CCNP Secure FAQ: Deploying DMVPNs
Q1. Which mechanism provides a scalable multiprotocol tunneling framework with optional dynamic routing?
a. NHRP
b. IPsec
c. GRE
d. 802.1X
e. None of these answers are correct.
Q2. Which mechanism provides dynamic mutual discovery of spoke devices?
a. GRE
b. IKE
c. NHRP
d. DHCP
e. Expired Certificate List
Q3. Which mechanism provides key management and transmission protection?
a. NHRP
b. GRE
c. mGRE
d. IDS/IPS
e. IKE + IPsec
Q4. To integrate PKI-based authentication with site-to-site VPNs, which protocol must be configured to use PKI-based authentication?
a. IKE
b. GRE
c. AAA
d. RSA
e. VPN
Q5. DMVPNs can use pre-shared keys or PKI-based IKE authentication. Either choice is acceptable for a hub-and-spoke network, but which of the following is recommended for a fully meshed network?
a. IPsec
b. DH group 14
c. Pre-shared keys
d. PKI-based authentication
Q6. GRE uses which IP protocol in combination with IPsec VPNs to pass routing information between connected networks?
a. 89
b. 50
c. 47
d. 51
e. None of these answers are correct.
Q7. When a spoke router initially connects to a DMVPN, it registers its inner (tunnel) and outer (physical interface) IP address with which of the following?
a. NHRP server
b. DHCP server
c. Cisco ACS Server
d. Cisco Security Manager
e. None of these answers are correct.
Q8. What Cisco IOS Software command designates the tunnel interface as multipoint GRE mode?
a. tunnel source
b. tunnel destination
c. tunnel mode gre multipoint
d. interface gre 0/0 multipoint
Q9. If a DMVPN spoke router is configured with a point-to-point GRE interface, the spoke will only participate in which type of topology?
a. Strict hub-and-spoke
b. Partial mesh
c. Full mesh
d. Token ring
e. None of these answers are correct.
Q10. On the hub, what is the main factor that determines whether the DMVPN will operate as strict hub-and-spoke or as partially/full mesh?
a. Routing protocol functions
b. Network administrator preference
c. Bandwidth to the hub
d. Cisco router hardware model
e. Cisco IOS Software Release
Q11. A _____ cloud is a collection of routers that are configured with either an mGRE interface or a point-to-point GRE interface (or a combination of the two) and that share the same subnet.
Q12. The _____ created on the mGRE interface on the hub must be large enough to accommodate all the spoke routers’ GRE interfaces.
Q13. The NHRP network ID must be the same on the NHRP _____ and its NHRP _____.
Q14. The Cisco DMVPN solution integrates NHRP, _____, and _____.
Q15. DMVPN greatly simplifies the configuration requirements on the _____ router.
Q16. NHRP on the hub provides DMVPN spokes with the ability to locate other _____ routers.
Q17. _____ populates each spoke’s routing table so that each spoke knows about the subnets behind the other spokes.
Q18. In a hub-and-spoke deployment, all traffic between spokes must flow through the _____
More Resources