M8 (VPN and IPsec Concepts) Flashcards
Which VPN benefit allows an enterprise to easily add more users to the network?
Cost Savings
Security
Scalability
Compatibility
Scability
Which VPN benefit allows an enterprise to increase the bandwidth for remote sites without necessarily adding more equipment or WAN links?
Cost Savings
Security
Scalability
Compatibility
Cost Savings
Which VPN benefit uses advanced encryption and authentication protocols to protect data from unauthorized access?
Cost Savings
Security
Scalability
Compatibility
Security
Which type of VPN is used to connect a mobile-user?
Site-to-site
Remote-access
GRE
IPsec
Remote-access
Which VPn solutions are typically managed by an enterprise? (Choose three)
MPLS Layer 2
MPLS Layer 3
IPsec
SSL
Frame Relay
DMVPN
(IPsec, SSL and DMVPN)
What type of VPN can be established with a web browser using HTTPS?
IPsec
Client-based VPN
Site-to-Site VPN
Clientless VPN
Clientless VPN
Which feature describes SSL VPNs?
ALL IP-based applications are supported
Only requires a web browser on a host
Specific devices with specific configurations can connect
Uses two-way authentication with shared keys or digital certificates
Only requires a web browser on a host.
What type of protocol is GRE?
Security protocol
Passenger protocol
Carrier protocol
Transport protocol
Carrier protocol
What type of VPN enables an enterprise to rapidly scale secure access across the organization?
DMVPN
Remote-access VPN
Site-to-Site VPN
MPLS VPN
DMVPN
What type of VPN enables an entierprise to emulate an Ethernet multiaccess LAN with remote sites?
DMVPN
Remote-access VPN
Site-to-Site VPN
MPLS VPN
MPLS VPN
IPsec can protect traffic in which OSI layers? (Choose four.)
Layer 1
Layer 2
Layer 3
Layer 4
Layer 5
Layer 6
Layer 7
(Layer 4, 5, 6 and 7)
Which IPsec function uses pre-shared passwords, digital certificates, or RSA certificates?
IPsec protocol
Confidentiality
Integrity
Diffie-Hellman
Authentication
True or False: The IPsec framework must be updated each time a new standard is developed.
True
False
False
Which choices are packet encapslation options suported by IPsec? (Choose two.)
AES
AH
DH24
ESP
PSK
RSA
SHA
(AH) and (ESP)
Which choices provide for the Confidentiality function in the IPsec framework? (Choose three.)
3DES
AES
AH
DH24
PSK
SEAL
SHA
(3DES, AES and SEAL)
Which choices provide for the Integrity function in the IPsec framework? (Choose two.)
AES
AH
DH24
MD5
PSK
SEAL
SHA
(MD5) and (SHA)
Which choices are available for the Authentication function in the IPsec framework? (Choose two.)
AES
AH
DH24
PSK
RSA
SEAL
SHA
(PSK) and (RSA)
Which Diffie-Hellman group choices are no longer recommended?
DH groups 1, 2, and 5
DH groups 14, 15, and 16
DH groups 19, 20, 21 and 24
DH groups 1, 2 and 5
Which two statements describe a remote access VPN? (Choose two.)
It connects entire networks to each other.
It requires hosts to send TCP/IP traffic through a VPN gateway.
It is used to connect individual hosts securely to a company network over the Internet.
It may require VPN client software on hosts.
It requires static configuration of the VPN tunnel.
(It is used to connect individual hosts securely to a company network over the Internet.) and (It may require VPN client software on hosts.)
The use of 3DES within the IPsec framework is an example of which of the five IPsec building blocks?
Authentication
Confidentiality
Diffie-Hellman
Integrity
Nonrepudiation
Confidentiality
Which type of VPN may require the Cisco VPN Client software?
Remote access VPN
SSL VPN
Site-to-site VPN
MPLS VPN
Remote access VPN
Which technique is necessary to ensure a private transfer of data using a VPN?
Authorization
Encryption
Scalability
Virtualization
Encryption
What are the two fundamental Dynamic Multipoint VPN tunnel types? (Choose two.)
Spoke-to-spoke
Site-to-site
Hub-to-spoke
Client-to-site
Server-to-client
(Spoke-to-spoke) and (Hub-to-spoke)
What are two reasons a company would use a VPN? (Choose two.)
To increase bandwidth to the network
To connect remote users to the network
To test network connections to remote users
To allow suppliers to access the network
To eliminate the need of having a gateway
(To connect remote users to the network.) and (To allow suppliers to access the network.)
All VPNs securely transmit clear text across the internet.
False
Which solution allows workers to telecommute effectively and securely?
Site-to-site VPN
Remote-access VPN
Dial-up connection
DSL connection
Remote-access VPN
Which VPON type is a service provider managed VPN?
Site-to-site VPN
Layer 3 MPLS VPN
Remote access VPN
GRE over IPsec VPN
Which IPsec framework protocol provides data integrity and data authentication, but does not provide data confidentiality?
AH
IP protocol 50
ESP
DH
AH
What algorithm is used to provide data integrity of a message through the use of a calculated hash value?
HMAC
DH
RSA
AES
HMAC
Which statement describes the effect of key length in deterring an attacker from hacking through an encryption key?
The length of a key will not vary between encryption algorithms.
The length of a key does not affect the degree of security.
The shorter the key, the harder it is to break.
The longer the key, the more key possibilities exist.
The longer the key, the more key possibilities exist.
What is a type of VPN that is generally transparent to the end user?
Site-to-site
Remote access
Public
Private
Site-to-Site