IPSEC 2 Flashcards
What command is used to verify the IKE phase 1 status on a Cisco router?
a. show crypto isakmp sa
b. show crypto ipsec sa
c. show ip route
d. show interface
Answer: a. show crypto isakmp sa.
Explanation: This command displays the IKE phase 1 security associations.
Which encryption method is commonly used in IPsec configurations on Cisco routers for IKE Phase 1?
a. DES
b. 3DES
c. AES
d. RC4
Answer: c. AES.
Explanation: AES (Advanced Encryption Standard) is commonly used for securing IKE Phase 1.
What is the purpose of the crypto isakmp key command in a Cisco IPsec configuration?
a. To configure the IPsec transform set
b. To define a pre-shared key for IKE authentication
c. To set up the IPsec tunnel mode
d. To configure the IPsec security association
Answer: b. To define a pre-shared key for IKE authentication.
Explanation: This command is used to specify the pre-shared key for IKE authentication.
Which command verifies the IPsec Phase 2 status on a Cisco router?
a. show crypto isakmp sa
b. show crypto ipsec sa
c. show ip route
d. show interface
Answer: b. show crypto ipsec sa.
Explanation: This command displays the IPsec Phase 2 security associations.
In a Cisco IPsec configuration, what does the term “transform set” refer to?
a. It defines the encryption method for IKE Phase 1.
b. It specifies the parameters for IPsec Phase 2.
c. It configures the pre-shared key for IKE authentication.
d. It sets up the mode of the IPsec tunnel.
Answer: b. It specifies the parameters for IPsec Phase 2.
Explanation: A transform set in Cisco IPsec configurations defines the parameters for IPsec Phase 2.
