New Year Sale Limited Time 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: simple70

  1. Home
  2. Discussions
  3. Cisco
  4. CCDE
  5. 352-011 Discussions
  6. 352-011 Exam Topic 7 Question 63 Discussion

Cisco Certified Design Expert Practical Exam 352-011 Question # 63 Topic 7 Discussion

 Cisco Discussions      Browse All Questions      Go to Exam Detail      Get Premium Access
 Previous
Next  

Cisco Certified Design Expert Practical Exam 352-011 Question # 63 Topic 7 Discussion

352-011 Exam Topic 7 Question 63 Discussion:
Question #: 63
Topic #: 7

Refer to the exhibit.

352-011 Question 63

A customer interconnected hundreds of branch offices into a single DMVPN network, with the HUB in the main data center. Due to security policies, the customer requires that the default route for all Internet traffic from the users at the branches must go through the tunnel and the only connections that are allowed to and from the branch router over the local internet circuit are the DMVPN tunnels. Which two combined actions must you take on the branch router to address these security requirements and keep the solution scalable? (Choose two)
A.

Place the WAN interface in a front-door VRF, leaving the tunnel interface in the default routing instance

B.

Protect the WAN interface by an inbound ACL that permits only IPsec-related traffic

C.

Implement a zone-based firewall that allows only IPsec-related traffic from zone UNTRUSTED to zone TRUSTED

D.

Add a host route for the public IP address of each remote branch and HUB routers that points directly to the local ISP, and add a default route that points to the tunnel

E.

Use a floating default route with the preferred path over the tunnel and a backup path over the Internet natively

Get Premium 352-011 Questions
Actual exam question for Cisco 352-011 exam by Jax27561 at Nov 8, 2025, 10:09:40 AM

Contribute your Thoughts:


Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.

Submit
 Previous
Next