Quiz On Vpns Service

Approved & Edited by ProProfs Editorial Team
The editorial team at ProProfs Quizzes consists of a select group of subject experts, trivia writers, and quiz masters who have authored over 10,000 quizzes taken by more than 100 million users. This team includes our in-house seasoned quiz moderators and subject matter experts. Our editorial experts, spread across the world, are rigorously trained using our comprehensive guidelines to ensure that you receive the highest quality quizzes.
Learn about Our Editorial Process
| By Ciscow
C
Ciscow
Community Contributor
Quizzes Created: 1 | Total Attempts: 316
Questions: 23 | Attempts: 316

SettingsSettingsSettings
Service Quizzes & Trivia

Questions and Answers
  • 1. 

    A network design engineer is planning the implementation of a cost-effective method to interconnect multiple networks securely over the Internet. Which type of technology is required?

    • A.

      A GRE IP tunnel

    • B.

      A leased line

    • C.

      A VPN gateway

    • D.

      A dedicated ISP

    Correct Answer
    C. A VPN gateway
    Explanation
    A VPN gateway is required to securely interconnect multiple networks over the Internet. A VPN (Virtual Private Network) creates a secure tunnel between networks by encrypting the data that is transmitted. This ensures that the data remains confidential and protected from unauthorized access. A VPN gateway acts as the entry point for the VPN connection and is responsible for encrypting and decrypting the data. This cost-effective method allows for secure communication between networks without the need for dedicated physical connections like leased lines or dedicated ISPs.

    Rate this question:

  • 2. 

    How is “tunneling” accomplished in a VPN?

    • A.

      New headers from one or more VPN protocols encapsulate the original packets.

    • B.

      All packets between two hosts are assigned to a single physical medium to ensure that the packets are kept private.

    • C.

      Packets are disguised to look like other types of traffic so that they will be ignored by potential attackers.

    • D.

      A dedicated circuit is established between the source and destination devices for the duration of the connection.

    Correct Answer
    A. New headers from one or more VPN protocols encapsulate the original packets.
    Explanation
    The correct answer is that new headers from one or more VPN protocols encapsulate the original packets. This means that when data is sent over a VPN, it is wrapped in additional headers that provide information about the VPN connection. These headers allow the data to be securely transmitted over the internet and ensure that it remains private and protected from potential attackers.

    Rate this question:

  • 3. 

    How can the use of VPNs in the workplace contribute to lower operating costs?

    • A.

      High-speed broadband technology can be replaced with leased lines.

    • B.

      VPNs can be used across broadband connections rather than dedicated WAN links.

    • C.

      VPNs prevents connectivity to SOHO users.

    • D.

      VPNs require a subscription from a specific Internet service provider that specializes in secure connections.

    Correct Answer
    B. VPNs can be used across broadband connections rather than dedicated WAN links.
    Explanation
    The use of VPNs in the workplace can contribute to lower operating costs because they allow for the use of broadband connections instead of dedicated WAN links. This means that companies do not have to invest in expensive leased lines or pay for the maintenance and upkeep of dedicated connections. By utilizing existing broadband connections, companies can save money on infrastructure costs while still ensuring secure and encrypted communication for their employees.

    Rate this question:

  • 4. 

    Two corporations have just completed a merger. The network engineer has been asked to connect the two corporate networks without the expense of leased lines. Which solution would be the most cost effective method of providing a proper and secure connection between the two corporate networks?

    • A.

      Cisco AnyConnect Secure Mobility Client with SSL

    • B.

      Cisco Secure Mobility Clientless SSL VPN

    • C.

      Frame Relay

    • D.

      Remote access VPN using IPsec

    • E.

      Site-to-site VPN

    Correct Answer
    E. Site-to-site VPN
    Explanation
    A site-to-site VPN would be the most cost-effective method of providing a proper and secure connection between the two corporate networks. This solution allows for the establishment of a virtual private network between the two sites, utilizing the internet as the transport medium. It eliminates the need for leased lines, which can be expensive. Additionally, it provides secure connectivity by encrypting the data transmitted between the networks, ensuring confidentiality and integrity.

    Rate this question:

  • 5. 

    Which two scenarios are examples of remote access VPNs? (Choose two.)

    • A.

      A toy manufacturer has a permanent VPN connection to one of its parts suppliers.

    • B.

      All users at a large branch office can access company resources through a single VPN connection.

    • C.

      A mobile sales agent is connecting to the company network via the Internet connection at a hotel.

    • D.

      A small branch office with three employees has a Cisco ASA that is used to create a VPN connection to the HQ.

    • E.

      An employee who is working from home uses VPN client software on a laptop in order to connect to the company network.

    Correct Answer(s)
    C. A mobile sales agent is connecting to the company network via the Internet connection at a hotel.
    E. An employee who is working from home uses VPN client software on a laptop in order to connect to the company network.
    Explanation
    The two scenarios that are examples of remote access VPNs are when a mobile sales agent connects to the company network via the Internet connection at a hotel and when an employee working from home uses VPN client software on a laptop to connect to the company network. In both cases, the individuals are accessing the company's resources remotely through a secure VPN connection, allowing them to securely connect to the company network from outside locations.

    Rate this question:

  • 6. 

    Which statement describes a feature of site-to-site VPNs?

    • A.

      The VPN connection is not statically defined.

    • B.

      VPN client software is installed on each host.

    • C.

      Internal hosts send normal, unencapsulated packets.

    • D.

      Individual hosts can enable and disable the VPN connection.

    Correct Answer
    C. Internal hosts send normal, unencapsulated packets.
    Explanation
    Site-to-site VPNs allow multiple networks in different locations to securely communicate with each other over the internet. In this type of VPN, the internal hosts in each network send normal, unencapsulated packets, meaning that they do not require any special modifications or encapsulation to be sent over the VPN connection. This allows for seamless communication between the networks, as if they were directly connected.

    Rate this question:

  • 7. 

    Which remote access implementation scenario will support the use of generic routing encapsulation tunneling?

    • A.

      A mobile user who connects to a router at a central site

    • B.

      A branch office that connects securely to a central site

    • C.

      A mobile user who connects to a SOHO site

    • D.

      A central site that connects to a SOHO site without encryption

    Correct Answer
    D. A central site that connects to a SOHO site without encryption
  • 8. 

    Which one do you like?Refer to the exhibit. A tunnel was implemented between routers R1 and R2. Which two conclusions can be drawn from the R1 command output? (Choose two.)

    • A.

      This tunnel mode is not the default tunnel interface mode for Cisco IOS software.

    • B.

      This tunnel mode provides encryption.

    • C.

      The data that is sent across this tunnel is not secure.

    • D.

      This tunnel mode does not support IP multicast tunneling.

    • E.

      A GRE tunnel is being used.

    Correct Answer(s)
    C. The data that is sent across this tunnel is not secure.
    E. A GRE tunnel is being used.
    Explanation
    The first conclusion that can be drawn from the R1 command output is that the data sent across this tunnel is not secure. This can be inferred from the fact that the tunnel mode being used does not provide encryption.

    The second conclusion is that a GRE tunnel is being used. This can be inferred from the mention of "tunnel mode" in the command output, which is a characteristic of GRE (Generic Routing Encapsulation) tunnels.

    Rate this question:

  • 9. 

    Refer to the exhibit. Which IP address would be configured on the tunnel interface of the destination router?

    • A.

      172.16.1.1

    • B.

      172.16.1.2

    • C.

      209.165.200.225

    • D.

      209.165.200.226

    Correct Answer
    B. 172.16.1.2
    Explanation
    The IP address 172.16.1.2 would be configured on the tunnel interface of the destination router. This can be inferred from the fact that the exhibit does not provide any specific information or context to determine the correct IP address, so we can assume that the correct answer is based on the given options.

    Rate this question:

  • 10. 

    Which statement correctly describes IPsec?

    • A.

      IPsec works at Layer 3, but can protect traffic from Layer 4 through Layer 7.

    • B.

      IPsec uses algorithms that were developed specifically for that protocol.

    • C.

      IPsec implements its own method of authentication.

    • D.

      IPsec is a Cisco proprietary standard.

    Correct Answer
    A. IPsec works at Layer 3, but can protect traffic from Layer 4 through Layer 7.
    Explanation
    IPsec is a network protocol that operates at Layer 3 of the OSI model. It provides security services such as authentication, confidentiality, and integrity for IP packets. While IPsec primarily operates at Layer 3, it can also protect traffic at higher layers (Layer 4 through Layer 7) by encrypting the entire IP packet, including the payload and higher-layer protocols. This allows IPsec to secure not only the IP header but also the data carried within the packet, ensuring end-to-end security for the transmitted information.

    Rate this question:

  • 11. 

    Which critical function that is provided by IPsec ensures that data has not been changed in transit between the source and destination?

    • A.

      Confidentiality

    • B.

      Integrity

    • C.

      Authentication

    • D.

      Anti-replay protection

    Correct Answer
    B. Integrity
    Explanation
    Integrity is the correct answer because it ensures that data has not been changed in transit between the source and destination. Integrity ensures that the data remains intact and unaltered during transmission, preventing any unauthorized modifications or tampering. By using cryptographic algorithms and checksums, IPsec verifies the integrity of the data packets, providing assurance that the information received is the same as the information sent.

    Rate this question:

  • 12. 

    Which service of IPsec verifies that secure connections are formed with the intended sources of data?

    • A.

      Authentication

    • B.

      Confidentiality

    • C.

      Data integrity

    • D.

      Encryption

    Correct Answer
    A. Authentication
    Explanation
    Authentication in IPsec verifies that secure connections are formed with the intended sources of data. It ensures that the communicating parties are who they claim to be by verifying their identities through various methods such as passwords, digital certificates, or pre-shared keys. This helps prevent unauthorized access and protects against impersonation or man-in-the-middle attacks. Authentication is a crucial component of IPsec to establish trust and ensure the integrity and confidentiality of the communication.

    Rate this question:

  • 13. 

    What is an IPsec protocol that provides data confidentiality and authentication for IP packets?

    • A.

      AH

    • B.

      ESP

    • C.

      RSA

    • D.

      IKE

    Correct Answer
    B. ESP
    Explanation
    ESP (Encapsulating Security Payload) is an IPsec protocol that provides data confidentiality and authentication for IP packets. It encrypts the entire IP payload, including the original IP header, to ensure confidentiality. It also provides authentication by including a cryptographic checksum in the ESP header, which allows the recipient to verify the integrity of the packet. ESP is commonly used in VPN (Virtual Private Network) implementations to secure communication between networks or hosts over the internet.

    Rate this question:

  • 14. 

    Which algorithm is an asymmetrical key cryptosystem?

    • A.

      RSA

    • B.

      AES

    • C.

      3DES

    • D.

      DES

    Correct Answer
    A. RSA
    Explanation
    RSA is an asymmetrical key cryptosystem because it uses two different keys for encryption and decryption. The public key is used for encryption, while the private key is used for decryption. This makes RSA secure for transmitting data over untrusted networks, as the private key is kept secret and only the public key is shared. AES, 3DES, and DES are all examples of symmetrical key cryptosystems, where the same key is used for both encryption and decryption.

    Rate this question:

  • 15. 

    Which two algorithms use Hash-based Message Authentication Code for message authentication? (Choose two.)

    • A.

      3DES

    • B.

      DES

    • C.

      AES

    • D.

      MD5

    • E.

      SHA

    Correct Answer(s)
    D. MD5
    E. SHA
    Explanation
    MD5 and SHA (Secure Hash Algorithm) are two algorithms that use Hash-based Message Authentication Code (HMAC) for message authentication. HMAC is a cryptographic hash function that combines a secret key with the message to produce a hash value. It provides integrity and authenticity of the message, ensuring that it has not been tampered with during transmission. MD5 and SHA are widely used in various applications for message authentication and data integrity purposes.

    Rate this question:

  • 16. 

    A network design engineer is planning the implementation of an IPsec VPN. Which hashing algorithm would provide the strongest level of message integrity?

    • A.

      SHA-1

    • B.

      MD5

    • C.

      AES

    • D.

      512-bit SHA

    Correct Answer
    D. 512-bit SHA
    Explanation
    The 512-bit SHA hashing algorithm would provide the strongest level of message integrity. SHA (Secure Hash Algorithm) is a cryptographic hash function that takes an input and produces a fixed-size string of characters, which is typically a checksum. The larger the size of the hash, the more secure it is against potential attacks. In this case, the 512-bit SHA provides a larger hash size compared to SHA-1 and MD5, making it more resistant to collisions and tampering. AES (Advanced Encryption Standard) is a symmetric encryption algorithm and not a hashing algorithm, so it is not relevant to message integrity in this context.

    Rate this question:

  • 17. 

    What is the purpose of utilizing Diffie-Hellman (DH) algorithms as part of the IPsec standard?

    • A.

      DH algorithms allow unlimited parties to establish a shared public key that is used by encryption and hash algorithms.

    • B.

      DH algorithms allow two parties to establish a shared secret key that is used by encryption and hash algorithms.

    • C.

      DH algorithms allow unlimited parties to establish a shared secret key that is used by encryption and hash algorithms.

    • D.

      DH algorithms allow two parties to establish a shared public key that is used by encryption and hash algorithms.

    Correct Answer
    B. DH algorithms allow two parties to establish a shared secret key that is used by encryption and hash algorithms.
    Explanation
    The purpose of utilizing Diffie-Hellman (DH) algorithms as part of the IPsec standard is to allow two parties to establish a shared secret key that is used by encryption and hash algorithms. This ensures secure communication and confidentiality between the two parties involved. The DH algorithm allows for the secure exchange of keys without the need for pre-shared keys or a secure channel for key exchange.

    Rate this question:

  • 18. 

    What is the purpose of a message hash in a VPN connection?

    • A.

      It ensures that the data cannot be read in plain text.

    • B.

      It ensures that the data has not changed while in transit.

    • C.

      It ensures that the data is coming from the correct source.

    • D.

      It ensures that the data cannot be duplicated and replayed to the destination.

    Correct Answer
    B. It ensures that the data has not changed while in transit.
    Explanation
    A message hash in a VPN connection is used to ensure that the data has not changed while in transit. A hash function takes the data and produces a unique hash value, which is then attached to the data. When the data reaches its destination, the hash value is recalculated and compared with the original hash value. If the two values match, it means that the data has not been altered during transmission. This provides integrity and ensures that the data has not been tampered with.

    Rate this question:

  • 19. 

    What key question would help determine whether an organization should use an SSL VPN or an IPsec VPN for the remote access solution of the organization?

    • A.

      Is a Cisco router used at the destination of the remote access tunnel?

    • B.

      What applications or network resources do the users need for access?

    • C.

      Are both encryption and authentication required?

    • D.

      Do users need to be able to connect without requiring special VPN software?

    Correct Answer
    D. Do users need to be able to connect without requiring special VPN software?
    Explanation
    The question is asking about the key question that would help determine whether an organization should use an SSL VPN or an IPsec VPN for their remote access solution. The answer "Do users need to be able to connect without requiring special VPN software?" is the most relevant because it directly addresses the requirement of not needing special VPN software. This question helps determine whether an SSL VPN, which typically does not require any additional software installation, would be more suitable or if an IPsec VPN, which may require specific client software, would be a better choice.

    Rate this question:

  • 20. 

    What is an advantage of using the Cisco Secure Mobility Clientless SSL VPN?

    • A.

      Any device can connect to the network without authentication.

    • B.

      Clients use SSH to access network resources.

    • C.

      Security is provided by prohibiting network access through a browser.

    • D.

      Clients do not require special software.

    Correct Answer
    D. Clients do not require special software.
    Explanation
    The advantage of using the Cisco Secure Mobility Clientless SSL VPN is that clients do not require special software. This means that any device with a web browser can connect to the network without the need to install additional software or applications. This makes it convenient for users as they can access network resources securely from any device without the hassle of installing and configuring specific software.

    Rate this question:

  • 21. 

    Which two characteristics describe IPsec VPNs? (Choose two.)

    • A.

      IPsec is specifically designed for web-enabled applications.

    • B.

      Specific PC client configuration is required to connect to the VPN.

    • C.

      IPsec authenticates by using shared secrets or digital certificates.

    • D.

      IPsec authentication is one-way or two-way.

    • E.

      Key lengths range from 40 bits to 256 bits.

    Correct Answer(s)
    B. Specific PC client configuration is required to connect to the VPN.
    C. IPsec authenticates by using shared secrets or digital certificates.
    Explanation
    IPsec VPNs require specific PC client configuration to connect to the VPN. This means that users need to install and configure VPN client software on their devices to establish a secure connection. Additionally, IPsec authentication can be done using shared secrets or digital certificates. Shared secrets involve using a pre-shared key, while digital certificates use a public key infrastructure for authentication. Both methods ensure the authenticity and integrity of the VPN connection.

    Rate this question:

  • 22. 

    ____________ is a site-to-site tunnel protocol developed by Cisco to allow multiprotocol and IP multicast traffic between two or more sites.

    Correct Answer(s)
    Generic Routing Encapsulation
    Explanation
    Generic Routing Encapsulation (GRE) is a tunneling protocol developed by Cisco. It enables the encapsulation of various protocols and IP multicast traffic between multiple sites. GRE creates a virtual point-to-point link between the source and destination, allowing the transmission of data packets over an IP network. This protocol is commonly used in VPNs and allows for the secure and efficient transfer of data between different locations.

    Rate this question:

  • 23. 

    What problem is preventing the hosts from communicating across the VPN tunnel?

    • A.

      The EIGRP configuration is incorrect.

    • B.

      The tunnel IP addresses are incorrect.

    • C.

      The tunnel source interfaces are incorrect.

    • D.

      The tunnel destinations addresses are incorrect.

    Correct Answer
    B. The tunnel IP addresses are incorrect.
    Explanation
    The problem preventing the hosts from communicating across the VPN tunnel is that the tunnel IP addresses are incorrect. This means that the hosts are not able to establish a proper connection through the tunnel because the IP addresses assigned to the tunnel are not valid or do not match the required configuration.

    Rate this question:

Back to Top Back to top
Advertisement
×

Wait!
Here's an interesting quiz for you.

We have other quizzes matching your interest.