300-320 Question #488: Real Exam Question with Answer & Explanation

The correct answer is D: IPSec. IPSec site-to-site VPN is the standard technology for creating encrypted backup tunnels between two sites over the public Internet, and Cisco ASA firewalls have native, mature support for it. VPLS and MPLS are service-provider WAN technologies that run on private infrastructure,

Question

A network engineer must create a backup network connection between two corporate sites over the Internet using the existing ASA firewalls. Which VPN technology best satisfies this corporate need?

Options

AVPLS
BDMVPN
CGETVPN
DIPSec
EMPLS
FOTV

Explanation

IPSec site-to-site VPN is the standard technology for creating encrypted backup tunnels between two sites over the public Internet, and Cisco ASA firewalls have native, mature support for it. VPLS and MPLS are service-provider WAN technologies that run on private infrastructure, not the Internet. OTV (Overlay Transport Virtualization) is a data center interconnect protocol for Layer 2 extension. GETVPN is designed for private MPLS WANs and requires a key server - it does not work natively over the Internet. DMVPN is well-suited for hub-and-spoke or mesh topologies with many spokes, but for a simple two-site backup link using existing ASA devices, standard IPSec site-to-site VPN is the most direct and appropriate choice.

Community Discussion

No community discussion yet for this question.

Full 300-320 Practice