web analytics

[21-May-2020] New 2020 CCNP 300-730 SVPN Dumps with VCE and PDF from PassLeader (Update Questions)

New 2020 CCNP 300-730 SVPN exam questions from PassLeader 300-730 dumps! Welcome to download the newest PassLeader 300-730 VCE and PDF dumps: https://www.passleader.com/300-730.html (70 Q&As)

P.S. Free 2020 CCNP 300-730 SVPN dumps are available on Google Drive shared by PassLeader: https://drive.google.com/open?id=1FvI5Ex1cQ5aV-zvXk36EhmRwqRF3xMhg

NEW QUESTION 1
A Cisco ASA is configured in active/standby mode. What is needed to ensure that Cisco AnyConnect users can connect after a failover event?

A.    AnyConnect images must be uploaded to both failover ASA devices.
B.    The vpnsession-db must be cleared manually.
C.    Configure a backup server in the XML profile.
D.    AnyConnect client must point to the standby IP address.

Answer: A
Explanation:
https://www.cisco.com/c/en/us/td/docs/security/asa/asa90/configuration/guide/asa_90_cli_config/ha_active_standby.html

NEW QUESTION 2
What is a requirement for smart tunnels to function properly?

A.    Java or ActiveX must be enabled on the client machine.
B.    Applications must be UDP.
C.    Stateful failover must not be configured.
D.    The user on the client machine must have admin access.

Answer: A
Explanation:
https://www.cisco.com/c/en/us/support/docs/security/asa-5500-x-series-next-generation-firewalls/111007-smart-tunnel-asa-00.html

NEW QUESTION 3
Which parameter is initially used to elect the primary key server from a group of key servers?

A.    code version
B.    highest IP address
C.    highest-priority value
D.    lowest IP address

Answer: C
Explanation:
https://www.cisco.com/c/en/us/products/collateral/security/group-encrypted-transport-vpn/deployment_guide_c07_554713.html

NEW QUESTION 4
Which VPN solution uses TBAR?

A.    GETVPN
B.    VTI
C.    DMVPN
D.    Cisco AnyConnect

Answer: A
Explanation:
https://www.cisco.com/c/en/us/td/docs/ios-xml/ios/sec_conn_getvpn/configuration/xe-3s/sec-get-vpn-xe-3s-book/sec-get-vpn.html

NEW QUESTION 5
What uses an Elliptic Curve key exchange algorithm?

A.    ECDSA
B.    ECDHE
C.    AES-GCM
D.    SHA

Answer: B
Explanation:
https://blog.cloudflare.com/a-relatively-easy-to-understand-primer-on-elliptic-curve-cryptography/

NEW QUESTION 6
What are two functions of ECDH and ECDSA? (Choose two.)

A.    nonrepudiation
B.    revocation
C.    digital signature
D.    key exchange
E.    encryption

Answer: CD
Explanation:
https://tools.cisco.com/security/center/resources/next_generation_cryptography

NEW QUESTION 7
In a FlexVPN deployment, the spokes successfully connect to the hub, but spoke-to-spoke tunnels do not form. Which troubleshooting step solves the issue?

A.    Verify the spoke configuration to check if the NHRP redirect is enabled.
B.    Verify that the spoke receives redirect messages and sends resolution requests.
C.    Verify the hub configuration to check if the NHRP shortcut is enabled.
D.    Verify that the tunnel interface is contained within a VRF.

Answer: B
Explanation:
https://www.cisco.com/c/en/us/td/docs/ios-xml/ios/sec_conn_dmvpn/configuration/15-mt/sec-conn-dmvpn-15-mt-book/sec-conn-dmvpn-summ-maps.pdf

NEW QUESTION 8
Which command is used to troubleshoot an IPv6 FlexVPN spoke-to-hub connectivity failure?

A.    show crypto ikev2 sa
B.    show crypto isakmp sa
C.    show crypto gkm
D.    show crypto identity

Answer: A
Explanation:
https://www.cisco.com/c/en/us/support/docs/security/flexvpn/116413-configure-flexvpn-00.pdf

NEW QUESTION 9
Which IKE identity does an IOS/IOS-XE headend expect to receive if an IPsec Cisco AnyConnect client uses default settings?

A.    *$SecureMobilityClient$*
B.    *$AnyConnectClient$*
C.    *$RemoteAccessVpnClient$*
D.    *$DfltlkeldentityS*

Answer: B
Explanation:
https://www.cisco.com/c/en/us/support/docs/security/flexvpn/200555-FlexVPN-AnyConnect-IKEv2-Remote-Access.html

NEW QUESTION 10
Which command automatically initiates a smart tunnel when a user logs in to the WebVPN portal page?

A.    auto-upgrade
B.    auto-connect
C.    auto-start
D.    auto-run

Answer: C
Explanation:
https://www.cisco.com/c/en/us/td/docs/security/asa/asa91/configuration/vpn/asa_91_vpn_config/webvpn-configure-policy-group.html

NEW QUESTION 11
Which feature allows the ASA to handle nonstandard applications and web resources so that they display correctly over a clientless SSL VPN connection?

A.    single sign-on
B.    Smart Tunnel
C.    WebType ACL
D.    plug-ins

Answer: B
Explanation:
https://www.cisco.com/c/en/us/td/docs/security/asa/asa90/configuration/guide/asa_90_cli_config/vpn_clientless_ssl.html#29951

NEW QUESTION 12
Which two types of web resources or protocols are enabled by default on the Cisco ASA Clientless SSL VPN portal? (Choose two.)

A.    HTTP
B.    ICA (Citrix)
C.    VNC
D.    RDP
E.    CIFS

Answer: DE
Explanation:
https://www.cisco.com/c/en/us/td/docs/security/asa/asa94/config-guides/cli/vpn/asa-94-vpn-config/webvpn-configure-gateway.html

NEW QUESTION 13
Which command identifies a Cisco AnyConnect profile that was uploaded to the flash of an IOS router?

A.    svc import profile SSL_profile flash:simos-profile.xml
B.    anyconnect profile SSL_profile flash:simos-profile.xml
C.    crypto vpn anyconnect profile SSL_profile flash:simos-profile.xml
D.    webvpn import profile SSL_profile flash:simos-profile.xml

Answer: C
Explanation:
https://www.cisco.com/c/en/us/support/docs/security/anyconnect-secure-mobility-client/200533-AnyConnect-Configure-Basic-SSLVPN-for-I.html

NEW QUESTION 14
Which method dynamically installs the network routes for remote tunnel endpoints?

A.    policy-based routing
B.    CEF
C.    reverse route injection
D.    route filtering

Answer: C
Explanation:
https://www.cisco.com/c/en/us/td/docs/ios-xml/ios/sec_conn_vpnav/configuration/12-4t/sec-vpn-availability-12-4t-book/sec-rev-rte-inject.html

NEW QUESTION 15
Which technology works with IPsec stateful failover?

A.    GLBR
B.    HSRP
C.    GRE
D.    VRRP

Answer: B
Explanation:
https://www.cisco.com/c/en/us/td/docs/ios/12_2/12_2y/12_2yx11/feature/guide/ft_vpnha.html#wp1122512

NEW QUESTION 16
Which redundancy protocol must be implemented for IPsec stateless failover to work?

A.    SSO
B.    GLBP
C.    HSRP
D.    VRRP

Answer: C
Explanation:
https://www.cisco.com/c/en/us/support/docs/security-vpn/ipsec-negotiation-ike-protocols/17826-ipsec-feat.html

NEW QUESTION 17
……


New 2020 CCNP 300-730 SVPN exam questions from PassLeader 300-730 dumps! Welcome to download the newest PassLeader 300-730 VCE and PDF dumps: https://www.passleader.com/300-730.html (70 Q&As)

P.S. Free 2020 CCNP 300-730 SVPN dumps are available on Google Drive shared by PassLeader: https://drive.google.com/open?id=1FvI5Ex1cQ5aV-zvXk36EhmRwqRF3xMhg