search

What is needed to define interesting traffic in the creation of an ipsec tunnel

1 Jahrs vor
Kommentare: 0
Ansichten: 152

Upgrade to remove ads

Show

Only ₩37,125/year

  1. Other
  2. Computer Skills

  • Flashcards

  • Learn

  • Test

  • Match

  • Flashcards

  • Learn

  • Test

  • Match

Terms in this set (27)

- crypto ipsec transform-set ESP-DES-SHA esp-aes-256 esp-sha-hmac

Which transform set provides the best protection?

- crypto ipsec transform-set ESP-DES-SHA esp-aes-256 esp-sha-hmac
- crypto ipsec transform-set ESP-DES-SHA esp-3des esp-sha-hmac
- crypto ipsec transform-set ESP-DES-SHA esp-des esp-sha-hmac
- crypto ipsec transform-set ESP-DES-SHA esp-aes esp-sha-hmac

- 50
- 500
- 51

Which three ports must be open to verify that an IPsec VPN tunnle is operating properly? (Choose three.)

- 168
- 50
- 169
- 501
- 500
- 51

- It will be sent unencrypted

Refer to the exhibit.

How will traffic that does not match that defined by access list 101 be treated by the router?

- It will be sent unencrypted
- It will be sent encypted
- It will be blocked
- it will be discarded

- AH
- ISAKMP
- ESP

What three protocols must be permitted through the company firewall for establishment of IPsec site-to-site VPNs? (Choose three.)

- HTTPS
- SSH
- AH
- ISAKMP
- NTP
- ESP

- during both Phase 1 and 2

When is security association (SA) created if an IPsec VPN tunnel is used to connect between two sites?

- after the tunnel is created, but before traffic is sent
- only during Phase 2
- only during Phase 1
- during both Phase 1 and 2

- when a PC with Cisco IP Communicator installed connects to a Cisco switch

In which situation would the Cisco Discovery Protocol be disabled?

- when a Cisco VoIP phone attaches to a Cisco switch
- when a Cisco switch connects to another Cisco switch
- when a Cisco switch connects to a Cisco router
- when a PC with a Cisco IP Communicator installed connects to a Cisco switch

- IPsec is a framework of open standards that relies on existing algorithms
- IPsec works at the network layer and operates over all Layer 2 protocols

Which two statements accurately describe characteristics of IPset? (Choose two)

- IPsec works at the transport layer and protects data at the network layer.
- IPsec is a framework of proprietary standards that depend on Cisco specific algorithms.
- IPsec is a framework of standards developed by Cisco that relies on OSI algorithms.
- IPsec is a framework of open standards that relies on existing algorithms.
-IPsec works at the network layer and operates over all Layer 2 protocols.
- IPsec works at the application layer and protects all application data.

- negotiation of IPsec policy

Which action do IPsec peers take during the IKE Phase 2 exchange?

- exchange of DH keys
- negotiation of IPsec policy
- negotiation of IKE policy sets
- verification of peer identity

- The longer the key, the more key possibilities exists

Which statement describes the effect of key length in deterring an attacked from hacking through an encryption key?

- The length of a key does not affect the degree of security
- The shorter the key, the harder is to break
- The length of a key will not vary between encryption algorithms
- The longer the key, the more key possibilities exists

- When multiple combinations of IPsec protection are being chosen, multiple crypto ACLs can define different traffic types

What is the purpose of configuring multiple crypto ACLs when building a VPN connection between remote sites?

- By applying the ACL on a public interface, multiple crypto ACLs can be built to prevent public users from connecting to the VPN-enabled router
- Multiple crypto ACLs can define multiple remote peers for connecting with a VPN-enabled router across the internet or network
- Multiple crypto ACLs can be configured to deny specific network traffic from crossing a VPN.
- When multiple combinations of IPsec protection are being chosen, multiple crypto ACLs can be define different traffic types.

- to define the encryption and integrity algorithms that are used to build the IPSec tunnel

Consider the following configuration on a Cisco ASA:

crypto ipsec transform-set ESP-DES-SHA esp-des esp-sha-hmac

What is the purpose of this command?

- to define the ISAKMP parameters that are used to establish the tunnel
- to define the encryption and integrity algorithms that are used to build the IPsec tunnel
- to define what traffic is allowed through and protected by tunnel
- to define only the allowed encryption algorithms

- encryption

Which technique is necessary to ensure a private transfer of data using a VPN?

- encryption
- authorization
- virtualization
- scalability

- VPNs use virtual connections to create a private network through a public network

Which statement describes a VPN?

- VPNs uses open source virtualization software to create the tunnel through the Internet.
- VPNs use virtual connections to create a private network through publich network.
- VPN use dedicated physicals connections to transfer data between remote users.
- VPN use logical connections to create public networks through the Internet.

- IPSec

Which protocol provides authentication, integrity, and confidentiality services and is a type of VPN?

- ESP
- IPsec
- MD5
- AES

- AH provides integrity and authentication
- ESP provides encryption, authentication, and integirty
- AH uses IP protocol 51

Which three statements describe the IPsec protocol framework? (choose three)

- AH provides integrity and authentication
- ESP provides encryption, authentication, and integirty
- AH uses IP protocol 51
- AH provides encruption and integrity
- ESP uses UDP protocol 50
- ESP requires both authentication and encryption

- IPsec is a framework of open standards that relies on existing algorithms

Which statement accurately describes a characteristic of IPsec?

- IPsec works at the application layer and protects all application data.
- IPsec is a framework of standards develops by Cisco that relies on OSI algorithems.
- IPsec is a framework of proprietary standards that depends on Cisco specific algorithms.
- IPsec works at the transport layer and protects data at the network layer.
- IPsec is a framework of open standards that relies on existing algorithms.

- SHA
- MD5

Which two IPsec protocols are used to provide data integrity?

- SHA
- AES
- DH
- MD5
- RSA

- allows peers to exchange shared keys

WHat is the function of the Diffie-Hellman algorithm within the IPset framework?

- provides authentication
- allows peers to exchange shared keys
- guarantees message integrity
- provides strong data encryption

- SHA

Refer to the exhibit.

What HMAC algorithm is being used to provide data integrity?

- MD5
- AES
- SHA
- DH

- access list

What is needed to define interesting traffic in the creation of an IPsec tunnel?

- security associations
- hashing algorithm
- access list
- transform set

- AES

Refer to the exhibit.

What algorithm will be used for providing confidentiality?

- RSA
- Diffie-Hellman
- DES
- AES

- 51
- 50

Which two protocols must be allowed for an IPsec VPN tunnel to operation properly?

- 501
- 500
- 51
- 168
- 50
- 169

- permits VPN to work when NAT is being used on one or both ends of the VPN

What is the purpose of NAT-T?

- enables NAT for PC-based VPN clients
- permits VPN to work when NAT is being used on one or both ends of the VPN
- upgrade NAT and IPv4
- allows NAT to be used for IPv6 addresses

- hairpinning

Which term describes a situation where VPN traffic that is received by an interface routed back out the same interface?

- GRE
- split tunneling
- MPLS
- hairpinning

- The VPN connection is initiated by the remote user

What is an important characteristic of remote-access VPNs?

- The VPN configuration is identical between the remote devices
- Internal hosts have no knowledge of the VPN
- Information required to established the VPN must remain static
- The VPN connection is initiated by the remote user

- GETVPN

Which type of site-to-site VPN uses trusted group members to eliminate point-to-point IPsec tunnels between the members of a group?

- DMVPN
- GRE
- GETVPN
- MPLS

- R1(config)# crypto isakmp key cisco123 address 209.165.200.227
R2(config)# crypto isakmp key cisco123 address 209.165.200.226

Refer to the exibit.

Which pair of crypto isakmp key commands would correctly PSK on the two routers?

- R1(config)# crypto isakmp key cisco123 address 209.165.200.227
R2(config)# crypto isakmp key cisco123 address 209.165.200.226
- R1(config)# crypto isakmp key cisco123 address 209.165.200.226
R2(config)# crypto isakmp key cisco123 address 209.165.200.227
- R1(config)# crypto isakmp key cisco123 hostname R1
R2(config)# crypto isakmp key cisco123 hostname R2
- R1(config)# crypto isakmp key cisco123 address 209.165.200.226
R2(config)# crypto isakmp key secure address 209.165.200.227

Sets found in the same folder

CCNA Security - Chapter 5

23 terms

blitzxionPlus

CCNA Security - Chapter 6

26 terms

blitzxionPlus

CCNA Security - Chapter 7

22 terms

blitzxionPlus

CCNA Security - Chapter 9

26 terms

blitzxionPlus

Other sets by this creator

Information Security Management - Midterm Study Gu…

30 terms

blitzxionPlus

Chapter 6 Quiz

10 terms

blitzxionPlus

Chapter 5 Quiz

10 terms

blitzxionPlus

Chapter 4 Quiz

10 terms

blitzxionPlus

Verified questions

other

Which of the following activities can cause your BAC to rise quickly: A. Playing drinking games B. Drinking shots C. Pregaming D. All of the above

Verified answer

other

Drawings using ___ dimensioning usually show objects that do not require a high degree of precision in their manufacture.

Verified answer

other

Which religion has the most followers worldwide?

Verified answer

other

why do you think young people turn to music to express their differences from their parents' generation?

Verified answer

Other Quizlet sets

Chapter 5 Rev Quiz

15 terms

lcho22

POL S 302 Exam 2

10 terms

Christiane_Hunt

Mars test 1

58 terms

Worok

Communication

32 terms

jessica_ann60

What is interesting traffic in IPSec?

Interesting traffic is the traffic that is allowed in the encryption domain. By default, interesting traffic is initiated from your end. You can initiate the connection from an instance on the Oracle end only if you have configured the tunnel by using any-to- any for the encryption domain.

Which method is used to identify interesting traffic needed to create an IKE Phase 1 tunnel?

Which method is used to identify interesting traffic needed to create an IKE phase 1 tunnel? A permit access list entry In order to bring up the IKE phase 1 tunnel, an access list must be configured with a permit statement that will identify interesting traffic.

What type of traffic is supported by IPSec?

IPsec supports network-level peer authentication, data origin authentication, data integrity, data confidentiality (encryption), and replay protection.

What is interesting traffic in Cisco?

Interesting traffic initiates the IPSec process—Traffic is deemed interesting when the IPSec security policy configured in the IPSec peers starts the IKE process. IKE phase one—IKE authenticates IPSec peers and negotiates IKE SAs during this phase, setting up a secure channel for negotiating IPSec SAs in phase two.

needed define interesting traffic creation ipsec tunnel

zusammenhängende Posts

Which nursing intervention would be needed before a client undergoes amniocentesis
Which nursing intervention would be needed before a client undergoes amniocentesis

When higher volumes of more standardized goods or services are needed repetitive processing is used and the standardization process is generally high?
When higher volumes of more standardized goods or services are needed repetitive processing is used and the standardization process is generally high?

Which of the following is needed to calculate raw materials to be purchased on the direct
Which of the following is needed to calculate raw materials to be purchased on the direct

Which statement accurately describes one reason a delegation of authority may be needed Quizlet
Which statement accurately describes one reason a delegation of authority may be needed Quizlet

Which of the following best explains why multiple exercises are needed to improve?
Which of the following best explains why multiple exercises are needed to improve?

What are the things needed to consider in developing information security programs?
What are the things needed to consider in developing information security programs?

What provide the resources needed by the company to produce its goods and services?
What provide the resources needed by the company to produce its goods and services?

Which nutrients are needed in higher amounts during pregnancy select all that apply?
Which nutrients are needed in higher amounts during pregnancy select all that apply?

Is failure to involve in a decision the persons whose support is needed to implement it
Is failure to involve in a decision the persons whose support is needed to implement it

How many seconds are needed to hold your position in doing the static static stretching
How many seconds are needed to hold your position in doing the static static stretching

Werbung

NEUESTEN NACHRICHTEN

Borderline wer ist schuld
1 Jahrs vor . durch LunarLine-up
Wer hat mich auf Instagram blockiert
1 Jahrs vor . durch IncipientHeader
Wie geht es dir was soll ich antworten?
1 Jahrs vor . durch SolubleAuthority
Kind 1 Jahr wie oft Fleisch
1 Jahrs vor . durch ThirstyRepublic
Was müssen Sie bei der Beladung von Fahrzeugen zu beachten?
1 Jahrs vor . durch WaxedHeadquarters
Schütz Die Himmel erzählen die Ehre Gottes
1 Jahrs vor . durch ExtrinsicSaucer
In planning an IS audit, the MOST critical step is the identification of the
1 Jahrs vor . durch SteepPanther
Wie lange darf eine Kaution einbehalten werden?
1 Jahrs vor . durch SeasonalBanjo
Sarah connor nicht bei voice of germany
1 Jahrs vor . durch FloridIceberg
Kann man mit dem Fachabitur Jura studieren?
1 Jahrs vor . durch PolarIndecency

Werbung

Populer

Werbung

Um

Legal

Hilfe

Sozial

homeendefrjpkoptzhhiitthtr
Urheberrechte © © 2024 ketiadaan Inc.