Which two scenarios are examples of remote access VPNs? (Choose two.)
Remote access VPNs connect individual users to another network via a VPN client that is installed on the user device. Site-to-site VPNs are “always on” connections that use VPN gateways to connect two sites together. Users at each site can access the network on the other site without having to use any special clients or configurations on their individual devices.
Refer to the exhibit. Which IP address is configured on the physical interface of the CORP router?
The tunnel source and tunnel destination addresses reference the IP addresses of the physical interfaces on the local and remote routers respectively.
Which broadband technology would be best for a small office that requires fast upstream connections?
Fiber-to-the-home provides fast downstream and upstream connections. DSL, cable, and WiMax provide relatively slow upstream connections.
How can the use of VPNs in the workplace contribute to lower operating costs?
VPN technology can be used with broadband connectivity or more expensive leased lines. VPNs provide connectivity between offices, users, and SOHO environments. VPNs do not require a specific ISP to be used.
Which two statements describe a remote access VPN? (Choose two.)
Remote access VPNs can be used to support the needs of telecommuters and mobile users by allowing them to connect securely to company networks over the Internet. To connect hosts to the VPN server on the corporate network, the remote access VPN tunnel is dynamically built by client software that runs on the hosts.
When PPPoE is configured on a customer router, which two commands must have the same value for the configuration to work? (Choose two.)
The dialer pool number configured on both the dialer and Ethernet interfaces must match. The interface numbers and the username and the password do not have to match
What are two WAN connection enhancements that are achieved by implementing PPPoE? (Choose two.)
Encapsulating a PPP frame within an Ethernet frames enables IP address assignment by ISPs that are using DSL technology, as well as the ability to use CHAP for authentication and accounting. Traditional DSL does not support CHAP authentication. A traditional Ethernet link supports only Ethernet-based data link protocols.
Refer to the exhibit. Which IP address would be configured on the tunnel interface of the destination router?
The IP address that is assigned to the tunnel interface on the local router is 172.16.1.1 with a prefix mask of /30. The only other address, 172.16.1.2, would be the destination tunnel interface IP address. Although 220.127.116.11 is listed as a destination address in the output, this is the address of the physical interface at the destination, not the tunnel interface.
What functionality does mGRE provide to the DMVPN technology?
DMVPN is built on three protocols, NHRP, IPsec, and mGRE. NHRP is the distributed address mapping protocol for VPN tunnels. IPsec encrypts communications on VPN tunnels. The mGRE protocol allows the dynamic creation of multiple spoke tunnels from one permanent VPN hub.
Why is the MTU for a PPPoE DSL configuration reduced from 1500 bytes to 1492?
The default maximum data field of an Ethernet frame is 1500 bytes. However, in PPPoE the Ethernet frame payload includes a PPP frame which has also has a header. This reduces the available data MTU to 1492 bytes.
What command specifies a BGP neighbor that has an IP address of 18.104.22.168/24 and that is in AS 500?
The neighbor command is used to specify an EBGP neighbor router and peer with it. The command requires that the AS number of the neighbor be included as part of the command.
How is “tunneling” accomplished in a VPN?
Packets in a VPN are encapsulated with the headers from one or more VPN protocols before being sent across the third party network. This is referred to as “tunneling”. These outer headers can be used to route the packets, authenticate the source, and prevent unauthorized users from reading the contents of the packets.
What is a component of an ADSL connection that is located at the customer site?
Customer premises equipment (CPE) is the equipment, such as a router or modem, that is located at the customer site and connects the internal network to the carrier network.
Open the PT Activity. Perform the tasks in the activity instructions and then answer the question.
What is the code displayed on the web page?
The basic EBGP configuration includes the following tasks:
Step 1: Enable BGP routing.
Step 2: Configure the BGP neighbors or neighbor.
Step 3: Advertise the network or networks originating from the AS.
True or False?
Multiple BGP processes can run on a router.
Because a BGP router can only belong to a single autonomous system, it can only run a single BGP process.
Which three statements are characteristics of generic routing encapsulation (GRE)? (Choose three.)
GRE uses a protocol type field in the GRE header to support the encapsulation of any OSI Layer 3 protocol. GRE itself is stateless; it does not include any flow-control mechanisms by default. GRE does not have strong security mechanisms.
On the left is a cloud with the following words: ISP 1 AS 64001 Company A 192.168.10.0/24. A router labeled R1 at the edge of this cloud connects through a serial interface labeled 22.214.171.124 to another router labeled R2. The serial interface on R2 is labeled 126.96.36.199. R2 is inside a second cloud labeled ISP 2 AS 650002 Company B 192.168.20.0/24. Refer to the exhibit. Which two configurations will allow router R1 to establish a neighbor relationship with router R2? (Choose two.)
To configure EBGP, the router bgp command is followed by the AS number in which the router resides. Conversely, the neighbor command contains the AS number to which the remote router belongs.
Where is PPPoE configured on a Cisco router?
The PPPoE configuration is applied to the dialer interface, not to the Ethernet interface. The dialer interface is linked to the Ethernet interface with the dialer-pool and pppoe-client commands.
Which broadband wireless technology is based on the 802.11 standard?
The IEEE 802.11 standard is also known as Wi-Fi. Municipal Wi-Fi is a variant of the 802.11 standard.
What are two characteristics of a PPPoE configuration on a Cisco customer router? (Choose two.)
PPP, CHAP, an IP address, the dialer pool number, and the MTU size are all configured on the dialer interface. The customer router CHAP username and password must match what is configured the ISP router. The pppoe-client command, not the dialer pool command, is applied to the Ethernet interface to link it to the dialer interface.
What is used by BGP to determine the best path to a destination?
BGP uses attributes, such as AS-path, to determine the best path to a destination.
The graphic shows two routers, R1 and R2, that connect to the Internet. There is a site attached to each router. Site A is attached to router R1 and site B is attached to router R2. A tunnel is shown spanning the Internet between the two routers.
Refer to the exhibit. What solution can provide a VPN between site A and site B to support encapsulation of any Layer 3 protocol between the internal networks at each site?
A Generic Routing Encapsulation (GRE) tunnel is a non-secure, site-to-site VPN tunneling solution that is capable of encapsulating any Layer 3 protocol between multiple sites across over an IP internetwork.
Refer to the exhibit. A tunnel was implemented between routers R1 and R2. Which two conclusions can be drawn from the R1 command output? (Choose two.)
According to the R1 output, a GRE tunnel mode was specified as the tunnel interface mode. GRE is the default tunnel interface mode for Cisco IOS software. GRE does not provide encryption or any other security mechanisms. Therefore, data that is sent across a GRE tunnel is not secure. GRE supports IP multicast tunneling.
What is the approximate distance limitation for providing a satisfactory ADSL service from the central office to a customer?
For customers to receive satisfactory ADSL service, the local loop, or distance from the central office, must be less than 5.46 kilometers.
What is the function of the DSLAM in a broadband DSL network?
On a DSL network the DSLAM is used to multiplex connections from DSL subscribers into a single high-capacity link. The DSLAM is located at the central office of the provider.
Which is a requirement of a site-to-site VPN?
Site-to-site VPNs are static and are used to connect entire networks. Hosts have no knowledge of the VPN and send TCP/IP traffic to VPN gateways. The VPN gateway is responsible for encapsulating the traffic and forwarding it through the VPN tunnel to a peer gateway at the other end which decapsulates the traffic.