nerdexam
Exams300-730Questions#144
Cisco

300-730 · Question #144

300-730 Question #144: Real Exam Question with Answer & Explanation

The correct answer is D: GETVPN. GETVPN uses a tunnelless, header-preserving encryption model that keeps original source and destination IP addresses intact, enabling native multicast forwarding across a private WAN without added encapsulation overhead.

Secure Communications Architectures

Question

Which VPN technology minimizes the impact on VPN performance when encrypting multicast traffic on a Private WAN?

Options

  • ADMVPN
  • BIPsec VPN
  • CFlexVPN
  • DGETVPN

Explanation

GETVPN uses a tunnelless, header-preserving encryption model that keeps original source and destination IP addresses intact, enabling native multicast forwarding across a private WAN without added encapsulation overhead.

Common mistakes.

  • A. DMVPN can carry multicast but must replicate multicast traffic as individual unicast streams to each spoke router, which increases overhead and does not minimize performance impact.
  • B. Standard IPsec VPN does not support multicast natively and requires GRE encapsulation before encryption, which adds overhead and does not preserve original multicast addressing.
  • C. FlexVPN can support multicast but requires additional encapsulation such as mGRE and is not architecturally optimized for native multicast preservation the way GETVPN is on private WANs.

Concept tested. GETVPN native multicast encryption on private WANs

Reference. https://www.cisco.com/c/en/us/td/docs/ios-xml/ios/sec_conn_getvpn/configuration/xe-17/sec-conn-getvpn-xe-17-book.html

Topics

#GETVPN#multicast#private WAN#VPN performance

Community Discussion

No community discussion yet for this question.

Sign up to join the discussion
Full 300-730 Practice