ExamTopics Logo
Mail Us[email protected]
Menu
Cisco Discussions
exam questions

Exam 300-730 All Questions

View all questions & answers for the 300-730 exam
Go to Exam

Exam 300-730 topic 1 question 111 discussion

Actual exam question from Cisco's 300-730
Question #: 111
Topic #: 1
[All 300-730 Questions]

Refer to the exhibit.



An engineer must allow Cisco AnyConnect users to access the outside interface using protocol UDP 500/4500. In addition, these clients must be able to establish an SSL connection to update Cisco AnyConnect software over the same connection. Which two actions must be taken to achieve this goal? (Choose two.)

  • A. IPsec (IKEv2) Allow Access must be checked on the outside interface.
  • B. SSL Enable DTLS must be checked on the outside interface.
  • C. Bypass interface access lists for inbound VPN sessions must be unchecked.
  • D. IPsec (IKEv2) Enable Client Services must be checked on the outside interface.
  • E. SSL Allow Access must be checked on the outside interface.
Show Suggested Answer Hide Answer
Suggested Answer: AD 🗳️
by mazinhoo at Jan. 18, 2023, 12:50 p.m.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
mazinhoo
Highly Voted 2 years, 3 months ago
Selected Answer: AD
AnyConnect uses IKE to establish the tunnel (UDP 500/4500) and SSL for updating the software (client services)
upvoted 7 times
...
6727cff
Most Recent 7 months, 3 weeks ago
AD is correct. Enable Client Services to allow the update over https
upvoted 1 times
...
Rosh8787
1 year, 4 months ago
AE is the correctanswer
upvoted 1 times
...
kylesam2017
1 year, 4 months ago
I apologize for the confusion in my previous responses. To achieve the goal of allowing Cisco AnyConnect users to access the outside interface using UDP 500/4500 and establish an SSL connection for software updates, the correct actions to be taken are: 1. IPsec (IKEv2) Allow Access must be checked on the outside interface: Enabling the "IPsec (IKEv2) Allow Access" option allows incoming IPsec traffic on UDP ports 500 and 4500 to reach the outside interface of the Cisco device. This is necessary to allow AnyConnect users to establish IPsec-based VPN connections. 2. SSL Allow Access must be checked on the outside interface: Enabling the "SSL Allow Access" option allows incoming SSL traffic to reach the outside interface. This enables AnyConnect users to establish an SSL connection for software updates, which ensures the ability to update the Cisco AnyConnect software over the same connection. By checking these two options on the outside interface, you allow AnyConnect users to connect using IPsec (UDP 500/4500) and establish an SSL connection for software updates, satisfying the requirements mentioned. I apologize for any confusion caused, and I appreciate your understanding
upvoted 1 times
...
gondohwe
1 year, 5 months ago
admin update the correct answers which are AD
upvoted 1 times
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel
exam
Someone Bought Contributor Access for:
SY0-701
London, 1 minute ago