Implementing Cisco Secure Mobility Solutions 試験
Question No : 1
Which option describes traffic that will initiate a VPN connection?
Question No : 2
An engineer has successfully established a phase 1 tunnel, but notices that no packets are decrypted on the head end side of the tunnel. What is a potential cause for this issue?
Question No : 3
Which purpose of configuring perfect Forward secret is true?
Question No : 4
Which algorithm does ISAKMP use to securely derive encryption and integrity keys?
Question No : 5
An engineer is attempting to establish a new site-to site VPN connection. The tunnel terminates on an ASA 5506-X which is behind an ASA 5515-x The engineer notices that the tunnel is not establishing .Which option is a potential cause?
Question No : 6
Refer to the exhibit Which result of this command is true?
Question No : 7
A company has a Flex VPN solution for remote access and one of their Cisco any Connect remote clients is having trouble connecting property. Which command verifies that packets are being encrypted and decrypted?
Question No : 8
Which algorithm does Isakmp use for derive encryption key and integrity
Question No : 9
What command in cli you have to use to capture IKEv1 phase 1
Question No : 10
An employee working from home sends all traffic to company server. Is there policy for him to use his local internet provider and VPN only for company data?
Question No : 11
What routing protocol is recommended by Cisco in DMVPN between company router and ISP router? (Choose Two)
Question No : 12
You have been using pre-shared keys for IKE authentication on your VPN. Your network has grown rapidly, and now you need to create VPNs with numerous IPsec peers. How can you enable scaling to numerous IPsec peers?
Question No : 13
Which statement about CRL configuration is correct?
ASA SSLVPN deployment guide:
The security appliance supports various authentication methods: RSA one-time passwords, Radius,
Kerberos, LDAP, NT Domain, TACACS, Local/Internal, digital certificates, and a combination of both authentication and certificates.
Question No : 14
What is a valid reason for configuring a list of backup servers on the Cisco AnyConnect VPN Client profile?
Question No : 15
Refer to the exhibit.
While troubleshooting on a remote-access VPN application, a new NOC engineer received the message that is shown.
What is the most likely cause of the problem?
%ASA-5-722006: Group group User user-name IP IP_address Invalid address
IP_address assigned to SVC connection.
Explanation An invalid address was assigned to the user.
Recommended Action Verify and correct the address assignment, if possible.