Brainscape's Knowledge GenomeTM


Top Flashcards (Certified)
All Flashcards

CCNA Flashcards > Introducing VPN Solutions > Flashcards

Introducing VPN Solutions Flashcards

1
Q

What is a Virtual Private Network?

A

A VPN is an encrypted connection between private networks over a public network such as the internet.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

What two authentication methods are used by IPsec to authenticate peers?

A

Pre-Shared Keys and RSA signatures

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

What RSA signatures are used with IPsec?

A

Rivest, Shamir, and Adelman

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

What type of devices can be VPN gateways?

A

Routers, Firewalls, VPN concentrators

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

What Cisco specific device can be a VPN gateway?

A

Cisco ASA 5500

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

What is Cisco Easy VPN?

A

Cisco Easy VPN is a cost-effective solution for deploying VPN that is ideal for remote offices that have little ideal IT support.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

What are the two components of Cisco VPNs?

A

Cisco Easy VPN Server, and Cisco Easy VPN Remote

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

What is Cisco Easy VPN Server?

A

The VPN server is a dedicated VPN gateway that can terminate VPN tunnels as well as site-to-site VPNs

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

What is Cisco Easy VPN Remote?

A

The VPN remote enables Cisco hardware clients to receive security policies from a Cisco Easy VPN server..

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

What VPN parameters can an administrator configure on Cisco Easy VPN server to be pushed to a Cisco Easy VPN remote client?

A

Internal IP addresses, internal subnet masks, DHCP addresses, WINS server addresses, split-tunneling flags

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

What are some benefits of using the Cisco Easy VPN solution?

A

Dynamic configuration of end-user policies // Local VPN configuration is independent of the remote peer IP // Centralized security management // Enables large-scale deployments with rapid user provisioning // Removes the need for end users to install and configure Cisco Easy VPN remote software on their PCs

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

What are the two main IPsec framework protocols?

A

Authentication Header (AH) & Encapsulation Security Protocol (ESP)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

What is an SSL VPN or WebVPN?

A

Provides remote-access connectivity from almost any internet enabled location using a web browser and native SSL encryption

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

What is an example of an SSL or WebVPN?

A

Citrix

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

What is the Authentication Header?

A

AH provides authentication and data integrity using its algorithms. AH does not encrypt packets, and is used with ESP to provide encryption with tamper-aware security

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

What is Encapsulating Security Protocol?

A

ESP is an encryption algorithm that encrypts the IP packet and ESP header, which conceal the data payload and identities of the source / destination.

17
Q

What are the two modes of cisco WebVPN?

A

Clientless // Thin Client

18
Q

What is IPsec?

A

Network layer protocol that protects and authenticates packets.

19
Q

What four security services does IPsec provide?

A

Confidentiality // Integrity // Authentication // Antireplay protection

20
Q

What is Antireplay protection?

A

Antireplay protection verifies that each packet is unique and not duplicated. This is done by comparing the sequence number of the received packets with a sliding window of the destination host or gateway.

21
Q

For IPsec encryption to work in a VPN, what must both the sender and receiver be configured with?

A

The sender and receiver must be configured with the same transform set.

22
Q

In a VPN, what is degree of security based on?

A

The degree of security is based on the encryption algorithm used and the length of the key.

23
Q

List three types of encryption algorithms supported by IPsec.

A

Data Encryption Standard (DES) // Triple DES (3DES) // Advance Encryption Standard (AES)

24
Q

What is a transform set in relation to IPsec?

A

A transform set is the rules used to encrypt the traffic through the VPN. These rules are based on an algorithm and a key.

25
Q

What is the Diffie-Hellman Key Exchange?

A

The Diffie-Hellman (DH) Key Exchange is a public key exchange that exchanges symmetric shared secret keys

26
Q

How does IPsec ensure data integrity?

A

Uses Hash Based Messaged Authentication (HMAC) code to determine if been tampered

27
Q

What are two common HMAC algorithms used by IPsec?

A

Message Digest Algorithm 5 (MD5) // Secure Hash Algorith 1 (SHA-1)

28
Q

What are the two types of VPNs?

A

Site-to-Site // Remote Access

29
Q

List Six Cisco Easy VPN restrictions.

A

Manual NAT or PAT is not allowed // Only one destination peer and only one tunnel connection supported // Digital certificates are not supported // Only ISAKMP is supported on IPsec servers // Transform sets that provide encryption without authentication are not supported (DES, ESP, and 3DES)

30
Q

What is manual NAT or PAT not allowed in Cisco Easy VPN?

A

Cisco Easy VPN Remote automatically creates the appropriate NAT or PAT configuration for the VPN tunnel

CCNA Flashcards (1 decks)

Brainscape helps you reach your goals faster, through stronger study habits.
© 2025 Bold Learning Solutions. Terms and Conditions