CCNP:ONT (Optimizing Converged Cisco Networks),在2010年4月26日前預約過舊版的NP考試的需要在2010年7月31日前考掉,內容包括:描述基本的 VoIP 網絡的實施學習關於擁塞網絡的優化思想;學習實施集成的 QoS 服務特性;學習實施 QoS 的自動配置;學習優化 WLAN 的管理和安全。目前考取最新CCNP有兩種方案:方案1:640-901 + 642-812 + 642-825 + 642-845;方案2:642-892 + 642-825 + 642-845。CCNP 持有者有安裝和配置 100 到 500 個或者更多節點的網絡和排查故障的能力;能夠管理核心網絡的運作,以及綜合應用網絡邊緣的集成語音,無線以及安全方面的內容。
7. Which three features are benefits of using GRE tunnels in conjunction with IPsec for building site-to-site
VPNs? (Choose three.)
A. allows dynamic routing over the tunnel
B. supports multi-protocol (non-IP) traffic over the tunnel
C. reduces IPsec headers overhead since tunnel mode is used
D. simplifies the ACL used in the crypto map
E. uses Virtual Tunnel Interface (VTI) to simplify the IPsec VPN configuration
Answer: ABD
8. Which three IPsec VPN statements are true? (Choose three.)
A. IKE keepalives are unidirectional and sent every ten seconds.
B. IKE uses the Diffie-Hellman algorithm to generate symmetrical keys to be used by IPsec peers.
C. IPsec uses the Encapsulating Security Protocol (ESP) or the Authentication Header (AH) protocol for
exchanging keys.
D. Main mode is the method used for the IKE phase two security association negotiations.
E. Quick mode is the method used for the IKE phase one security association negotiations.
F. To establish IKE SA, main mode utilizes six packets while aggressive mode utilizes only three packets.
Answer: ABF