- Home
- Networking
- CCNA Security
56.
What command is used to designate that you will use Diffie - Hellman Group 2 for your key
exchange?
- A.DH group2
- B.group 2
- C.dh - group2
- D.ipsec group - 2
- Answer & Explanation
- Report
Answer : [B]
Explanation :
Explanation :
| The Diffie - Hellman group 2 key exchange is part of the ISAKMP confi guration and is a submenu under the ISAKMP policy command. |
57.
What is the name of the set of both the encryption algorithm and the integrity protocol
used in the crypto map?
- A.Transform
- B.Crypto set
- C.Transform set
- D.Crypto - set
- Answer & Explanation
- Report
Answer : [C]
Explanation :
Explanation :
| The transform set denotes the encryption protocol to use and then the integrity protocol. |
58.
Which of the following modes encrypts the entire packet and adds a new header for IPsec?
- A.Transport mode
- B.Encrypt mode
- C.Header mode
- D.Tunnel mode
- Answer & Explanation
- Report
Answer : [D]
Explanation :
Explanation :
| IPsec tunnel mode encrypts the entire packet but adds another header on top of the packet. |
59.
When configuring a crypto map for a VPN tunnel, what is the command to configure the
remote end IP that you need to communicate with?
- A.peer address ip address
- B.set peer address ip address
- C.peer ip ip address
- D.set peer ip address
- Answer & Explanation
- Report
Answer : [D]
Explanation :
Explanation :
| You configure several variables under the crypto map configuration, including the peer IP address. |
60.
What purpose does the preshared key serve?
- A.Authentication
- B.Integrity
- C.Confidentiality
- D.Authorization
- Answer & Explanation
- Report
Answer : [A]
Explanation :
Explanation :
| The preshared key is used for authentication between the two parties of the VPN tunnel. If they do not match on both sides, the tunnel will not be formed. |
|
|
||||||||||||||||||||||||||||
