Nest 0 Cart
Nest Account
Popular Exams
All Categories...
Nest
Nest 0
Contact
Log In / Sign Up
Copyright 2024 © store. All rights reserved.
Home Cisco® 300-730

Cisco® 300-730 Exam Practice Questions (P. 2)

  • Full Access (224 questions)
  • Six months of Premium Access
  • Access to one million comments
  • Seamless ChatGPT Integration
  • Ability to download PDF files
  • Anki Flashcard files for revision
  • No Captcha & No AdSense
  • Advanced Exam Configuration
Get Contributor Access
Question #6

Refer to the exhibit. Which two tunnel types produce the show crypto ipsec sa output seen in the exhibit? (Choose two.)
  1. A
    crypto map
  2. B
    DMVPN
  3. C
    GRE
  4. D
    FlexVPN
  5. E
    VTI

Correct Answer:
BE

Question #7
Which two changes must be made in order to migrate from DMVPN Phase 2 to Phase 3 when EIGRP is configured? (Choose two.)
  1. A
    Add NHRP shortcuts on the hub.
  2. B
    Add NHRP redirects on the spoke.
  3. C
    Disable EIGRP next-hop-self on the hub.
  4. D
    Enable EIGRP next-hop-self on the hub.
  5. E
    Add NHRP redirects on the hub.

Correct Answer:
CE
chatbot-img GPT-4o - Answer
In DMVPN Phase 3 with EIGRP, the key adjustments involve how routing information is handled by the hub. Specifically, disabling the EIGRP next-hop-self on the hub is crucial. This function, when active, causes the hub to advertise its own IP as the next hop for data heading to spoke routers; disabling it permits direct spoke-to-spoke routing without hub intervention. Another important feature is implementing NHRP redirects on the hub, which facilitates this direct spoke-to-spoke communication by informing spoke routers that a direct path is preferable over routing through the hub.

Question #8

Refer to the exhibit. A customer cannot establish an IKEv2 site-to-site VPN tunnel between two Cisco ASA devices. Based on the syslog message, which action brings up the VPN tunnel?
  1. A
    Reduce the maximum SA limit on the local Cisco ASA.
  2. B
    Increase the maximum in-negotiation SA limit on the local Cisco ASA.
  3. C
    Remove the maximum SA limit on the remote Cisco ASA.
  4. D
    Correct the crypto access list on both Cisco ASA devices.

Correct Answer:
B

Question #9
Which two parameters help to map a VPN session to a tunnel group without using the tunnel-group list? (Choose two.)
  1. A
    group-alias
  2. B
    certificate map
  3. C
    optimal gateway selection
  4. D
    group-url
  5. E
    AnyConnect client version

Correct Answer:
BD
chatbot-img GPT-4o - Answer
The correct answers, certificate map and group-url, enable VPN sessions to be linked directly to specific tunnel groups without using a tunnel-group list. Certificate maps utilize data from a user's certificate to direct sessions into the appropriate tunnel group. The group-url function permits a user to access a VPN via a specific URL, automatically associating them with its respective tunnel group. These mechanisms streamline the process, enhancing both security and user experience, by bypassing the need for manual selection from a tunnel-group list.

Question #10
Which method dynamically installs the network routes for remote tunnel endpoints?
  1. A
    policy-based routing
  2. B
    CEF
  3. C
    reverse route injection
  4. D
    route filtering

Correct Answer:
C
Reference:
https://www.cisco.com/c/en/us/td/docs/ios-xml/ios/sec_conn_vpnav/configuration/12-4t/sec-vpn-availability-12-4t-book/sec-rev-rte-inject.html

Previous Questions Next Questions

All Pages