Fictional Corp has two data centers in the United States with private clouds. They want to connect them via the Internet using GRE, but GRE lacks encryption. Which option should they combine with GRE to provide encryption?

Unlock all questions

This demo includes only 20 questions. Upgrade to access hundreds of questions, flashcards, exam simulations, and disable ads.

Full question bankExam simulationsFlashcards
From $25.99Unlock all

Study for the CompTIA Cloud+ exam. Enhance your skills with flashcards and multiple choice questions, each supported by hints and explanations. Prepare effectively for your certification!

Multiple Choice

Fictional Corp has two data centers in the United States with private clouds. They want to connect them via the Internet using GRE, but GRE lacks encryption. Which option should they combine with GRE to provide encryption?

Explanation:
This question tests how to secure a GRE tunnel over the Internet. GRE creates a tunnel for carrying traffic, but it does not provide encryption, so the contents are exposed as they traverse the public network. To add encryption at the IP level, you wrap the GRE traffic in IPsec. IPsec provides confidentiality, integrity, and authentication for IP packets, and it’s specifically designed for site-to-site VPNs. When you run IPsec in tunnel mode to protect the GRE tunnel, all traffic inside that GRE tunnel is encrypted and authenticated as it traverses the Internet. This combination is a standard, effective way to securely connect two data centers. The other options aren’t practical for securing an entire site-to-site link. TLS and SSH operate at higher layers for individual sessions or hosts (not the entire tunnel between sites), and TLS over GRE isn’t a standard, widely used approach for encrypting an entire network path.

This question tests how to secure a GRE tunnel over the Internet. GRE creates a tunnel for carrying traffic, but it does not provide encryption, so the contents are exposed as they traverse the public network.

To add encryption at the IP level, you wrap the GRE traffic in IPsec. IPsec provides confidentiality, integrity, and authentication for IP packets, and it’s specifically designed for site-to-site VPNs. When you run IPsec in tunnel mode to protect the GRE tunnel, all traffic inside that GRE tunnel is encrypted and authenticated as it traverses the Internet. This combination is a standard, effective way to securely connect two data centers.

The other options aren’t practical for securing an entire site-to-site link. TLS and SSH operate at higher layers for individual sessions or hosts (not the entire tunnel between sites), and TLS over GRE isn’t a standard, widely used approach for encrypting an entire network path.

More Multiple Choice Questions
Subscribe

Get the latest from Passetra

You can unsubscribe at any time. Read our privacy policy