多选题Which three security concerns can be addressed by a tunnel mode IPsec VPN secured by ESP?()Adata integrityBdata confidentialityCdata authenticationDouter IP header confidentialityEouter IP header authentication
多选题
Which three security concerns can be addressed by a tunnel mode IPsec VPN secured by ESP?()
A
data integrity
B
data confidentiality
C
data authentication
D
outer IP header confidentiality
E
outer IP header authentication
参考解析
解析:
暂无解析
相关考题:
Which three security concerns can be addressed by a tunnel mode IPsec VPN secured by ESP?() (Choose three.) A. data integrityB. data confidentialityC. data authenticationD. outer IP header confidentialityE. outer IP header authentication
When an SRX series device receives an ESP packet, what happens?() A. If the destination address of the outer IP header of the ESP packet matches the IP address of the ingress interface, it willB. If the destination IP address in the outer IP header of ESP does not match the IP address of the ingress interface, it willC. If the destination address of the outer IP header of the ESP packet matches the IP address of the ingress interface, based packet.D. If the destination address of the outer IP header of the ESP packet matches the IP address of the ingress interface, based of inner header, it will decrypt the packet.
Which three security concerns can be addressed by a tunnel mode IPsec VPN secured by AH?() (Choose three.) A. data integrityB. data confidentialityC. data authenticationD. outer IP header confidentialityE. outer IP header authentication
What does qos pre-classify provides inregardto implementing QoS over GRE/IPSec VPN tunnels?()A、 enables IOS to copy the ToS field from the inner (original) IPheader to theouter tunnel IP headerB、 enables IOS to make a copy of the inner (original) IP header and to run a QoS classification before encryption, based on fields in the inner IP header.C、 enables IOS to classify packets based on the ToS field in the inner (original) IP headerD、 enables IOS to classify packets based on the ToS field in the outer tunnel IP headerE、 enables the IOS classification engine to only see a single encrypted and tunneledflow to reduce classification complexity
During the Easy VPN Remote connection process,which phase involves pushing the IP address, Domain Name System (DNS),and split tunnel attributes to the client?()A、mode configurationB、the VPN client establishment of an ISAKMP SAC、IPsec quick mode completion of the connectionD、VPN client initiation of the IKE phase 1 process
IPSec VPN is a widely-acknowledged solution for enterprise network. Which three IPsec VPNstatements are true?()A、IKE keepalives are unidirectional and sent every ten secondsB、IPsec uses the Encapsulating Security Protocol (ESP) or the Authentication Header (AH)protocol for exchanging keysC、To establish IKE SA, main mode utilizes six packets while aggressive mode utilizes only threepacketsD、IKE uses the Diffie-Hellman algorithm to generate symmetrical keys to be used by IPsec peers
You need to configure a GRE tunnel on a IPSec router. When you are using the SDM to configurea GRE tunnel over IPsec, which two parameters are required when defining the tunnel interfaceinformation?()A、The crypto ACL numberB、The IPSEC mode (tunnel or transport)C、The GRE tunnel interface IP addressD、The GRE tunnel source interface or IP address, and tunnel destination IP addressE、The MTU size of the GRE tunnel interface
Which three features are benefits of using GRE tunnels in conjunction with IPsec for building site-to-site VPNs?()A、allows dynamic routing over the tunnelB、supports multi-protocol (non-IP) traffic over the tunnelC、reduces IPsec headers overhead since tunnel mode is usedD、simplifies the ACL used in the crypto mapE、uses Virtual Tunnel Interface (VTI) to simplify the IPsec VPN configuration
What is not a difference between VPN tunnel authentication and per-user authentication?()A、VPN tunnel authentication is part of the IKE specification. B、VPN tunnel authentication does not control which end user can use the IPSec SA (VPN tunnel).C、User authentication is used to control access for a specific user ID, and can be used with or without a VPN tunnel for network access authorization. D、802.1X with EAP-TLS (X.509 certificates) can be used to authenticate an IPSec tunnel.
Which QoS preclassification option will require the use of the qos pre-classify command for the VPN traffic? ()A、VPN traffic needs to be classified based on the Layer2 header informationB、VPN traffic needs to be classified based on the IP precedence or DSCPC、VPN traffic needs to be classified based on IP flow or Layer 3 information, such as source and destination IP addressD、VPN traffic with Authentication Header (AH) needs to preserve the ToS byte
Which three security concerns can be addressed by a tunnel mode IPsec VPN secured by ESP?() (Choose three.)A、data integrityB、data confidentialityC、data authenticationD、outer IP header confidentialityE、outer IP header authentication
What is true about Quality of Service (QoS) for VPNs?()A、QoS preclassification is only supported on generic routing encapsulation (GRE) and IPsec VPNsB、QoS preclassification is not required in Layer 2 Tunneling Protocol (L2TP), Layer2 Forwarding (L2F), and Point-to-Point Tunneling Protocol (PPTP) VPNsC、QoS preclassification is supported on IPsec AH VPNs, but not on IPsec ESP VPNsD、the QoS-for-VPNs feature (QoS preclassification) is designed for VPN transport interfacesE、with IPsec tunnel mode, the type of service (ToS) byte value is copied automatically from the original IP header to the tunnel header
Which three security concerns can be addressed by a tunnel mode IPsec VPN secured by AH?() (Choose three.)A、data integrityB、data confidentialityC、data authenticationD、outer IP header confidentialityE、outer IP header authentication
Which three security concerns can be addressed by a tunnel mode IPsec VPN secured by ESP?()A、data integrityB、data confidentialityC、data authenticationD、outer IP header confidentialityE、outer IP header authentication
Which three security concerns can be addressed by a tunnel mode IPsec VPN secured by AH?()A、data integrityB、data confidentialityC、data authenticationD、outer IP header confidentialityE、outer IP header authentication
When an SRX series device receives an ESP packet, what happens?()A、If the destination address of the outer IP header of the ESP packet matches the IP address of the ingress interface, it willB、If the destination IP address in the outer IP header of ESP does not match the IP address of the ingress interface, it willC、If the destination address of the outer IP header of the ESP packet matches the IP address of the ingress interface, based packet.D、If the destination address of the outer IP header of the ESP packet matches the IP address of the ingress interface, based of inner header, it will decrypt the packet.
You need to design a method of communication between the IT and HR departments. Your solution must meet business requirements. What should you do?()A、Design a custom IPSec policy to implement Encapsulating Security Payload (ESP) for all IP traffic Design the IPSec policy to use certificate-based authentication between the two departments’ computersB、Design a customer IPSec policy to implement Authentication Header (AH) for all IP traffic. Desing the IPSec policy to use preshared key authentication between the two departments’ computersC、Design a customer IPSec policy to implement Encapsulating Payload (ESP) for all IP traffic. Desing the IPSec policy to use preshared key authentication between the two departments’ computersD、Design a customer IPSec policy to implement Authentication Header (AH) for all IP traffic. Desing the IPSec policy to use certificate-based authentication between the two departments’ computers
多选题Which three security concerns can be addressed by a tunnel mode IPsec VPN secured by ESP?() (Choose three.)Adata integrityBdata confidentialityCdata authenticationDouter IP header confidentialityEouter IP header authentication
多选题Which three security concerns can be addressed by a tunnel mode IPsec VPN secured by AH?() (Choose three.)Adata integrityBdata confidentialityCdata authenticationDouter IP header confidentialityEouter IP header authentication
单选题What does qos pre-classify provides inregardto implementing QoS over GRE/IPSec VPN tunnels?()A enables IOS to copy the ToS field from the inner (original) IPheader to theouter tunnel IP headerB enables IOS to make a copy of the inner (original) IP header and to run a QoS classification before encryption, based on fields in the inner IP header.C enables IOS to classify packets based on the ToS field in the inner (original) IP headerD enables IOS to classify packets based on the ToS field in the outer tunnel IP headerE enables the IOS classification engine to only see a single encrypted and tunneledflow to reduce classification complexity
多选题Which three security concerns can be addressed by a tunnel mode IPsec VPN secured by AH?()Adata integrityBdata confidentialityCdata authenticationDouter IP header confidentialityEouter IP header authentication
多选题You need to configure a GRE tunnel on a IPSec router. When you are using the SDM to configurea GRE tunnel over IPsec, which two parameters are required when defining the tunnel interfaceinformation?()AThe crypto ACL numberBThe IPSEC mode (tunnel or transport)CThe GRE tunnel interface IP addressDThe GRE tunnel source interface or IP address, and tunnel destination IP addressEThe MTU size of the GRE tunnel interface
单选题Refer to the exhibit. With an IPSec tunnel established between remote Router A and head-end router B, with Compressed Real-Time Protocol (cRTP) configured on the serial interface of Router A, what impact will the cRTP configuration have on the Voice over IP packets flowing through the IPSec tunnel from a Cisco 7960 IP phone?()A Twenty bytes of header will be replaced with five bytes. B If the IPSec transform set includes Authentication Header, the receiving IPSec peer will discard the packets. C The IPSec packets will be dropped by Router A's compression logic.D The voice packets will not be compressed.
单选题What is not a difference between VPN tunnel authentication and per-user authentication?()AVPN tunnel authentication is part of the IKE specification. BVPN tunnel authentication does not control which end user can use the IPSec SA (VPN tunnel).CUser authentication is used to control access for a specific user ID, and can be used with or without a VPN tunnel for network access authorization. D802.1X with EAP-TLS (X.509 certificates) can be used to authenticate an IPSec tunnel.
单选题Which QoS preclassification option will require the use of the qos pre-classify command for the VPN traffic? ()AVPN traffic needs to be classified based on the Layer2 header informationBVPN traffic needs to be classified based on the IP precedence or DSCPCVPN traffic needs to be classified based on IP flow or Layer 3 information, such as source and destination IP addressDVPN traffic with Authentication Header (AH) needs to preserve the ToS byte
多选题Which three security concerns can be addressed by a tunnel mode IPsec VPN secured by ESP?()Adata integrityBdata confidentialityCdata authenticationDouter IP header confidentialityEouter IP header authentication
多选题Which three features are benefits of using GRE tunnels in conjunction with IPsec for building site-to-site VPNs?()Aallows dynamic routing over the tunnelBsupports multi-protocol (non-IP) traffic over the tunnelCreduces IPsec headers overhead since tunnel mode is usedDsimplifies the ACL used in the crypto mapEuses Virtual Tunnel Interface (VTI) to simplify the IPsec VPN configuration
多选题IPSec VPN is a widely-acknowledged solution for enterprise network. Which three IPsec VPNstatements are true?()AIKE keepalives are unidirectional and sent every ten secondsBIPsec uses the Encapsulating Security Protocol (ESP) or the Authentication Header (AH)protocol for exchanging keysCTo establish IKE SA, main mode utilizes six packets while aggressive mode utilizes only threepacketsDIKE uses the Diffie-Hellman algorithm to generate symmetrical keys to be used by IPsec peers