Cisco CCNP 642-902 Exam 66

Ensurepass

QUESTION
What two features are benefits of using GRE tunnels with IPsec over using IPsec tunnel alone for building site-to-site VPNs? (Choose two.)

A. allows dynamic routing securely over the tunnel
B. IKE keepalives are unidirectional and sent every ten seconds
C. reduces IPsec headers overhead since tunnel mode is used
D. supports non-IP traffic over the tunnel
E. uses Virtual Tunnel Interface (VTI) to simplify the IPsec VPN configuration

Correct Answer: AD

QUESTION 322
Which statement is true about an IPsec/GRE tunnel?

A. The GRE tunnel source and destination addresses are specified within the IPsec transform set.
B. An IPsec/GRE tunnel must use IPsec tunnel mode.
C. GRE encapsulation occurs before the IPsec encryption process.
D. Crypto map ACL is not needed to match which traffic will be protected.

Correct Answer: C

QUESTION 323
Which of the following is a GRE Tunnel characteristic?

A. GRE impose more CPU overhead than IPSec on VPN gateways.
B. GRE tunnels can run through IPsec tunnels.
C. GRE Tunnel doesn’t have support for IPv6.
D. GRE consists of two sub-protocols: Encapsulated Security Payload (ESP) and Authentication Header (AH).

Correct Answer: B

QUESTION 324
What are the four main steps in configuring a GRE tunnel over IPsec on Cisco routers? (Choose Four)

A. Configure a physical interface or create a loopback interface to use as the tunnel endpoint.
B. Create the GRE tunnel interfaces.
C. Add the tunnel interfaces to the routing process so that it exchanages routing updates across that interface.
D. Add the tunnel subnet to the routing process so that it exchanages routing updates across that interface.
E. Add all subnets to the crypto access-list, so that IPsec encrypts the GRE tunnel traffic.
F. Add GRE traffic to the crypto access-list, so that IPsec encrypts the GRE tunnel traffic.

Correct Answer: ABDF

QUESTION 325
A network administrator uses GRE over IPSec to connect two branches together via VPN tunnel. Which one of the following is the reason for using GRE over IPSec?

A. GRE over IPSec provides better QoS mechanism and is faster than other WAN technologies.
B. GRE over IPSec decreases the overhead of the header.
C. GRE supports use of routing protocol, while IPSec supports encryption.
D. GRE supports encryption, while IPSec supports use of routing protocol.

Correct Answer: C

Ensurepass offers the Latest 2013 642-902 Exam PDF to pass the exams.