CCDE: Cisco Certified Design Expert (Practical) — Question 216

A large enterprise plans to enable direct internet access for specific SaaS applications from its remote branch sites by using local broadband internet circuits. Only traffic to specific cloud SaaS applications will be allowed direct internet access and all other internet-bound traffic will follow its usual path. The customer wants to leverage its existing SD-WAN solution and cloud provider integration. Which action must be taken on the remote branch routers to meet the requirements?

Answer options

• A. Define a policy-based redirect to the applications.
• B. Enable Cloud OnRamp for the branch sites.
• C. Configure IPsec to the cloud provider.
• D. Implement direct connect for site connectivity.

Correct answer: B

Explanation

The correct answer is B because enabling Cloud OnRamp allows for the optimization and direct access of specific SaaS applications while integrating with SD-WAN. Option A is incorrect as a policy-based redirect does not directly provide the required cloud integration. Option C is not relevant as IPsec is for secure connections, and Option D deals with a different connectivity method that does not align with the need for local broadband internet access.