Ensurepass    QUESTION 91 What action does the hub take when it receives a NHRP resolution request from a spoke for a network that exists behind another spoke?   A. The hub sends back a resolution reply to the requesting spoke. B. The hub updates its own NHRP mapping. C. The hub forwards the request to the destination spoke. D. The hub waits for the second spoke to send a request so that it can respond to both spokes.   Correct Answer: C     QUESTION 92 Read more [...]
Ensurepass  QUESTION 81 You are troubleshooting a site-to-site VPN issue where the tunnel is not establishing. After issuing the debug crypto isakmp command on the headend router, you see the following output. What does this output suggest?   1d00h: ISAKMP (0:1): atts are not acceptable. Next payload is 0 1d00h: ISAKMP (0:1); no offers accepted! 1d00h: ISAKMP (0:1): SA not acceptable! 1d00h: %CRYPTO-6-IKMP_MODE_FAILURE. Processing of Main Mode failed with peer at   Read more [...]
Ensurepass  QUESTION 61 What is the Cisco recommended TCP maximum segment on a DMVPN tunnel interface when the MTU is set to 1400 bytes?   A. 1160 bytes B. 1260 bytes C. 1360 bytes D. 1240 bytes   Correct Answer: C     QUESTION 62 Which technology does a multipoint GRE interface require to resolve endpoints?   A. ESP B. dynamic routing C. NHRP D. CEF E. IPSec   Correct Answer: C     QUESTION 63 Which two cryptographic technologies Read more [...]
Ensurepass HOT EXAM! 100-105 Dumps VCE PDF 200-105 Dumps VCE PDF 300-101 Dumps VCE PDF 300-115 Dumps VCE PDF 300-135 Dumps VCE PDF 300-320 Dumps VCE PDF 400-101 Dumps VCE PDF 640-911 Dumps VCE PDF 640-916 Dumps VCE PDF 70-410 Dumps VCE PDF 70-411 Dumps VCE PDF 70-412 Dumps VCE PDF 70-413 Dumps VCE PDF 70-414 Dumps VCE PDF 70-417 Dumps VCE PDF 70-461 Dumps VCE PDF 70-462 Dumps VCE PDF 70-463 Dumps VCE PDF 70-464 Dumps VCE PDF 70-465 Dumps VCE PDF 70-480 Dumps VCE PDF 70-483 Read more [...]
Ensurepass  QUESTION 41 Which two statements are true when designing a SSL VPN solution using Cisco AnyConnect? (Choose two.)   A. The VPN server must have a self-signed certificate. B. A SSL group pre-shared key must be configured on the server. C. Server side certificate is optional if using AAA for client authentication. D. The VPN IP address pool can overlap with the rest of the LAN networks. E. DTLS can be enabled for better performance.   Correct Answer: DE   Read more [...]
Ensurepass  QUESTION 51 You are configuring a Cisco IOS SSL VPN gateway to operate with DVTI support. Which command must you configure on the virtual template?   A. tunnel protection ipsec B. ip virtual-reassembly C. tunnel mode ipsec D. ip unnumbered   Correct Answer: D     QUESTION 52 Which protocol supports high availability in a Cisco IOS SSL VPN environment?   A. HSRP B. VRRP C. GLBP D. IRDP   Correct Answer: A       Read more [...]
Ensurepass  QUESTION 21 When Cisco ASA applies VPN permissions, what is the first set of attributes that it applies?   A. dynamic access policy attributes B. group policy attributes C. connection profile attributes D. user attributes   Correct Answer: A     QUESTION 22 What are two variables for configuring clientless SSL VPN single sign-on? (Choose two.)   A. CSCO_WEBVPN_OTP_PASSWORD B. CSCO_WEBVPN_INTERNAL_PASSWORD C. CSCO_WEBVPN_USERNAME Read more [...]
Ensurepass  QUESTION 31 Which Cisco ASDM option configures forwarding syslog messages to email?   A. Configuration > Device Management > Logging > E-Mail Setup B. Configuration > Device Management > E-Mail Setup > Logging Enable C. Select the syslogs to email, click Edit, and select the Forward Messages option. D. Select the syslogs to email, click Settings, and specify the Destination Email Address option.   Correct Answer: A     QUESTION Read more [...]
Ensurepass  QUESTION 11 What are the three primary components of a GET VPN network? (Choose three.)   A. Group Domain of Interpretation protocol B. Simple Network Management Protocol C. server load balancer D. accounting server E. group member F. key server Correct Answer: AEF     QUESTION 12 Which two IKEv1 policy options must match on each peer when you configure an IPsec site-to-site VPN? (Choose two.)   A. priority number B. hash algorithm Read more [...]
Ensurepass QUESTION 1 Which two are characteristics of GETVPN? (Choose two.)   A. The IP header of the encrypted packet is preserved B. A key server is elected among all configured Group Members C. Unique encryption keys are computed for each Group Member D. The same key encryption and traffic encryption keys are distributed to all Group Members   Correct Answer: AD     QUESTION 2 A company has decided to migrate an existing IKEv1 VPN tunnel to IKEv2. Which two are Read more [...]