IPSEC

Question 1

What does AH stand for

Answer 1

Authentication Header

Question 2

What does ESP stand for

Answer 2

Encapsulating Security payload

Question 3

What does IKE stand for

Answer 3

Internet Key Exchange

Question 4

What does AH do

Answer 4

Auth, integrity, replay

Question 5

What does ESP do

Answer 5

auth, confidentiality

Question 6

Two modes of IPSEC

Answer 6

tunnel, transport modes

Question 7

What does IKE phase 1 do

Answer 7

IKE SA is negotiated (Security Association)

Question 8

What does IKE phase 2 do

Answer 8

IPSEC SA is negotiated

Question 9

What does the IKE policy contain

Answer 9

encryption(aes), hash(sha), authentication(pre-share), DH, lifetime

Question 10

What creates the IPSEC SA

Answer 10

ipsec transform-set command

Question 11

What does the transform set do

Answer 11

Lets you pick a set of security parameters for IPSEC (esp-sha-hmac)

Question 12

What does Crypto map/ACL do

Answer 12

Defines “interesting traffic” that will be protected by encryption

Question 13

Which direction is the crypto ACL applied

Answer 13

neither, it works in both directions