300-730 exam

Which two statements about the Cisco ASA Clientless SSL VPN solution are true? (Choose two.)A . When a client connects to the Cisco ASA WebVPN portal and tries to access HTTP resources through the URL bar, the client uses the local DNS to perform FQDN resolution. B. The rewriter enable...

Refer to the exhibit. Which VPN technology is allowed for users connecting to the Employee tunnel group?A . SSL AnyConnect B. IKEv2 AnyConnect C. crypto map D. clientlessView AnswerAnswer: D Explanation: When you configure other group policies, any attribute that you do not explicitly specify takes its value from the...

Refer to the exhibit. Based on the exhibit, why are users unable to access CCNP Webserver bookmark?A . The URL is being blocked by a WebACL. B. The ASA cannot resolve the URL. C. The bookmark has been disabled. D. The user cannot access the URL.View AnswerAnswer: B Explanation: https://community.cisco.com/t5/network-security/missing-ssl-vpn-bookmarks/td-p/1597023

Topic 2, Remote access VPNs Which command identifies a Cisco AnyConnect profile that was uploaded to the flash of an IOS router?A . svc import profile SSL_profile flash:simos-profile.xml B. anyconnect profile SSL_profile flash:simos-profile.xml C. crypto vpn anyconnect profile SSL_profile flash:simos-profile.xml D. webvpn import profile SSL_profile flash:simos-profile.xmlView AnswerAnswer: C Explanation: Reference:...

Which two parameters help to map a VPN session to a tunnel group without using the tunnel-group list? (Choose two.)A . group-alias B. certificate map C. optimal gateway selection D. group-url E. AnyConnect client versionView AnswerAnswer: A,D Explanation: https://www.cisco.com/c/en/us/support/docs/security/asa-5500-x-series-next-generation-firewalls/98580-enable-group-dropdown.html

On a FlexVPN hub-and-spoke topology where spoke-to-spoke tunnels are not allowed, which command is needed for the hub to be able to terminate FlexVPN tunnels?A . interface virtual-access B. ip nhrp redirect C. interface tunnel D. interface virtual-templateView AnswerAnswer: D Explanation: On a FlexVPN hub-and-spoke topology where spoke-to-spoke tunnels are...

Refer to the exhibit. What is a result of this configuration?A . Spoke 1 fails the authentication because the authentication methods are incorrect. B. Spoke 2 passes the authentication to the hub and successfully proceeds to phase 2. C. Spoke 2 fails the authentication because the remote authentication method is...

Which two remote access VPN solutions support SSL? (Choose two.)A . FlexVPN B. clientless C. EZVPN D. L2TP E. Cisco AnyConnectView AnswerAnswer: B,E

Which statement about GETVPN is true?A . The configuration that defines which traffic to encrypt originates from the key server. B. TEK rekeys can be load-balanced between two key servers operating in COOP. C. The pseudotime that is used for replay checking is synchronized via NTP. D. Group members must...

Which requirement is needed to use local authentication for Cisco AnyConnect Secure Mobility Clients that connect to a FlexVPN server?A . use of certificates instead of username and password B. EAP-AnyConnect C. EAP query-identity D. AnyConnect profileView AnswerAnswer: B Explanation: https://www.cisco.com/c/en/us/support/docs/security/flexvpn/200555-FlexVPN-AnyConnect-IKEv2-Remote-Access.pdf Reference: https://www.cisco.com/c/en/us/support/docs/security/flexvpn/200555-FlexVPN-AnyConnect-IKEv2-Remote-Access.html