A company is setting up a dynamic crypto map on the Cisco ASA at the headquarters to accept connections from the branch offices. There will be no IP subnet overlap between the branch offices, but the engineer does not know which encryption domains will be requested by the branch offices. Additionally, the company security policy states that routing protocol traffic should not leave the HQ network. Which solution should be used to route traffic back to the branches from the Cisco ASA with minimal administrative effort?

A. Configure Reverse Route Injection on the dynamic crypto map.

B. Configure a default route with the tunneled keyword on all branch routers.

C. Configure static routes for remote subnets.

D. Configure snapshot routing with EIGRP to send out of band routing updates.








 

Suggested Answer: A



This question is in 300-730 Implementing Secure Solutions with Virtual Private Networks (SVPN) Exam
For getting Cisco Certified Network Professional Security (CCNP Security) Certificate




Disclaimers:
The website is not related to, affiliated with, endorsed or authorized by Cisco.
Trademarks, certification & product names are used for reference only and belong to Cisco.
The website does not contain actual questions and answers from Cisco's Certification Exam.