Implementing and Operating Cisco Security Core Technologies (SCOR) — Question 646

An administrator is establishing a new site-to-site VPN connection on a Cisco IOS router. The organization needs to ensure that the ISAKMP key on the hub is used only for terminating traffic from the IP address of 172.19.20.24. Which command on the hub will allow the administrator to accomplish this?

Answer options

• A. crypto isakmp identity address 172.19.20.24
• B. crypto ca identity 172.19.20.24
• C. crypto enrollment peer address 172.19.20.24
• D. crypto isakmp key Cisco0123456789 172.19.20.24

Correct answer: D

Explanation

The correct command, D, specifies the ISAKMP key to be used specifically for the IP address 172.19.20.24, thereby ensuring that only traffic from this address will utilize the defined key. Options A, B, and C do not configure the ISAKMP key for the specified IP, making them unsuitable for this requirement.