300-730 Practice Test

Which two parameters help to map a VPN session to a tunnel group without using the
tunnel-group list? (Choose two.)

A.

group-alias

B.

certificate map

C.

optimal gateway selection

D.

group-url

E.

AnyConnect client version

Refer to the exhibit.

Which two tunnel types produce the show crypto ipsec sa output seen in the exhibit?
(Choose two.)

 

A.

crypto map

B.

DMVPN

C.

GRE

D.

FlexVPN

E.

VTI

Which two changes must be made in order to migrate from DMVPN Phase 2 to Phase 3
when EIGRP is configured? (Choose two.)

 

A.

Add NHRP shortcuts on the hub.

B.

Add NHRP redirects on the spoke.

C.

Disable EIGRP next-hop-self on the hub.

D.

Enable EIGRP next-hop-self on the hub.

E.

Add NHRP redirects on the hub.

Refer to the exhibit.

 

A.

Option A

B.

Option B

C.

Option C

D.

Option D

Which statement about GETVPN is true?

A.

The configuration that defines which traffic to encrypt originates from the key server.

B.

TEK rekeys can be load-balanced between two key servers operating in COOP.

C.

The pseudotime that is used for replay checking is synchronized via NTP.

D.

Group members must acknowledge all KEK and TEK rekeys, regardless of
configuration.