Which two statements are true about route-based VPNs? (Choose two.)
A.
Route-based VPNs cannot be used to configure remote access or dialup VPNs.
B.
The from-zone and to-zone, for a security policy to permit traffic over a route-based VPN, are derived from
the zone in which the protected network lies and the zone in which the IKE interface lies.
C.
system services ike must be enabled on the st0.x interface.
D.
You cannot re-write the DSCP bits on the inner IP header of an ESP packet that was created or forwarded
using a route-based VPN.
A and D
Hi! All!
The JNCIS-SEC JN0-332 exam End of Life (EOL) on July 1, 2017, now the new exam is JN0-333.
The newest JN0-333 dumps are available here FYI:
https://drive.google.com/open?id=0B-ob6L_QjGLpNzNvWWE1ck01MHM
Good Luck!!!