ExamTopics Logo
Mail Us[email protected]
Menu
Cisco Discussions
exam questions

Exam 300-420 All Questions

View all questions & answers for the 300-420 exam
Go to Exam

Exam 300-420 topic 1 question 116 discussion

Actual exam question from Cisco's 300-420
Question #: 116
Topic #: 1
[All 300-420 Questions]

A company's security policy requires that all connections between sites be encrypted in a manner that does not require maintenance of permanent tunnels. The sites are connected through a private MPLS-based service that uses a dynamically changing key and spoke-to-spoke communication. Which type of transport encryption must be used in this environment?

  • A. GETVPN
  • B. DMVPN
  • C. GRE VPN
  • D. standard IPsec VPN
Show Suggested Answer Hide Answer
Suggested Answer: A 🗳️
by Hope66 at Sept. 3, 2022, 12:09 p.m.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
iLikeHamburgers
Highly Voted 1 year, 7 months ago
Selected Answer: A
Standard IPsec VPN isn't correct because it is not dynamic. It is a permanent VPN tunnel solution. The requirements state that "does not require maintenance of permanent tunnels" DMVPN isn't correct because it is by design, a Hub and Spoke Architecture. The requirements state "spoke to spoke communication" GRE VPN isn't correct because a GRE VPN doesn't encrypt to secure the packets during transport. The requirements state "all connections between sites be encrypted" GETVPN is correct because it is the only one listed that is a "tunnel-less VPN". The requirements state "does not require maintenance of permanent tunnels.
upvoted 11 times
chefexam
8 months, 3 weeks ago
Doesn‘t DMVPN allow spoke-to-spoke as well!?
upvoted 3 times
LSLS55
6 months, 3 weeks ago
It does: "Dynamic spoke-to-spoke tunnels for partial scaling or fully meshed VPNs" - page 288 OCG.
upvoted 2 times
...
...
XalaGyan
1 year, 3 months ago
very well explained many thanks bro
upvoted 1 times
...
...
bccabrera
Most Recent 11 months, 3 weeks ago
Selected Answer: A
https://www.routexp.com/2017/08/quick-comparison-ipsec-vs-dmvpn-vs.html
upvoted 3 times
...
Hope66
1 year, 8 months ago
I think that A is correct : please see CCNP Enterprise design ENSLD 300-420 pag.291
upvoted 4 times
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel
exam
Someone Bought Contributor Access for:
SY0-701
London, 1 minute ago