300-730 exam

In a FlexVPN deployment, the spokes successfully connect to the hub, but spoke-to-spoke tunnels do not form. Which troubleshooting step solves the issue?A . Verify the spoke configuration to check if the NHRP redirect is enabled.B . Verify that the spoke receives redirect messages and sends resolution requests.C . Verify...

Refer to the exhibit. Which two tunnel types produce the show crypto ipsec sa output seen in the exhibit? (Choose two.)A . crypto mapB . DMVPNC . GRED . FlexVPNE . VTIView AnswerAnswer: B,E

Topic 3, Troubleshooting using ASDM and CLI Refer to the exhibit. Based on the debug output, which type of mismatch is preventing the VPN from coming up?A . interesting trafficB . lifetimeC . preshared keyD . PFSView AnswerAnswer: B Explanation: If the responder's policy does not allow it to accept...

Refer to the exhibit. A customer cannot establish an IKEv2 site-to-site VPN tunnel between two Cisco ASA devices. Based on the syslog message, which action brings up the VPN tunnel? A. Reduce the maximum SA limit on the local Cisco ASA. B. Increase the maximum in-negotiation SA limit on the...

Topic 2, Remote access VPNs Refer to the exhibit. Which two commands under the tunnel-group webvpn-attributes result in a Cisco AnyConnect user receiving the AnyConnect prompt in the exhibit? (Choose two.)A . group-url https://172.16.31.10/General enableB . group-policy General internalC . authentication aaaD . authentication certificateE . group-alias General enableView AnswerAnswer:...

Refer to the exhibit. Which value must be configured in the User Group field when the Cisco AnyConnect Profile is created to connect to an ASA headend with IPsec as the primary protocol?A . address-poolB . group-aliasC . group-policyD . tunnel-groupView AnswerAnswer: D Explanation: Reference: https://www.cisco.com/c/en/us/td/docs/security/vpn_client/anyconnect/anyconnect41/administration/guide/b_AnyConnect_Administrator_Guide_4-1/configure-vpn.html

Which command identifies a Cisco AnyConnect profile that was uploaded to the flash of an IOS router?A . svc import profile SSL_profile flash:simos-profile.xmlB . anyconnect profile SSL_profile flash:simos-profile.xmlC . crypto vpn anyconnect profile SSL_profile flash:simos-profile.xmlD . webvpn import profile SSL_profile flash:simos-profile.xmlView AnswerAnswer: C Explanation: Reference: https://www.cisco.com/c/en/us/support/docs/security/anyconnect-secure-mobility-client/200533-AnyConnect-Configure-Basic-SSLVPN-for-I.html

A Cisco AnyConnect client establishes a SSL VPN connection with an ASA at the corporate office. An engineer must ensure that the client computer meets the enterprise security policy. Which feature can update the client to meet an enterprise security policy?A . Endpoint AssessmentB . Cisco Secure DesktopC . Basic...

Which two types of web resources or protocols are enabled by default on the Cisco ASA Clientless SSL VPN portal? (Choose two.)A . HTTPB . ICA (Citrix)C . VNCD . RDPE . CIFSView AnswerAnswer: D,E Explanation: Reference: https://www.cisco.com/c/en/us/td/docs/security/asa/asa94/config-guides/cli/vpn/asa-94-vpn-config/webvpn-configure-gateway.html

Under which section must a bookmark or URL list be configured on a Cisco ASA to be available for clientless SSLVPN users?A . tunnel-group (general-attributes)B . tunnel-group (webvpn-attributes)C . webvpn (group-policy)D . webvpn (global configuration)View AnswerAnswer: D