Chapter 6-8 Multiple Choice
What algorithm is used with IPsec to provide data confidentiality?
AES
What two algorithms can be part of an IPsec policy to provide encryption and hashing to protect interesting traffic? (Choose two.)
AES; SHA
Which situation describes data transmissions over a WAN connection?
An employee shares a database file with a co-worker who is located in a branch office on the other side of the city.
What are two tasks to perform when configuring static NAT? (Choose two.)
Create a mapping between the inside local and outside local addresses. Identify the participating interfaces as inside or outside interfaces.
Which network scenario will require the use of a WAN?
Employees need to connect to the corporate email server through a VPN while traveling.
What is a disadvantage when both sides of a communication use PAT?
End-to-end IPv4 traceability is lost.
Which two WAN infrastructure services are examples of private connections? (Choose two.)
Frame Relay T1/E1
Which protocol creates a virtual point-to-point connection to tunnel unencrypted traffic between Cisco routers from a variety of protocols?
GRE
Which type of VPN allows multicast and broadcast traffic over a secure site-to-site VPN?
GRE over IPsec
Which type of VPN involves a nonsecure tunneling protocol being encapsulated by IPsec?
GRE over IPsec
Which type of VPN involves passenger, carrier, and transport protocols?
GRE over IPsec
Which type of VPN routes packets through virtual tunnel interfaces for encryption and forwarding?
IPsec virtual tunnel interface
Which type of VPN supports multiple sites by applying configurations to virtual interfaces instead of physical interfaces?
IPsec virtual tunnel interface
Which two end points can be on the other side of an ASA site-to-site VPN configured using ASDM? (Choose two
ISR router another ASA
What is the purpose of the overload keyword in the ip nat inside source list 1 pool NAT_POOL overload command?
It allows many inside hosts to share one or a few inside global addresses.
Which statement describes an important characteristic of a site-to-site VPN?
It must be statically set up.
Which is a requirement of a site-to-site VPN?
It requires a VPN gateway at each end of the tunnel to encrypt and decrypt traffic.
What are two hashing algorithms used with IPsec AH to guarantee authenticity? (Choose two.)
MD5; SHA
Which type of VPN has both Layer 2 and Layer 3 implementations?
MPLS VPN
Which two technologies are categorized as private WAN infrastructures? (Choose two.)
MetroE; Frame Relay
Which two statements accurately describe an advantage or a disadvantage when deploying NAT for IPv4 in a network? (Choose two.)
NAT provides a solution to slow down the IPv4 address depletion. NAT introduces problems for some applications that require end-to-end connectivity.
How is "tunneling" accomplished in a VPN?
New headers from one or more VPN protocols encapsulate the original packets.
Based on the configuration and the output shown, what can be determined about the NAT status within the organization?
Not enough information is given to determine if both static and dynamic NAT are working.
What type of address is 10.131.48.7?
Private
What type of address is 192.168.7.126?
Private.
What type of address is 128.107.240.239?
Public
What type of address is 198.133.219.148?
Public
A network administrator wants to examine the active NAT translations on a border router. Which command would perform the task?
Router# show ip nat translations
Which type of VPN connects using the Transport Layer Security (TLS) feature?
SSL VPN
Which type of VPN uses the public key infrastructure and digital certificates?
SSL VPN
What is a disadvantage of NAT?
There is no end-to-end addressing.
Which statement describes a VPN?
VPNs use virtual connections to create a private network through a public network.
Which two statements about the relationship between LANs and WANs are true? (Choose two.)
WANs connect LANs at slower speed bandwidth than LANs connect their internal end devices.; WANs are typically operated through multiple ISPs, but LANs are typically operated by single organizations or individuals.
What is the function of the Diffie-Hellman algorithm within the IPsec framework?
allows peers to exchange shared keys
Which VPN solution allows the use of a web browser to establish a secure, remote-access VPN tunnel to the ASA?
clientless SSL
Which two types of VPNs are examples of enterprise-managed remote access VPNs? (Choose two.)
clientless SSL VPN client-based IPsec VPN
What is the function of the Hashed Message Authentication Code (HMAC) algorithm in setting up an IPsec VPN?
guarantees message integrity
Which IPsec security function provides assurance that the data received via a VPN has not been modified in transit?
integrity
A company is considering updating the campus WAN connection. Which two WAN options are examples of the private WAN architecture? (Choose two.)
leased line Ethernet WAN
In NAT terms, what address type refers to the globally routable IPv4 address of a destination host on the Internet?
outside global
What does NAT overloading use to track multiple internal hosts that use one inside global address?
port numbers
What type of address is 10.100.126.126?
private
What type of address is 10.100.34.34?
private
What type of address is 10.19.6.7?
private
What type of address is 64.100.190.189?
public
What type of address is 64.101.198.107
public
What type of address is 64.101.198.197?
public
Which two end points can be on the other side of an ASA site-to-site VPN? (Choose two.)
router another ASA
Which two technologies provide enterprise-managed VPN solutions? (Choose two.)
site-to-site VPN; remote access VPN
What two addresses are specified in a static NAT configuration?
the inside local and the inside global
Which circumstance would result in an enterprise deciding to implement a corporate WAN?
when its employees become distributed across many branch locations