Home ExamRange Practice Tests
In this simulation, you will review WAN telecommunication services and their architectural use cases. Understanding legacy and modern WAN protocols is crucial for a Network Defender to properly secure, analyze, and manage traffic flowing between remote sites and the core network.

CND (312-38) Network Defense Simulation

Network Scenario

You are reviewing the network architecture documentation for a newly acquired subsidiary. The subsidiary uses a legacy WAN technology to connect its remote branch LANs to the corporate data center. The documentation notes that this specific telecommunication service operates at Layer 2, utilizes Permanent Virtual Circuits (PVCs), and was originally chosen because it is highly cost-efficient for handling intermittent, bursty data transmission between LANs.

Traffic & Logs

During an infrastructure audit, you pull the configuration from the edge router at Branch Office A. The interface configuration confirms the legacy encapsulation type in use:

! Branch-A Edge Router Configuration Snippet interface Serial0/0/0 description WAN-Link-to-HQ bandwidth 1536 encapsulation frame-relay frame-relay lmi-type cisco ! interface Serial0/0/0.100 point-to-point ip address 10.10.10.2 255.255.255.252 frame-relay interface-dlci 100 ! Interface mapped to HQ via DLCI 100

Question

Which of the following is a telecommunication service designed for cost-efficient data transmission for intermittent traffic between local area networks (LANs) and between end-points in a wide area network (WAN)?
Network Defender Hint: Look at the encapsulation type in the router configuration provided in the logs. This packet-switching protocol relies on DLCIs to identify virtual circuits and was heavily used before MPLS became dominant.

Expert Analysis

1. What is happening in the network

The network administrator is reviewing the topology of a wide area network (WAN). The remote branch relies on a serial interface connected to a service provider network, utilizing a packet-switched technology that maps internal IP traffic to a Data Link Connection Identifier (DLCI) to reach the headquarters.

2. Identify behavior

The network is passing "intermittent" or "bursty" LAN-to-LAN traffic. Instead of keeping a dedicated, expensive leased line active at full capacity 100% of the time, the architecture uses a shared packet-switched network that handles variable traffic loads efficiently.

3. Why correct answer is correct (B: Frame relay)

Frame Relay is a standardized wide area network (WAN) technology that specifies the physical and data link layers of digital telecommunications channels using a packet-switching methodology. Originally designed for transport across Integrated Services Digital Network (ISDN) infrastructure, it may be used today over many other network interfaces. It is explicitly designed to be cost-efficient for intermittent, bursty traffic between LANs because bandwidth is shared dynamically among active connections.

4. Why others are wrong

  • A. PPP: Point-to-Point Protocol is used to establish a direct connection between two nodes. It is not a packet-switched cloud service designed for cost-efficient multi-site routing.
  • C. ISDN: Integrated Services Digital Network is a circuit-switched telephone network system. It is less efficient for bursty LAN traffic because the circuit remains open and dedicated, consuming resources even when idle.
  • D. X.25: This is the predecessor to Frame Relay. While it is packet-switched, it carries massive overhead due to error-checking at every node, making it slow and less efficient for modern LAN-to-LAN IP traffic.

5. Defensive action

From a Network Defender perspective, legacy WAN links like Frame Relay lack native encryption (like IPsec). All data transmitted is in cleartext across the provider's network. Defensive actions must include encapsulating traffic over these links inside a VPN (e.g., GRE over IPsec), implementing strict Access Control Lists (ACLs) on the serial interfaces, and ensuring routing protocols (OSPF/EIGRP) operating over the Non-Broadcast Multi-Access (NBMA) network are using cryptographic authentication.

6. MINI LESSON: WAN Protocols & Traffic Analysis

  • Circuit-Switched vs Packet-Switched: Circuit-switched (ISDN) establishes a dedicated path. Packet-switched (Frame Relay, X.25, MPLS) shares bandwidth, making it ideal for variable "bursty" data.
  • DLCI (Data Link Connection Identifier): In Frame Relay, the DLCI is the Layer 2 address (similar to a MAC address on Ethernet) used to identify a Permanent Virtual Circuit (PVC).
  • Security Posture: Whenever reviewing legacy network documentation, a defender's first thought must be "Is this traffic encrypted at Layer 3/4, since the Layer 2 protocol provides no confidentiality?"

Master Network Defense Methodologies

Enhance your ability to secure enterprise network architectures.

Explore more CND simulations