Cisco 300-730 - Implementing Secure Solutions with Virtual Private Networks (SVPN 300-730) Exam
Page: 2 / 45
Total 224 questions
Question #6 (Topic: Single Topic)
Refer to the exhibit. Which two tunnel types produce the show crypto ipsec sa output seen in the exhibit? (Choose two.)
A. crypto map
B. DMVPN
C. GRE
D. FlexVPN
E. VTI
Answer: BE
Question #7 (Topic: Single Topic)
Which two changes must be made in order to migrate from DMVPN Phase 2 to Phase 3 when EIGRP is configured? (Choose two.)
A. Add NHRP shortcuts on the hub.
B. Add NHRP redirects on the spoke.
C. Disable EIGRP next-hop-self on the hub.
D. Enable EIGRP next-hop-self on the hub.
E. Add NHRP redirects on the hub.
Answer: CE
Question #8 (Topic: Single Topic)
Refer to the exhibit. A customer cannot establish an IKEv2 site-to-site VPN tunnel between two Cisco ASA devices. Based on the syslog message, which action
brings up the VPN tunnel?
A. Reduce the maximum SA limit on the local Cisco ASA.
B. Increase the maximum in-negotiation SA limit on the local Cisco ASA.
C. Remove the maximum SA limit on the remote Cisco ASA.
D. Correct the crypto access list on both Cisco ASA devices.
Answer: B
Question #9 (Topic: Single Topic)
Which two parameters help to map a VPN session to a tunnel group without using the tunnel-group list? (Choose two.)
A. group-alias
B. certificate map
C. optimal gateway selection
D. group-url
E. AnyConnect client version
Answer: BD
Question #10 (Topic: Single Topic)
Which method dynamically installs the network routes for remote tunnel endpoints?
A. policy-based routing
B. CEF
C. reverse route injection
D. route filtering
Answer: C
