IPSEC related questions and their answers

* Question

Which IPSec rule is used for the Olympia branch and what does it define? (Choose two)

A – 102
B – 116
C – 127
D – IP traffic sourced from 10.10.10.0/24 destined to 10.5.15.0/24 will use the VPN.
E – IP traffic sourced from 10.10.10.0/24 destined to 10.8.28.0/24 will use the VPN.
F – IP traffic sourced from 10.10.10.0/24 destined to 10.5.33.0/24 will use the VPN.

 

Answer: B E

Explanation:

From the output above, we learn that the IPSec Rule is 116. Next click on “IPSec Rules” and select the Name/Number of 116 to view the rule applied to it. You will see a “permit” rule for traffic from 10.10.10.0/24 to 10.8.28.0/24 (notice that the picture shown the wildcard masks, which are inverse subnet masks)

IPSec

Question 

Which defined peer IP address an local subnet belong to Crete? (Choose two)

A – peer address 192.168.55.159
B – peer address 192.168.89.192
C – peer address 192.168.195.23
D – subnet 10.5.15.0/24
E – subnet 10.7.23.0/24
F – subnet 10.4.38.0/24

 

Answer: A D

* Question 

Which algorithm as defined by the transform set is used for providing data confidentiality when connected to Tyre?

A – ESP-3DES-SHA
B – ESP-3DES-SHA1
C – ESP-3DES-SHA2
D- ESP-3DES
E – ESP-SHA-HMAC

*Answer: D

Explanation:

In the site-to-site VPN branch we see something like this  but in the Tranform Set sub-branch, we see

so the answer should be ESP-3DES-SHA2 or ESP-3DES?

To answer this question, we should review the concept:

“Data confidentiality is the use of encryption to scramble data as it travels across an insecure media”. Data confidentiality therefore means encryption.

“The transform set is a group of attributes that are exchanged together, which eliminates the need to coordinate and negotiate individual parameters”. In the picture above, we can see 3 parts of the transform-set ESP-3DES-SHA2:

IPsec protocol: ESP
IPsec encryption type: 3DES
IPsec authentication: SHA2

The question wants to ask which algorithm is used for providing data confidentiality (encryption), therefore the answer should be D – ESP-3DES.

Question 

Which peer authentication method and which IPSEC mode is used to connect to the branch locations? (Choose two)

A – Digital Certificate
B – Pre-Shared Key
C – Transport Mode
D – Tunnel Mode
E – GRE/IPSEC Transport Mode
F – GRE/IPSEC Tunnel Mode

 

Answer: B D

Copyright ©2010 - 2021 Ciscoforall.com | Privacy Policy

Porno Gratuit Porno Français Adulte XXX Brazzers Porn College Girls Film érotique Hard Porn Inceste Famille Porno Japonais Asiatique Jeunes Filles Porno Latin Brown Femmes Porn Mobile Porn Russe Porn Stars Porno Arabe Turc Porno caché Porno de qualité HD Porno Gratuit Porno Mature de Milf Porno Noir Regarder Porn Relations Lesbiennes Secrétaire de Bureau Porn Sexe en Groupe Sexe Gay Sexe Oral Vidéo Amateur Vidéo Anal