CCNA 4 CH 7

Lakukan tugas rumah & ujian kamu dengan baik sekarang menggunakan Quizwiz!

Which Cisco VPN solution provides limited access to internal network resources by utilizing a Cisco ASA and provides browser-based access only?

clientless SSL VPN

Refer to the exhibit. Which IP address would be configured on the tunnel interface of the destination router? HQ# show interface Tunnel0 Tunnel0 is up, line protocol is up (connected) Hardware is Tunnel Internet address is 172.16.1.1 /30 MTU 17916 bytes, BW 100 Kbit/sec, DLY 5000 usec, reliability 255/255, txload 1/255, rxload 1/255 Encapsulation TUNNEL, loopback not set Keepalive not set Tunnel source 209.165.200.225, destination 209.165.200.226 Tunnel protocol/transport GRE/IP Key disabled, sequencing disabled Checksumming of packets disabled Tunnel TTL 255 Fast tunneling enabled <output omitted>

172.16.1.2

A network design engineer is planning the implementation of an IPsec VPN. Which hashing algorithm would provide the strongest level of message integrity?

512-bit SHA

Which two scenarios are example of remote access VPNs? (Choose two)

A mobile sales agent is connecting to the company network via the Internet connection at a hotel An employee who is working from home uses VPN client software on a laptop in order to connect to the company network.

What two encryption algorithms are used in IPsec VPNs? (Choose two)

AES 3DES

What is the purpose of utilizing Diffie-Hellman (DH) algorithms as part of the IPsec standard?

DH algorithms allow two parties to establish a shared secret key that is used by encryption and hash algorithms.

What key question would help determine whether an organization should use an SSL VPN or an IPsec VPN for the remote access solution of the organization?

Do users need to be able to connect without requiring special VPN software?

What is an IPsec protocol that provides data confidentiality and authentication for IP packets?

ESP

Which two algorithms use Hash-based Message Authentication Code for message authentication? (Choose two)

MD5 SHA

Which 3 statements describe the building blocks that make up the IPsec protocol framework? (choose three)

IPsec uses encryption algorithms and keys to provide secure transfer of data. IP sec uses secret key cryptography to encrypt messages that are sent through a VPN. IPsec uses ESP to provide confidential transfer of data by encrypting IP packets.

Which statement correctly describes IPsec?

IPsec works at Layer 3, but can protect traffic from Layer 4 through Layer 7

Which statement describes a characteristic of IPsec VPNs?

IPsec works with all Layer 2 protocols

Which statement describes a feature of site-to-site VPNs?

Internal hosts send normal, unencapsulated packets

What is the purpose of a message hash in a VPN connection?

It ensures that the data has not changed while in transit.

How is "tunneling accomplished in a VPN?"

New headers from one or more VPN protocols encapsulate the original packets

Which algorithm is an asymmetrical key cryptosystem?

RSA

Refer to the exhibit. A tunnel was implemented between routers R1 and R2. Which two conclusions can be drawn from the R1 command output? (Choose two.) R1# show interface Tunnel 0 Tunnel0 is up, line protocol is up Hardware is Tunnel Internet address is 172.16.1.1/24 MTU 17916 bytes, BW 100 Kbit/sec, DLY 50000 usec, reliability 255/255, txload 1/255, rxload 1/255 Encapsulation TUNNEL, loopback not set Keepalive not set Tunnel source 209.165.200.1, destination 209.165.200.2 Tunnel protocol/transport GRE/IP <output omitted>

The data that is sent across this tunnel is not secure. A GRE tunnel is being used.

Open the PT Activity. Perform the tasks in the activity instructions and then answer the question. What problem is preventing the hosts from communicating across the VPN tunnel?

The tunnel IP addresses are incorrect

A network design engineer is planning the implementation of a cost-effective method to interconnect multiple networks securely over the Internet. Which type of technology is required?

a VPN gateway

Which remote access implementation scenario will support the use of generic routing encapsulation tunneling?

a central site that connects to a SOHO site without encryption

Which function of IPsec security services allows the receiver to verify that the data was transmitted without being changed or altered in any way?

data integrity

What is one benefit of using VPNs for remote access?

potential for reduced connectivity costs

Two corporations have just completed a merger. The network engineer has been asked to connect the two corporate networks without the expense of leased lines. Which solution would be the most cost effective method of providing a proper and secure connection between the two corporate networks?

site-to-site VPN

What is the purpose of the generic routing encapsulation tunneling protocol?

to manage the transportation of IP multicast and multiprotocol traffic between remote sites


Set pelajaran terkait

PALS - Team Response Scenario: Sara Hoffman

View Set

Sherpath lesson ch 5 and 6 questions

View Set

CSCI 321- McNeese Rhonda Anderson Quizzes 3 and 4

View Set

Commonlit - The Landlady Assesment Questions

View Set

Professional Conduct and Fiduciary Responsibility

View Set

1.1 Solving One Step and Two Step Equations

View Set

FINAL EXAM History of Rock and Roll

View Set

Focus on Personal Finance: Chapter 2

View Set

Testing and Remediation Beginning Test

View Set