- All Exams Instant Download
Which cryptographic method provides passphrase protection while importing or exporting keys?
Which cryptographic method provides passphrase protection while importing or exporting keys?A . AESB . RSAC . SerpentD . BlowfishView AnswerAnswer: B Explanation: Reference: https://www.cisco.com/c/en/us/td/docs/ios-xml/ios/sec_conn_pki/configuration/xe3s/sec-pki-xe-3sbook/sec-deploy-rsa-pki.pdf
You are implementing an IKEv2 IPsec tunnel between two Internet routers by using PSKs. After the configuration is complete, the IPsec VPN tunnel fails to negotiate. You enable debugging to troubleshoot the issue.Which action do you take to resolve the issue?
Refer to the exhibit. You are implementing an IKEv2 IPsec tunnel between two Internet routers by using PSKs. After the configuration is complete, the IPsec VPN tunnel fails to negotiate. You enable debugging to troubleshoot the issue.Which action do you take to resolve the issue?A . Verify the IKEv2 keyring...
Which feature should be configured?
An engineer is configuring SSL VPN to provide access to a corporate network for remote users. Traffic destined to the enterprise IP range should go over the tunnel and all other traffic should go directly to the internet. Which feature should be configured?A . dual-horningB . hairpinningC . split-tunnelD ....
Which type of VPN is used in the configuration?
Refer to the exhibit. Which type of VPN is used in the configuration?A . DMVPNB . FlexVPNC . SSL VPND . Cisco GET VPNView AnswerAnswer: A
Which option is the main difference between GET VPN and DMVPN?
Which option is the main difference between GET VPN and DMVPN?A . AES encryption supportB . dynamic spoke-to-spoke tunnel communicationsC . Next Hop Resolution ProtocolD . Group Domain of Interpretation protocolView AnswerAnswer: B
When using Clientless SSL VPN on a Cisco ASA, which authentication method is required for single sign-on?
When using Clientless SSL VPN on a Cisco ASA, which authentication method is required for single sign-on?A . TACACSB . LOCALC . RADIUSD . SAML 2.0View AnswerAnswer: D Explanation: Reference: https://www.cisco.com/c/en/us/td/docs/security/asa/asa910/asdm710/vpn/asdm-710vpn-config/webvpn-configure-users.html#ID-2271-00000055
Drag and drop the cryptographic algorithms for IPsec from the left onto the correct cryptographic processes on the right
DRAG DROP Drag and drop the cryptographic algorithms for IPsec from the left onto the correct cryptographic processes on the right. View AnswerAnswer: Explanation: Reference: https://www.cisco.com/c/en/us/td/docs/ios-xml/ios/sec_conn_vpnips/configuration/xe3s/sec-sec-for-vpns-w-ipsec-xe-3s-book/sec-cfg-vpn-ipsec.html
Which action do you take to resolve the issue?
Refer to the exhibit. You are implementing DMVPN Phase 3 in an existing network that uses DMVPN Phase1. You configure NHRP, but the creation of the spoke-to-spoke tunnel fails. Which action do you take to resolve the issue?A . Remove the multicast flag from the NHRP configuration.B . Configure the...
Which feature allows distinct destination to be encryption on the remote client?
Mobile work force client are using Cisco Encryption for AnyConnect for remote access to the corporate network. In a attempt to save bandwidth on the internet circuit, those working remotely are permitted use to their local connectivity for internet use white still connect to the corporate network. Which feature allows...
Why must a network engineer avoid usage of the default X509 certificate when implementing clientless SSLVPN on an ASA?
Why must a network engineer avoid usage of the default X509 certificate when implementing clientless SSLVPN on an ASA? A. The certificate is too weak to provide adequate security. B. The certificate is regenerated at each reboot. C. The certificate must be managed by the local CA. D. The default...
