Chapter Review

Chapter Review

Cisco Easy VPN is part of Cisco’s Unified Client Framework, in which VPN management is centralized across all Cisco VPN devices. The goal is to simplify VPN implementation, at least at the remote end. The Easy VPN strategy incorporates all VPN platforms, including VPN software client, VPN 3002 hardware client, Cisco routers, Cisco PIX Firewalls, and Cisco VPN 3000 Concentrators.

Cisco Easy VPN strategy incorporates centrally stored and managed configurations with dynamic configuration of end-user VPN devices. This should require less manual configuration by end users and field technicians, reducing errors and additional service calls.

The Cisco Easy VPN strategy has two main components: the Cisco Easy VPN Server and the Cisco Easy VPN Remote. The Easy VPN Server service allows a growing number of Cisco IOS routers, PIX Firewalls, and Cisco VPN 3000 Concentrators to act as VPN head- end devices in site-to-site or remote-access VPNs. In addition to providing VPN connections, these devices would store the client configurations and “push” those settings down to the Easy VPN Remote devices on their next connection.

Cisco VPN client software is available, for many common computer OSs bring those systems directly in contact with the VPN networks. While this isn’t a full part of the Easy VPN Remote family, the software client shares similar features and ease of configuration.

Questions

1.?

Which of the following Cisco products is not a Cisco Easy VPN Server?

  1. PIX Firewall

  2. IOS routers

  3. IDS Manager

  4. VPN Series Concentrator

 C. IDS Manager

2.?

Which two of the following are modes of operation of Cisco Easy VPN Remote?

  1. Server

  2. Client

  3. Network extension

  4. Push

 B. Client and C. Network extension

3.?

Split tunneling refers to which one of the following?

  1. Running two simultaneous VPN connections

  2. Allowing two-way simultaneous exchanges

  3. Unsecured Internet connections in addition to secure VPN sessions

  4. Load balancing VPN circuits

 C. Unsecured Internet connections in addition to secure VPN sessions

4.?

Which of the following is marketed as both an Easy VPN Client and an Easy VPN Server?

  1. Cisco 800

  2. Cisco 1700

  3. PIX 501

  4. Cisco VPN 3002

 B. Cisco 1700

5.?

Which one of the following technologies is not typically used by VPN Clients?

  1. DSL

  2. Cable modem

  3. Dial-up modems

  4. T1 dedicated line

 D. T1 dedicated line

6.?

Which one is not a required Easy VPN Server configuration task?

  1. Applying Mode Configuration and Xauth

  2. Enabling Policy Lookup via AAA

  3. Configuring RADIUS Server Support

  4. Defining Group Policy Information for Mode Configuration Push

 C. Configuring RADIUS Server Support

7.?

Which of the following is a new VPN keepalive scheme?

  1. Split Tunneling Control

  2. IKE Dead Peer Detection (DPD)

  3. Initial Contact

  4. Group-Based Policy Control

 B. IKE Dead Peer Detection (DPD)

8.?

In setting up a Cisco VPN client connection to use preshared keys, what information is used to authenticate the connection?

  1. Digital certificates

  2. Local IP address

  3. Server IP address

  4. Group name and password

 D. Group name and password

9.?

With which one of the following must the user configure their computer to support VPN?

  1. PIX Firewall with VPN service

  2. IOS Router with VPN service

  3. VPN 3002 Hardware client

  4. Cisco VPN Client

 D Cisco VPN Client

10.?

Which VPN implementation would not usually include NAT or PAT?

  1. PIX Firewall with VPN service

  2. IOS Router with VPN service

  3. Cisco VPN Client

  4. VPN 3002 Hardware client

 C. Cisco VPN Client

11.?

Which of the following is not true about Management Center for VPN Routers v1.1 (Router MC)?

  1. It’s a component of Cisco Works

  2. It uses a web interface

  3. It’s a router-based Java application

  4. Developed configurations can be deployed directly to a device

 C It is a router-based Java application-it s a Windows 2000 application.

12.?

Which of the following is not a supported feature of Management Center for VPN Routers v1.1 (Router MC)?

  1. Configuration rollback

  2. Transparent translation of VPN policies to CLI commands

  3. Simplified policy definitions

  4. Command-line interface for easy configuration

 D. Command-line interface for easy configuration-Web interface

13.?

Which of the following Cisco Easy VPN Remote Phase Two features is only supported on the Cisco uBR905 and Cisco uBR925 cable access routers?

  1. Multiple Inside Interface Enhancements

  2. Simultaneous Easy VPN Client and Server Support

  3. Cisco Easy VPN Remote Web Manager

  4. NAT Interoperability Support

 C. Cisco Easy VPN Remote Web Manager

14.?

Which two of the following can be used for the Router Management Center server?

  1. Windows NT server

  2. Windows 2000 Professional

  3. Windows 2000 Server

  4. Sun Solaris 8.0 or above

 B. Windows 2000 Professional and C. Windows 2000 Server

15.?

Which of the following Cisco Easy VPN Remote Phase Two features allows a loopback address to be defined as the VPN tunnel source?

  1. Manual Tunnel Control

  2. Peer Host Name Enhancement

  3. Local Address Support

  4. NAT Interoperability Support

 C. Local Address Support

Answers

1.?

C. IDS Manager

2.?

B. Client and C. Network extension

3.?

C. Unsecured Internet connections in addition to secure VPN sessions

4.?

B. Cisco 1700

5.?

D. T1 dedicated line

6.?

C. Configuring RADIUS Server Support

7.?

B. IKE Dead Peer Detection (DPD)

8.?

D. Group name and password

9.?

D Cisco VPN Client

10.?

C. Cisco VPN Client

11.?

C It is a router-based Java application—it’s a Windows 2000 application.

12.?

D. Command-line interface for easy configuration—Web interface

13.?

C. Cisco Easy VPN Remote Web Manager

14.?

B. Windows 2000 Professional and C. Windows 2000 Server

15.?

C. Local Address Support




Part III: Virtual Private Networks (VPNs)