1. Home
  2. Networking
  3. CCSP Cisco Certified Security Professional Certification

Chapter Review

Chapter Review

This chapter looked at how VPNs can be used to extend the corporate networks securely using public networks, such as the Internet. The two basic VPN types are remote access and site-to-site. The three types of VPN connectivity are access VPN, intranet VPN, and extranet VPN. The two VPN modes are transport and tunnel.

While a variety of Layer 2 and Layer 7 VPN implementations exist, IPSec and IETF Layer 3 standards seem to dominate the market today. IPSec technologies include a variety of authentication and encryption methods.

Questions

1.?

Which is not one of the three basic types of VPN connections?

  1. Access VPNs

  2. Intranet VPNs

  3. Internet VPNs

  4. Extranet VPNs

C. Internet VPNs

2.?

Which is not one of the concerns in using the Internet for conducting private communications?

  1. Loss of privacy

  2. High cost

  3. Loss of data integrity

  4. Identity spoofing

B. High cost

3.?

Which one of the following is a Layer 2 tunneling protocol supported by Microsoft and Cisco?

  1. PPTP

  2. L2F

  3. L2TP

  4. GRE

C. L2TP

4.?

With which security protocol is the data not encrypted?

  1. AH

  2. EST

  3. ESP

  4. Diffie-Hellman

A. AH

5.?

What is the size of the encryption key for DES?

  1. 40 bit

  2. 56 bit

  3. 128 bit

  4. 168 bit

B. 56 bit

6.?

Which one of the following is not an encryption algorithm?

  1. DES

  2. 3DES

  3. ESP

  4. AES

C. ESP

7.?

Which is the most secure hashing algorithm?

  1. MD5

  2. SHA-1

  3. HMAC MD5

  4. HMAC SHA-1

D. HMAC SHA-1

8.?

With which security mode is the original IP header encrypted?

  1. AH Transport

  2. AH Tunnel

  3. ESP Transport

  4. ESP Tunnel

D. ESP Tunnel

9.?

Which is not a valid transform?

  1. ah-md5-hmac

  2. esp-rfc1829

  3. ah-des

  4. esp-sha-hmac

C. ah-des

10.?

Transform sets can contain how many AH transforms?

  1. 1

  2. 2

  3. 3

  4. None

A. 1

11.?

Which cryptography type is also called public key encryption?

  1. Symmetric encryption

  2. Asymmetric encryption

  3. Hash function

  4. Cipher text

B. Asymmetric encryption

12.?

Which Diffie-Hellman key exchange offers the most security?

  1. 5

  2. 2

  3. 1

  4. 0

A. 5

13.?

In an IPSec session, what is the minimum number of SAs that will be created?

  1. 1

  2. 2

  3. 3

  4. 6

C. 3-1 IKE and 1 in each direction for IPSec

14.?

At what point are the IPSec peers authenticated?

  1. IKE Phase One

  2. IKE Phase Two

  3. IKE Phase Three

  4. Interesting Traffic

A. IKE Phase One

15.?

What is a nonce?

  1. A large prime number

  2. A random number

  3. A pseudorandom number

  4. A digital signature

C. pseudorandom number

Answers

1.?

C. Internet VPNs

2.?

B. High cost

3.?

C. L2TP

4.?

A. AH

5.?

B. 56 bit

6.?

C. ESP

7.?

D. HMAC SHA-1

8.?

D. ESP Tunnel

9.?

C. ah-des

10.?

A. 1

11.?

B. Asymmetric encryption

12.?

A. 5

13.?

C. 3—1 IKE and 1 in each direction for IPSec

14.?

A. IKE Phase One

15.?

C. pseudorandom number



BackCover
CCSP - Cisco Certified Security Professional Certification All-in-One Exam Guide
Introduction
Part I: Introduction to Network Security
Part II: Securing the Network Perimeter
Part III: Virtual Private Networks (VPNs)
Chapter 9: Cisco IOS IPSec Introduction
Virtual Private Networks
Tunneling Protocols
How IPSec Works
Cisco IOS IPSec Technologies
Cisco IOS Cryptosystem Components
Security Association (SA)
Five Steps of IPSec Revisited
IPSec Support in Cisco Systems Products
Chapter Review
Chapter 10: Cisco IOS IPSec for Preshared Keys
Chapter 11: Cisco IOS IPSec Certificate Authority Support
Chapter 12: Cisco IOS Remote Access Using Cisco Easy VPN
Chapter 13: Cisco VPN Hardware Overview
Chapter 14: Cisco VPN 3000 Remote Access Networks
Chapter 15: Configuring Cisco VPN 3002 Remote Clients
Chapter 16: Cisco VPN 3000 LAN-to-LAN Networks
Part IV: PIX Firewalls
Part V: Intrusion Detection Systems (IDS)
Part VI: Cisco SAFE Implementation
Appendix A: Access Control Lists
Appendix B: About the CD
List of Figures
List of Tables
List of Sidebars