300-730 Online Practice Questions and Answers

Refer to the exhibit.

Which two tunnel types produce the show crypto ipsec sa output seen in the exhibit? (Choose two.)

A. crypto map

B. DMVPN

C. GRE

D. FlexVPN

E. VTI

Which command automatically initiates a smart tunnel when a user logs in to the WebVPN portal page?

A. auto-upgrade

B. auto-connect

C. auto-start

D. auto-run

Which two remote access VPN solutions support SSL? (Choose two.)

A. FlexVPN

B. clientless

C. EZVPN

D. L2TP

E. Cisco AnyConnect

Which VPN solution uses TBAR?

A. GETVPN

B. VTI

C. DMVPN

D. Cisco AnyConnect

Which technology is used to send multicast traffic over a site-to-site VPN?

A. GRE over IPsec on IOS router

B. GRE over IPsec on FTD

C. IPsec tunnel on FTD

D. GRE tunnel on ASA

Users cannot log in to a Cisco ASA using clientless SSLVPN. Troubleshooting reveals the error message "WebVPN session terminated: Client type not supported". Which step does the administrator take to resolve this issue?

A. Enable the Cisco AnyConnect premium license on the Cisco ASA.

B. Have the user upgrade to a supported browser.

C. Increase the simultaneous logins on the group policy.

D. Enable the clientless VPN protocol on the group policy.

A network engineer is setting up Cisco AnyConnect 4.9 on a Cisco ASA running ASA software 9.1. Cisco AnyConnect must connect to the Cisco ASA before the user logs on so that login scripts can work successfully. In addition, the VPN must connect without user intervention. Which two key steps accomplish this task? (Choose two.)

A. Create a Network Access Manager profile with a client policy set to connect before user logon.

B. Create a Cisco AnyConnect VPN profile with Start Before Logon set to true.

C. Issue an identity certificate to the trusted root CA folder in the machine store.

D. Create a Cisco AnyConnect VPN profile with Always On set to true.

E. Create a Cisco Anyconnect VPN Management Tunnel profile.

A network engineer must design a remote access solution to allow contractors to access internal servers. These contractors do not have permissions to install applications on their computers. Which VPN solution should be used in this design?

A. IKEv2 AnyConnect

B. Clientless

C. Port forwarding

D. SSL AnyConnect

An administrator is setting up AnyConnect for the first time for a few users. Currently, the router does not have access to a RADIUS server. Which AnyConnect protocol must be used to allow users to authenticate?

A. EAP-GTC

B. EAP-MSCHAPv2

C. EAP-MD5

D. EAP-AnyConnect

Refer to the exhibit.

An IKEv2 site-to-site tunnel between an ASA and a remote peer is not building successfully. What will fix the problem based on the debug output?

A. Ensure crypto IPsec policy matches on both VPN devices.

B. Install the correct certificate to validate the peer.

C. Correct crypto access list on both VPN devices.

D. Specify the peer IP address in the tunnel group name.