Cisco Exam 300-730 Topic 11 Question 105 Discussion

Actual exam question for Cisco's 300-730 exam

Question #: 105
Topic #: 11

A router is being configured for IKEv2 AnyConnect using AnyConnect-EAP. How would the administrator separate profiles for administrators and employees so that authorization differs when they connect?

ADefine group aliases on the headend and have the user pick the appropriate alias when they connect

BDefine group-urls on the headend and create two XML profiles to match the administrator and user group urls

CCreate a certificate map and match on the appropriate certificate fields

DDefine key-ids on the headend and create two XML profiles to match the administrator and user key-ids.

Show Suggested Answer

Suggested Answer: B

Use the FQDN including the subdomain for the website.According to the Firepower Management Center Configuration Guide, Version 6.61, when you create a URL object, you must use the fully qualified domain name (FQDN) of the website, including any subdomains, and omit the protocol prefix (HTTP or HTTPS). For example, to match www.example.com, you must enter www.example.com as the URL object value, not http://www.example.com or https://www.example.com. The system automatically matches both HTTP and HTTPS traffic for the same FQDN. Specifying the protocol to match (HTTP or HTTPS) is not required and will result in an invalid URL object. Using the subject common name from the website certificate or defining the path to the individual webpage that uses HTTPS are not supported options for URL objects.

by Hannah at Feb 10, 2025, 03:29 PM

Limited Time Offer

25%

Off

Get Premium 300-730 Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

Submit Cancel

Zana

9 days ago

I'm not sure, but I think B) Define group-urls on the headend and create two XML profiles to match the administrator and user group urls could also be a valid option.

upvoted 0 times

...

Eveline

10 days ago

I'm leaning towards option C. Using a certificate map to match on specific fields could provide a more secure way to differentiate between administrators and employees.

upvoted 0 times

...

Jose

10 days ago

I disagree, I believe the correct answer is C) Create a certificate map and match on the appropriate certificate fields.

upvoted 0 times

...

Kami

12 days ago

I think the answer is A) Define group aliases on the headend and have the user pick the appropriate alias when they connect.

upvoted 0 times

...

Emelda

18 days ago

Option B seems like the way to go. Defining group-urls and creating separate XML profiles sounds like a simple and effective solution.

upvoted 0 times

Merlyn

6 days ago

A) Define group aliases on the headend and have the user pick the appropriate alias when they connect

upvoted 0 times

...