Brainscape's Knowledge GenomeTM

Browse over 1 million classes created by top students, professors, publishers, and experts.


See full index

Network Security 1.0 > Module 19: Implement Site-to-Site IPsec VPNs > Flashcards

Module 19: Implement Site-to-Site IPsec VPNs Flashcards

1
Q

How many steps for IPsec to establish a VPN?

A

5 Steps

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

What is step 1 to establish the VPN?

A

Step 1 begins when interesting traffic is sent from host A to host B

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

What is step 2 to establish the VPN?

A

IKE Phase 1 begins negotiate the ISAKMP Security associations policy

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

What is step 3 to establish the VPN?

A

IKE Phase 2 begins,

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

What is step 4 to establish the VPN?

A

the IPsec tunnel is created - data is transferred between the IPsec peers

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

what is step 5 to establish the VPN?

A

the IPsec tunnel terminates when the SA’s are deleted.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

is GRE Unicast or Multicast Traffic

A

Multicast Traffic

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

How many default ISAKMP policies are there?

A

7 default policies

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

What is the most secure ISAKMP policy?

A

policy 65507

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

What is the least secure ISAKMP policy?

A

policy 65514

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

How to configure a new ISAKMP policy

A

remember the nemonic HAGLE for the 5 Security Associations

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

What does HAGLE stand for?

A 
Hash
Authentication
Group
Lifetime
Encryption
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

How do you define interesting traffic?

A

When the traffic matches the ACL’s on both routers

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

What is a transform set in a VPN

A

set of encryption and hashing - that will be used to transform the data through the IPsec tunnel

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

What is a crypto map?

A

Crypto maps pull together the various parts configured for IPsec - such as
Where the traffic should go
What traffic should be protected by IPsec

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

How many steps are there to configure a crypto map?

A

4 steps

17
Q

What is step 1 to configure a crypto map?

A

Step 1 - Bind the ACL to the map

18
Q

What is step 2 to configure a crypto map?

A

Step 2 - Specify the peers IP address

19
Q

What is step 3 to configure a crypto map?

A

Step 3 - Configure the DH group

20
Q

What is step 4 to configure a crypto map?

A

Step 4 - Configure the IPsec tunnel lifetime

21
Q

If we want IPsec to support multicast traffic what routing protocol must be used?

A

Generic Routing Encapsulation (GRE) tunnel

for the multicast traffic

Network Security 1.0 (23 decks)

Brainscape helps you reach your goals faster, through stronger study habits.
© 2025 Bold Learning Solutions. Terms and Conditions