Implementing Cisco Enterprise Advanced Routing and Services (ENARSI) — Question 279

Which of the following is true regarding IPsec Pre-fragmentation (Look-Ahead Fragmentation)? (Choose two.)

Answer options

• A. Operates in tunnel mode only
• B. Operates in transport mode only
• C. Is used to help in the overall IPsec throughput since the end host is able to avoid packet reassembly after packet decryption.
• D. Is not dependent on the MTU of the physical interface used for IPsec.
• E. Does not support Path MTU Discovery

Correct answer: A, C

Explanation

The correct answers are A and C. IPsec Pre-fragmentation operates only in tunnel mode and enhances throughput by allowing the end host to skip packet reassembly after decryption. Options B, D, and E are incorrect as they misrepresent the modes of operation, the dependence on MTU, and the capability regarding Path MTU Discovery.