Q31. A customer requires all traffic to go through a VPN. However, access to the local network is also required. Which two options can enable this configuration? (Choose two.) 

A. split exclude 

B. use of an XML profile 

C. full tunnel by default 

D. split tunnel 

E. split include 

Answer: A,B 


Q32. What is the default storage location of user-level bookmarks in an IOS clientless SSL VPN? 

A. disk0:/webvpn/{context name}/ 

B. disk1:/webvpn/{context name}/ 

C. flash:/webvpn/{context name}/ 

D. nvram:/webvpn/{context name}/ 

Answer:


Q33. Refer to the exhibit. 

The customer can establish an AnyConnect connection on the first attempt only. Subsequent attempts fail. What might be the issue? 

A. IKEv2 is blocked over the path. 

B. UserGroup must be different than the name of the connection profile. 

C. The primary protocol should be SSL. 

D. UserGroup must be the same as the name of the connection profile. 

Answer:


Q34. What is the default topology type for a GET VPN? 

A. point-to-point 

B. hub-and-spoke 

C. full mesh 

D. on-demand spoke-to-spoke 

Answer:


Q35. Refer to the exhibit. 

Which technology does this configuration demonstrate? 

A. AnyConnect SSL over IPv4+IPv6 

B. AnyConnect FlexVPN over IPv4+IPv6 

C. AnyConnect FlexVPN IPv6 over IPv4 

D. AnyConnect SSL IPv6 over IPv4 

Answer:


Q36. What are two forms of SSL VPN? (Choose two.) 

A. port forwarding 

B. Full Tunnel Mode 

C. Cisco IOS WebVPN 

D. Cisco AnyConnect 

Answer: C,D 


Q37. Where do you configure AnyConnect certificate-based authentication in ASDM? 

A. group policies 

B. AnyConnect Connection Profile 

C. AnyConnect Client Profile 

D. Advanced Network (Client) Access 

Answer:


Q38. Which type of communication in a FlexVPN implementation uses an NHRP shortcut? 

A. spoke to hub 

B. spoke to spoke 

C. hub to spoke 

D. hub to hub 

Answer:


Q39. When troubleshooting established clientless SSL VPN issues, which three steps should be taken? (Choose three.) 

A. Clear the browser history. 

B. Clear the browser and Java cache. 

C. Collect the information from the computer event log. 

D. Enable and use HTML capture tools. 

E. Gather crypto debugs on the adaptive security appliance. 

F. Use Wireshark to capture network traffic. 

Answer: B,E,F 


Q40. An internet-based VPN solution is being considered to replace an existing private WAN connecting remote offices. A multimedia application is used that relies on multicast for communication. Which two VPN solutions meet the application's network requirement? (Choose two.) 

A. FlexVPN 

B. DMVPN 

C. Group Encrypted Transport VPN 

D. Crypto-map based Site-to-Site IPsec VPNs 

E. AnyConnect VPN 

Answer: A,B