M8 (VPN and IPsec Concepts) Flashcards

1
Q

Which VPN benefit allows an enterprise to easily add more users to the network?

Cost Savings

Security

Scalability

Compatibility

A

Scability

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

Which VPN benefit allows an enterprise to increase the bandwidth for remote sites without necessarily adding more equipment or WAN links?

Cost Savings

Security

Scalability

Compatibility

A

Cost Savings

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

Which VPN benefit uses advanced encryption and authentication protocols to protect data from unauthorized access?

Cost Savings

Security

Scalability

Compatibility

A

Security

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

Which type of VPN is used to connect a mobile-user?

Site-to-site

Remote-access

GRE

IPsec

A

Remote-access

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

Which VPn solutions are typically managed by an enterprise? (Choose three)

MPLS Layer 2

MPLS Layer 3

IPsec

SSL

Frame Relay

DMVPN

A

(IPsec, SSL and DMVPN)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

What type of VPN can be established with a web browser using HTTPS?

IPsec

Client-based VPN

Site-to-Site VPN

Clientless VPN

A

Clientless VPN

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

Which feature describes SSL VPNs?

ALL IP-based applications are supported

Only requires a web browser on a host

Specific devices with specific configurations can connect

Uses two-way authentication with shared keys or digital certificates

A

Only requires a web browser on a host.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

What type of protocol is GRE?

Security protocol

Passenger protocol

Carrier protocol

Transport protocol

A

Carrier protocol

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

What type of VPN enables an enterprise to rapidly scale secure access across the organization?

DMVPN

Remote-access VPN

Site-to-Site VPN

MPLS VPN

A

DMVPN

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

What type of VPN enables an entierprise to emulate an Ethernet multiaccess LAN with remote sites?

DMVPN

Remote-access VPN

Site-to-Site VPN

MPLS VPN

A

MPLS VPN

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

IPsec can protect traffic in which OSI layers? (Choose four.)

Layer 1

Layer 2

Layer 3

Layer 4

Layer 5

Layer 6

Layer 7

A

(Layer 4, 5, 6 and 7)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

Which IPsec function uses pre-shared passwords, digital certificates, or RSA certificates?

IPsec protocol

Confidentiality

Integrity

Diffie-Hellman

A

Authentication

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

True or False: The IPsec framework must be updated each time a new standard is developed.

True

False

A

False

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

Which choices are packet encapslation options suported by IPsec? (Choose two.)

AES

AH

DH24

ESP

PSK

RSA

SHA

A

(AH) and (ESP)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

Which choices provide for the Confidentiality function in the IPsec framework? (Choose three.)

3DES

AES

AH

DH24

PSK

SEAL

SHA

A

(3DES, AES and SEAL)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

Which choices provide for the Integrity function in the IPsec framework? (Choose two.)

AES

AH

DH24

MD5

PSK

SEAL

SHA

A

(MD5) and (SHA)

17
Q

Which choices are available for the Authentication function in the IPsec framework? (Choose two.)

AES

AH

DH24

PSK

RSA

SEAL

SHA

A

(PSK) and (RSA)

18
Q

Which Diffie-Hellman group choices are no longer recommended?

DH groups 1, 2, and 5

DH groups 14, 15, and 16

DH groups 19, 20, 21 and 24

A

DH groups 1, 2 and 5

19
Q

Which two statements describe a remote access VPN? (Choose two.)

It connects entire networks to each other.

It requires hosts to send TCP/IP traffic through a VPN gateway.

It is used to connect individual hosts securely to a company network over the Internet.

It may require VPN client software on hosts.

It requires static configuration of the VPN tunnel.

A

(It is used to connect individual hosts securely to a company network over the Internet.) and (It may require VPN client software on hosts.)

20
Q

The use of 3DES within the IPsec framework is an example of which of the five IPsec building blocks?

Authentication

Confidentiality

Diffie-Hellman

Integrity

Nonrepudiation

A

Confidentiality

21
Q

Which type of VPN may require the Cisco VPN Client software?

Remote access VPN

SSL VPN

Site-to-site VPN

MPLS VPN

A

Remote access VPN

22
Q

Which technique is necessary to ensure a private transfer of data using a VPN?

Authorization

Encryption

Scalability

Virtualization

A

Encryption

23
Q

What are the two fundamental Dynamic Multipoint VPN tunnel types? (Choose two.)

Spoke-to-spoke

Site-to-site

Hub-to-spoke

Client-to-site

Server-to-client

A

(Spoke-to-spoke) and (Hub-to-spoke)

24
Q

What are two reasons a company would use a VPN? (Choose two.)

To increase bandwidth to the network

To connect remote users to the network

To test network connections to remote users

To allow suppliers to access the network

To eliminate the need of having a gateway

A

(To connect remote users to the network.) and (To allow suppliers to access the network.)

25
Q

All VPNs securely transmit clear text across the internet.

26
Q

Which solution allows workers to telecommute effectively and securely?

Site-to-site VPN

Remote-access VPN

Dial-up connection

DSL connection

A

Remote-access VPN

27
Q

Which VPON type is a service provider managed VPN?

Site-to-site VPN

Layer 3 MPLS VPN

Remote access VPN

GRE over IPsec VPN

28
Q

Which IPsec framework protocol provides data integrity and data authentication, but does not provide data confidentiality?

AH

IP protocol 50

ESP

DH

29
Q

What algorithm is used to provide data integrity of a message through the use of a calculated hash value?

HMAC

DH

RSA

AES

30
Q

Which statement describes the effect of key length in deterring an attacker from hacking through an encryption key?

The length of a key will not vary between encryption algorithms.

The length of a key does not affect the degree of security.

The shorter the key, the harder it is to break.

The longer the key, the more key possibilities exist.

A

The longer the key, the more key possibilities exist.

31
Q

What is a type of VPN that is generally transparent to the end user?

Site-to-site

Remote access

Public

Private

A

Site-to-Site