1. Home
  2. Cisco
  3. 300-730

Implementing Secure Solutions with Virtual Private Networks (SVPN)

Exam Details

  • Exam Code
    :300-730
  • Exam Name
    :Implementing Secure Solutions with Virtual Private Networks (SVPN)
  • Certification
    :CCNP
  • Vendor
    :Cisco
  • Total Questions
    :192 Q&As
  • Last Updated
    :

Cisco CCNP 300-730 Questions & Answers

  • Question 11:

    DRAG DROP

    Drag and drop the GETVPN components from the left onto the descriptions on the right.

    Select and Place:

  • Question 12:

    DRAG DROP

    Drag and drop the correct commands from the night onto the blanks within the code on the left to implement a design that allow for dynamic spoke-to-spoke communication. Not all comments are used.

    Select and Place:

  • Question 13:

    Refer to the exhibit.

    The VPN tunnel between the FlexVPN spoke and FlexVPN hub 192.168.0.12 is failing. What should be done to correct this issue?

    A. Add the address 192.168.0.12 255.255.255.255 command to the keyring configuration.

    B. Add the match fvrf any command to the IKEv2 policy.

    C. Add the aaa authorization group psk list Flex_AAA Flex_Auth command to the IKEv2 profile configuration.

    D. Add the tunnel mode gre ip command to the tunnel configuration.

  • Question 14:

    Refer to the exhibit.

    An IKEv2 site-to-site tunnel between an ASA and a remote peer is not building successfully. What will fix the problem based on the debug output?

    A. Ensure crypto IPsec policy matches on both VPN devices.

    B. Install the correct certificate to validate the peer.

    C. Correct crypto access list on both VPN devices.

    D. Specify the peer IP address in the tunnel group name.

  • Question 15:

    Refer to the exhibit.

    A user is connecting from behind a PC with a private IP Address. Their ISP provider is blocking TCP port 443. Which AnyConnect XML configuration will allow the user to establish a connection with the ASA?

    A. Option A

    B. Option B

    C. Option C

    D. Option D

  • Question 16:

    Refer to the exhibit.

    Which two conclusions should be drawn from the DMVPN phase 2 configuration? (Choose two.)

    A. Next-hop-self is required.

    B. EIGRP neighbor adjacency will fail.

    C. EIGRP is used as the dynamic routing protocol.

    D. EIGRP route redistribution is not allowed.

    E. Spoke-to-spoke communication is allowed.

  • Question 17:

    An administrator is setting up AnyConnect for the first time for a few users. Currently, the router does not have access to a RADIUS server. Which AnyConnect protocol must be used to allow users to authenticate?

    A. EAP-GTC

    B. EAP-MSCHAPv2

    C. EAP-MD5

    D. EAP-AnyConnect

  • Question 18:

    Refer to the exhibit.

    DMVPN spoke-to-spoke traffic works, but it passes through the hub, and never sends direct spoke-to-spoke traffic. Based on the tunnel interface configuration shown, what must be configured on the hub to solve the issue?

    A. Enable NHRP redirect.

    B. Enable split horizon.

    C. Enable IP redirects.

    D. Enable NHRP shortcut.

  • Question 19:

    A company's remote locations connect to the data centers via MPLS. A new request requires that unicast and multicast traffic that exits in the remote locations be encrypted. Which non-tunneled technology should be used to satisfy this requirement?

    A. SSL

    B. FlexVPN

    C. DMVPN

    D. GETVPN

  • Question 20:

    While troubleshooting, an engineer finds that the show crypto isakmp sa command indicates that the last state of the tunnel is MM_KEY_EXCH. What is the next step that should be taken to resolve this issue?

    A. Verify that the ISAKMP proposals match.

    B. Ensure that UDP 500 is not being blocked between the devices.

    C. Correct the peer's IP address on the crypto map.

    D. Confirm that the pre-shared keys match on both devices.

Related Exams:

Tips on How to Prepare for the Exams

Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only Cisco exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your 300-730 exam preparations and Cisco certification application, do not hesitate to visit our Vcedump.com to find your solutions here.