- All Exams Instant Download
What can be determined from this message?
An engineer is troubleshooting an IPsec site-to-site tunnel and verifies that the tunnel status is MM_WAIT_MSG6. What can be determined from this message?A . The PSK has not been confirmed by the responder.B . The encryption policy has not been confirmed by the initiator.C . The encryption policy has not...
Which two descriptions of the characteristics of Cisco GET VPN are true? (Choose two.)
Which two descriptions of the characteristics of Cisco GET VPN are true? (Choose two.)A . provides a tunnelless transport mechanismB . encrypts the data payload and IP header of a packetC . requires that GRE tunnels exist between participating routersD . uses a common set of traffic encryption keys shared...
Which benefit of ECC as compared to RSA is true?
Which benefit of ECC as compared to RSA is true?A . requires multiple keysB . supports Clientless SSL VPNC . can provide higher security at a lower computational costD . can be used on Cisco ASA and Cisco IOS deviceView AnswerAnswer: C Explanation: Reference: https://blogs.cisco.com/security/next-generation-encryption
Which type of mismatch is the root cause of the failure?
Refer to the exhibit. You are configuring FlexVPN on a router. The tunnel fails to come up. Which type of mismatch is the root cause of the failure?A . access listB . peer IDC . preshared keyD . transform proposalView AnswerAnswer: C Explanation: Reference: https://www.cisco.com/c/en/us/support/docs/security-vpn/ipsec-negotiation-ikeprotocols/5409-ipsec-debug-00.html
Where must an engineer configure a preshared key for site-to-site VPN tunnel configured on a Cisco ASA?
Where must an engineer configure a preshared key for site-to-site VPN tunnel configured on a Cisco ASA?A . crypto mapB . group policyC . tunnel groupD . isakmp policyView AnswerAnswer: C
What does DAK l stand for?
What does DAK l stand for?A . Device and Report ToolB . Diagnostic AnyConnect Reporting ToolC . Diagnostics and Reporting ToolD . Delivery and Reporting ToolView AnswerAnswer: C
When a Cisco ASA is configured for Active/Standby failover, what is replicated between the devices?
When a Cisco ASA is configured for Active/Standby failover, what is replicated between the devices?A . HostScan imagesB . Cisco AnyConnect profilesC . VPN sessionsD . Cisco AnyConnect imagesView AnswerAnswer: C
Which action do you take in the hub configuration to resolve the issue?
Refer to the exhibit. You implement a DMVPN Phase 3 full-mesh design. Spoke-to-spoke tunnels fail to establish successfully via the hub. Which action do you take in the hub configuration to resolve the issue?A . Configure the hub to set itself as the next hop in the routing updates to...
Within a PKI system, which option is a trusted entity?
Within a PKI system, which option is a trusted entity?A . registration authorityB . root certificateC . certificate authorityD . RSA authentication serverView AnswerAnswer: C
Which feature allows distinct destination to be encryption on the remote client?
Mobile work force client are using Cisco Encryption for AnyConnect for remote access to the corporate network. In a attempt to save bandwidth on the internet circuit, those working remotely are permitted use to their local connectivity for internet use white still connect to the corporate network. Which feature allows...
