300-730 exam

Refer to the exhibit. An SSL client is connecting to an ASA headend. The session fails with the message “Connection attempt has timed out. Please verify Internet connectivity.” Based on how the packet is processed, which phase is causing the failure?A . phase 9: rpf-check B. phase 5: NAT C....

Refer to the exhibit. The customer can establish a Cisco AnyConnect connection without using an XML profile. When the host "ikev2" is selected in the AnyConnect drop down, the connection fails. What is the cause of this issue?A . The HostName is incorrect. B. The IP address is incorrect. C....

Topic 3, Troubleshooting using ASDM and CLI Refer to the exhibit. A site-to-site tunnel between two sites is not coming up. Based on the debugs, what is the cause of this issue?A . An authentication failure occurs on the remote peer. B. A certificate fragmentation issue occurs between both sides....

Refer to the exhibit. A customer cannot establish an IKEv2 site-to-site VPN tunnel between two Cisco ASA devices. Based on the syslog message, which action brings up the VPN tunnel? A. Reduce the maximum SA limit on the local Cisco ASA. B. Increase the maximum in-negotiation SA limit on the...

Refer to the exhibit. The IKEv2 site-to-site VPN tunnel between two routers is down. Based on the debug output, which type of mismatch is the problem?A . preshared key B. peer identity C. transform set D. ikev2 proposalView AnswerAnswer: B

Which IKE identity does an IOS/IOS-XE headend expect to receive if an IPsec Cisco AnyConnect client uses default settings?A . *$SecureMobilityClient$* B. *$AnyConnectClient$* C. *$RemoteAccessVpnClient$* D. *$DfltlkeldentityS*View AnswerAnswer: B Explanation: Reference: https://www.cisco.com/c/en/us/support/docs/security/flexvpn/200555-FlexVPN-AnyConnect-IKEv2-Remote-Access.html

Which VPN solution uses TBAR?A . GETVPN B. VTI C. DMVPN D. Cisco AnyConnectView AnswerAnswer: A Explanation: Reference: https://www.cisco.com/c/en/us/td/docs/ios-xml/ios/sec_conn_getvpn/configuration/xe-3s/sec-get-vpn-xe-3s-book/sec-get-vpn.html

Refer to the exhibit. What is configured as a result of this command set?A . FlexVPN client profile for IPv6 B. FlexVPN server to authorize groups by using an IPv6 external AAA C. FlexVPN server for an IPv6 dVTI session D. FlexVPN server to authenticate IPv6 peers by using EAPView...

Topic 4, Secure Communications Architectures Which feature of GETVPN is a limitation of DMVPN and FlexVPN?A . sequence numbers that enable scalable replay checking B. enabled use of ESP or AH C. design for use over public or private WAN D. no requirement for an overlay routing protocolView AnswerAnswer: D

Which command is used to troubleshoot an IPv6 FlexVPN spoke-to-hub connectivity failure?A . show crypto ikev2 sa B. show crypto isakmp sa C. show crypto gkm D. show crypto identityView AnswerAnswer: A Explanation: Reference: https://www.cisco.com/c/en/us/support/docs/security/flexvpn/116413-configure-flexvpn-00.pdf