14. What is a function of the GRE protocol?
- to configure the set of encryption and hashing algorithms that will be used to transform the data sent through the IPsec tunnel
- to encapsulate multiple OSI Layer 3 protocol packet types inside an IP tunnel
- to configure the IPsec tunnel lifetime
- to provide encryption through the IPsec tunnel
15. Refer to the exhibit. A tunnel was implemented between routers R1 and R2. Which two conclusions can be drawn from the R1 command output? (Choose two.)
- This tunnel mode is not the default tunnel interface mode for Cisco IOS software.
- This tunnel mode provides encryption.
- The data that is sent across this tunnel is not secure.
- This tunnel mode does not support IP multicast tunneling.
- A GRE tunnel is being used.
16. For a VPN, which technology provides secure remote access over broadband?
- QoS
- ADSL
- LTE
- IPsec
17. What is the purpose of LISP?
- It authenticates vSmart controllers and SDWAN routers.
- It is an architecture created to address routing scalability problems.
- It provides a permanent control plane connection over a DTLS tunnel.
- It performs load balancing of SD-WAN routers across vSmart controllers.
18. Which two protocols must be allowed for an IPsec VPN tunnel is operate properly? (Choose two.)
- 50
- 51
- 168
- 169
- 500
- 501
19. What is the purpose of a VXLAN?
- It provides site-to-site VPNs between cloud providers.
- It is an architecture created to address routing scalability problems.
- It provides Layer 2 and Layer 3 overlay networks across a Layer 3 underlay network.
- It encapsulates a variety of network layer protocols inside virtual point-to-point links.
20. What are the two peer authentication methods used by IPsec? (Choose two.)
- PSK
- GRE
- HMAC
- MD5
- RSA signatures
21. When GRE is configured on a router, what do the tunnel source and tunnel destination addresses on the tunnel interface refer to?
- the IP addresses of the two LANs that are being connected together by the VPN
- the IP address of host on the LAN that is being extended virtually
- the IP addresses at each end of the WAN link between the routers
- the IP addresses of tunnel interfaces on intermediate routers between the connected routers
vA site-to-site VPN is established with a GRE tunnel. It does not link two LANs, but rather it extends the reach of a single LAN across a WAN. Tunnel interfaces are configured on routers at each end of the VPN, not in the intermediate routers.[/alert-success]
22. How does LISP resolve an EID into an RLOC?
- by using DNS
- by sending a map request to the MR
- by tunneling data from the interior routing protocol
- by encapsulating the EID packet and adding an outer header with the RLOC IP address
23. Which algorithm is an asymmetrical key cryptosystem?
- RSA
- AES
- 3DES
- DES
24. Which remote access implementation scenario will support the use of generic routing encapsulation tunneling?
- a mobile user who connects to a router at a central site
- a branch office that connects securely to a central site
- a mobile user who connects to a SOHO site
- a central site that connects to a SOHO site without encryption
25. Which UDP port number is assigned to VXLAN by IANA?
- 4341
- 4342
- 4789
- 8472
“Do I Know This Already?” Quiz Answers:
1. Which of the following commands are optional for GRE configuration? (Choose two.)
- tunnel source {ip-address | interface-id}
- tunnel destination ip-address
- tunnel mode gre {ip | ipv6}
- keepalive
2. True or false: GRE was originally created to provide transport for non-routable legacy protocols.
- True
- False
3. Which of the following should not be dynamically advertised via an IGP into a GRE tunnel?
- Loopback interfaces
- The GRE tunnel source interface or source IP address
- Connected interfaces
- The GRE tunnel IP address
4. Which of the following are modes of packet transport supported by IPsec? (Choose two.)
- Tunnel mode
- Transparent mode
- Transport mode
- Crypto mode
5. Which of the following are encryption protocols that should be avoided? (Choose two.)
- DES
- 3DES
- AES
- GCM
- GMAC
6. Which of the following is the message exchange mode used to establish an IKEv1 IPsec SA?
- Main mode
- Aggressive mode
- Quick mode
- CREATE_CHILD_SA
7. LISP separates IP addresses into which of the following? (Choose two.)
- RLOCs
- LISP entities
- Subnets and hosts
- EIDs
8. What is the destination UDP port used by the LISP data plane?
- 4341
- 4143
- 4342
- 4142
9. True or false: ETRs are the only devices responsible for responding to map requests originated by ITRs.
- True
- False
10. Which of the following UDP ports is the UDP port officially assigned by the IANA for VXLAN?
- 8947
- 4789
- 8472
- 4987
11. True or false: The VXLAN specification defines a data plane and a control plane for VXLAN.
- True
- False