (Choose two.)
Which two are characteristics of GETVPN? (Choose two.)A . The IP header of the encrypted packet is preservedB . A key server is elected among all configured Group MembersC . Unique encryption keys are computed for each Group MemberD . The same key encryption and traffic encryption keys are distributed...
An administrator is adding IPv6 addressing to an already functioning tunnel. The administrator is unable to ping 2001:DB8:100::2 but can ping 209.165.200.226. Which configuration needs to be added or changed?
Refer to the exhibit. An administrator is adding IPv6 addressing to an already functioning tunnel. The administrator is unable to ping 2001:DB8:100::2 but can ping 209.165.200.226. Which configuration needs to be added or changed?A . No configuration change is necessary. Everything is working correctly.B . OSPFv3 needs to be configured...
Which authentication method was used by the remote peer to prove its identity?
Refer to the exhibit. Which authentication method was used by the remote peer to prove its identity?A . Extensible Authentication ProtocolB . certificate authenticationC . pre-shared keyD . XAUTHView AnswerAnswer: C
Which are two main use cases for Clientless SSL VPN? (Choose two.)
Which are two main use cases for Clientless SSL VPN? (Choose two.)A . In kiosks that are part of a shared environmentB . When the users do not have admin rights to install a new VPN clientC . When full tunneling is needed to support applications that use TCP, UDP,...
When a tunnel is initiated by the headquarter ASA, which one of the following Diffie-Hellman groups is selected by the headquarter ASA during CREATE_CHILD_SA exchange?
When a tunnel is initiated by the headquarter ASA, which one of the following Diffie-Hellman groups is selected by the headquarter ASA during CREATE_CHILD_SA exchange?A . 1B . 2C . 5D . 14E . 19View AnswerAnswer: C Explanation: Traffic initiated by the HQ ASA is assigned to the static outside...
An administrator wishes to limit the networks reachable over the Anyconnect VPN tunnels. Which configuration on the ASA will correctly limit the networks reachable to 209.165.201.0/27 and 209.165.202.128/27?
An administrator wishes to limit the networks reachable over the Anyconnect VPN tunnels. Which configuration on the ASA will correctly limit the networks reachable to 209.165.201.0/27 and 209.165.202.128/27?A . access-list splitlist standard permit 209.165.201.0 255.255.255.224 access-list splitlist standard permit 209.165.202.128 255.255.255.224 ! group-policy GroupPolicy1 internal group-policy GroupPolicy1 attributes split-tunnel-policy tunnelspecified...
