Refer to the exhibit.

An enterprise is migrating its single-area OSPF network from a Frame Relay WAN service to an MPLS
L3VPN service. Frame Relay will remain in only a few sites that require increased resiliency via twodifferent
WAN connections.
Which feature could be used in the ?MPLS VPN service provider network to support the design requirement
by ensuring that during normal operation, intersite traffic will only use the MPLS VPN service and not the old
Frame Relay service?
33

A. virtual links
B. sham links
C. multiple stub areas
D. super backbone

When creating a network design that routes an IGP over L2VPNs, with which device does the remote CE
router form an IGP adjacency?
A. the hub site PE router
B. the hub site CE router
C. the directly connected PE router
D. The IGP will not establish adjacency over the MPLS network.

You are working on a network design plan for a company with approximately 2000 sites. The sites willbe
connected using the public Internet. You plan to use private IP addressing in the network design, which will be
routed without NAT through an encrypted WAN network. Some sites will be connected to the Internet with
dynamic public IP addresses, and these addresses may change occasionally. Which VPN solution will support
these design requirements?
A. GET VPN must be used, because DMVPN does not scale to 2000 sites.
B. DMVPN must be used, because GET VPN does not scale to 2000 sites.
C. GET VPN must be used, because private IP addresses cannot be transferred with DMVPN through the
public Internet.
D. DMVPN must be used, because private IP addresses cannot be transferred with GET VPN through the
public Internet.
E. GET VPN must be used, because DMVPN does not support dynamic IP addresses for some sites.
F. DMVPN must be used, because GET VPN does not support dynamic IP addresses for some sites.

Company X will be integrating an IPv6 application into their network and wants to develop a test environment
to evaluate application performance across the network. This application will require both unicast and
multicast communications. The company can do this implementation only in certain areas of its existing IPv4-only network, but wants all areas to communicate with each other. When developing the design to provide
connectivity between these testing locations, what tunneling technology would work in this scenario?
A. ISATAP
B. 6to4
C. DMVPN
D. 6vPE
E. 6PE

A network designer has provisioned a router to use IPsec to encrypt the traffic over a GRE tunnel going to a
web server at a remote location. From the router, the network designer can ping the web server, although the
users in the office comment that they are unable to reach it. (Note: The DF bit is not set.) Which aspect should
be changed in the design of the virtual connection?
A. IP addresses of the GRE tunnel endpoints
B. IPsec configuration
C. MTU size on the GRE tunnel
D. encapsulation of the GRE tunnel

You are designing a network using multipoint GRE tunnels and need to be able to detect when connectivity
between the GRE tunnel endpoints is broken. Which statement is true about configuring keepalives for
multipoint GRE tunnels?
A. The keepalive timer values on the routers must have the same value.
B. Both routers must support GRE tunnel keepalives.
30

C. No configuration is required to detect when connectivity is broken between the GRE tunnel endpoints.
D. GRE tunnel keepalives will not detect when connectivity is broken between the GRE tunnel endpoints.

Refer to the exhibit.

You are designing a loop-free hierarchical VPLS service. Which two design considerations should be
implemented for the pseudowires between the N-PE and U-PE routers? (Choose two.)
A. Disable split horizon toward the N-PE routers.
B. Disable split horizon toward the U-PE router.
C. Enable split horizon toward the U-PE router.
D. Enable split horizon toward the N-PE routers.
E. Disable MAC learning on the U-PE route.
F. Disable MAC learning on the N-PE routers.

You are designing a Group Encrypted Transport virtual private network solution for an existing branch
network. The existing network has the following characteristics:
– 50 remote sites (with an additional 30 remote sites expected over the next 3 years)
– Connectivity between all sites is via Multiprotocol Label Switching Layer 3 virtual private network service
from a single provider
– Open Shortest Path First is the routing protocol used between provider edge and customer edge routers
– The customer edge routers will become group members performing the encryption between sites
Which additional routing protocol would you use for the overlay routing between the group members?
A. Open Shortest Path First (with a different process ID)
B. Enhanced Interior Gateway Routing Protocol
C. No additional protocol is necessary.
D. External Border Gateway Protocol
E. Routing Information Protocol Version 2
F. Next Hop Resolution Protocol

You are tasked with implementing a 1000-phone remote access solution, where phones will traverse a WAN
edge router. Assuming all of the following features are supported in a hardware- assisted manner, which of the
following will have the most detrimental impact on the delay of the packet?
A. encryption
B. stateful firewall
C. MPLS encapsulation
D. GRE encapsulation

Your organization is working on a design solution for a new Internet-based remote access virtual private
network that has 1000 remote sites. A network administrator recommends GETVPN as the model because the
network of today uses DMVPN, which results in a lot of background NHRP control traffic. What is a potential
problem with using GETVPN for this design solution?
A. GETVPN would require a high level of background traffic to maintain its IPsec SAs.
B. GETVPN is not scalable to a large number of remote sites.
C. GETVPN and DMVPN will not interoperate.
D. GETVPN key servers would be on public, hacker-reachable space and need higher security.