VPN

Question 1

What is AH?

Answer 1

Authentication Header
Offers:
1) Authenticity
2) Integrity
3) Authenticates IP header and payload

Question 2

What is ESP?

Answer 2

Encapsulating Security Payload
Offers:
1) Authenticity
2) Integrity
3) Confidentiality
4) Packet Payload is encrypted

Question 3

What is NAT-Traversal?

Answer 3

Network Address Translation-Traversal (NAT-T) is a method for getting around IP address translation issues encountered when data protected by IPsec passes through a NAT device for address translation. Any changes to the IP addressing, which is the function of NAT, causes IKE to discard packets. After detecting one or more NAT devices along the datapath during Phase 1 exchanges, NAT-T adds a layer of User Datagram Protocol (UDP) encapsulation to IPsec packets so they are not discarded after address translation. NAT-T encapsulates both IKE and ESP traffic within UDP with port 4500 used as both the source and destination port.

Question 4

What Protocol and port used in NAT-Traversal?

Answer 4

UDP 4500

Question 5

What is the maximum number of propagated routes for AWS?

Answer 5

100

Question 6

What are two ways to propagated routes?

Answer 6

1) Static routing
2) Dynamic routing with BGP

Question 7

What are the two routing mechanisms supported by a Virtual Private Gateway (VGW)?

Answer 7

1) Static routing
2) BGP