QUESTION 1
An XYZ Corporation systems engineer, while making a sales call on the ABC Corporation headquarters, tried to access the XYZ sales demonstration folder to transfer a demonstration via FTP from an ABC conference room behind the firewall. The engineer could not reach XYZ through the remote-access VPN tunnel. From home the previous day, however, the engineer connected to the XYZ sales demonstration folder and transferred the demonstration via IPsec over DSL.To get the connection to work and transfer the demonstration, what can you suggest?
A. Change the MTU size on theIPsec client to account for the change from DSL to cable transmission.
B. Enable the local LAN access option on theIPsec client.
C. Enable theIPsec over TCP option on the IPsec client.
D. Enable the clientless SSL VPN option on the PC.
Answer: A
QUESTION 2
Refer to the exhibit. For the ABC Corporation, members of the NOC need the ability to select tunnel groups from a drop-down menu on the Cisco IOS WebVPN login page. As the Cisco ASA administrator, how would you accomplish this task?
A. Define a special identity certificate with multiple groups that are defined in the certificate OU field that will grant the certificate holder access to the named groups on the login page.
B. Under Group Policies, define a default group that encompasses the required individual groups that would appear on the login page.
C. Under Connection Profiles, define a NOC profile that encompasses the required individual profiles that would appear on the login page.
D. Under Connection Profiles, enable group selection from the login page.
Answer: D
QUESTION 3
Which four parameters must be defined in an ISAKMP policy when creating an IPsec site-to-site VPN using the Cisco ASDM? (Choose four.)
A. encryption algorithm
B. hash algorithm
C. authentication method
D. IP address of remote IPsec peer
E. D-H group
F. perfect forward secrecy
Answer: ABCE
0 件のコメント:
コメントを投稿