Crucial Exams

ISC2 Certified Cloud Security Professional (CCSP) Practice Question

A company is building a hybrid architecture where its on-premises edge router will connect to the cloud provider by means of two IPSec VPN tunnels that terminate on different cloud VPN gateways in the same region. Operations wants automatic traffic fail-over if one tunnel goes down and does not want to edit static routes during maintenance. Which customer-side configuration best satisfies these networking requirements?

  • Create an SSL client VPN connection using IKEv1 and configure static routes to the cloud subnets.

  • Deploy a VXLAN overlay between on-premises and cloud networks to stretch Layer 2 segments.

  • Configure two route-based IPSec tunnels and enable BGP peering across each tunnel to exchange routes dynamically.

  • Build two policy-based IPSec tunnels and use static routes on the router.

ISC2 Certified Cloud Security Professional (CCSP)
Cloud Platform & Infrastructure Security
Your Score:
Settings & Objectives
Random Mixed
Questions are selected randomly from all chosen topics, with a preference for those you haven’t seen before. You may see several questions from the same objective or domain in a row.
Rotate by Objective
Questions cycle through each objective or domain in turn, helping you avoid long streaks of questions from the same area. You may see some repeat questions, but the distribution will be more balanced across topics.

Check or uncheck an objective to set which questions you will receive.

Wipe Score
Bash, the Crucial Exams Chat Bot
AI Bot