Quiz On Vpns Service

23 Questions | Total Attempts: 181

SettingsSettingsSettings
Please wait...
Service Quizzes & Trivia

Questions and Answers
  • 1. 
    A network design engineer is planning the implementation of a cost-effective method to interconnect multiple networks securely over the Internet. Which type of technology is required?
    • A. 

      A GRE IP tunnel

    • B. 

      A leased line

    • C. 

      A VPN gateway

    • D. 

      A dedicated ISP

  • 2. 
    How is “tunneling” accomplished in a VPN?
    • A. 

      New headers from one or more VPN protocols encapsulate the original packets.

    • B. 

      All packets between two hosts are assigned to a single physical medium to ensure that the packets are kept private.

    • C. 

      Packets are disguised to look like other types of traffic so that they will be ignored by potential attackers.

    • D. 

      A dedicated circuit is established between the source and destination devices for the duration of the connection.

  • 3. 
    How can the use of VPNs in the workplace contribute to lower operating costs?
    • A. 

      High-speed broadband technology can be replaced with leased lines.

    • B. 

      VPNs can be used across broadband connections rather than dedicated WAN links.

    • C. 

      VPNs prevents connectivity to SOHO users.

    • D. 

      VPNs require a subscription from a specific Internet service provider that specializes in secure connections.

  • 4. 
    Two corporations have just completed a merger. The network engineer has been asked to connect the two corporate networks without the expense of leased lines. Which solution would be the most cost effective method of providing a proper and secure connection between the two corporate networks?
    • A. 

      Cisco AnyConnect Secure Mobility Client with SSL

    • B. 

      Cisco Secure Mobility Clientless SSL VPN

    • C. 

      Frame Relay

    • D. 

      Remote access VPN using IPsec

    • E. 

      Site-to-site VPN

  • 5. 
    Which two scenarios are examples of remote access VPNs? (Choose two.)
    • A. 

      A toy manufacturer has a permanent VPN connection to one of its parts suppliers.

    • B. 

      All users at a large branch office can access company resources through a single VPN connection.

    • C. 

      A mobile sales agent is connecting to the company network via the Internet connection at a hotel.

    • D. 

      A small branch office with three employees has a Cisco ASA that is used to create a VPN connection to the HQ.

    • E. 

      An employee who is working from home uses VPN client software on a laptop in order to connect to the company network.

  • 6. 
    Which statement describes a feature of site-to-site VPNs?
    • A. 

      The VPN connection is not statically defined.

    • B. 

      VPN client software is installed on each host.

    • C. 

      Internal hosts send normal, unencapsulated packets.

    • D. 

      Individual hosts can enable and disable the VPN connection.

  • 7. 
    Which remote access implementation scenario will support the use of generic routing encapsulation tunneling?
    • A. 

      A mobile user who connects to a router at a central site

    • B. 

      A branch office that connects securely to a central site

    • C. 

      A mobile user who connects to a SOHO site

    • D. 

      A central site that connects to a SOHO site without encryption

  • 8. 
    Which one do you like?Refer to the exhibit. A tunnel was implemented between routers R1 and R2. Which two conclusions can be drawn from the R1 command output? (Choose two.)
    • A. 

      This tunnel mode is not the default tunnel interface mode for Cisco IOS software.

    • B. 

      This tunnel mode provides encryption.

    • C. 

      The data that is sent across this tunnel is not secure.

    • D. 

      This tunnel mode does not support IP multicast tunneling.

    • E. 

      A GRE tunnel is being used.

  • 9. 
    Refer to the exhibit. Which IP address would be configured on the tunnel interface of the destination router?
    • A. 

      172.16.1.1

    • B. 

      172.16.1.2

    • C. 

      209.165.200.225

    • D. 

      209.165.200.226

  • 10. 
    Which statement correctly describes IPsec?
    • A. 

      IPsec works at Layer 3, but can protect traffic from Layer 4 through Layer 7.

    • B. 

      IPsec uses algorithms that were developed specifically for that protocol.

    • C. 

      IPsec implements its own method of authentication.

    • D. 

      IPsec is a Cisco proprietary standard.

  • 11. 
    Which critical function that is provided by IPsec ensures that data has not been changed in transit between the source and destination?
    • A. 

      Confidentiality

    • B. 

      Integrity

    • C. 

      Authentication

    • D. 

      Anti-replay protection

  • 12. 
    Which service of IPsec verifies that secure connections are formed with the intended sources of data?
    • A. 

      Authentication

    • B. 

      Confidentiality

    • C. 

      Data integrity

    • D. 

      Encryption

  • 13. 
    What is an IPsec protocol that provides data confidentiality and authentication for IP packets?
    • A. 

      AH

    • B. 

      ESP

    • C. 

      RSA

    • D. 

      IKE

  • 14. 
    Which algorithm is an asymmetrical key cryptosystem?
    • A. 

      RSA

    • B. 

      AES

    • C. 

      3DES

    • D. 

      DES

  • 15. 
    Which two algorithms use Hash-based Message Authentication Code for message authentication? (Choose two.)
    • A. 

      3DES

    • B. 

      DES

    • C. 

      AES

    • D. 

      MD5

    • E. 

      SHA

  • 16. 
    A network design engineer is planning the implementation of an IPsec VPN. Which hashing algorithm would provide the strongest level of message integrity?
    • A. 

      SHA-1

    • B. 

      MD5

    • C. 

      AES

    • D. 

      512-bit SHA

  • 17. 
    What is the purpose of utilizing Diffie-Hellman (DH) algorithms as part of the IPsec standard?
    • A. 

      DH algorithms allow unlimited parties to establish a shared public key that is used by encryption and hash algorithms.

    • B. 

      DH algorithms allow two parties to establish a shared secret key that is used by encryption and hash algorithms.

    • C. 

      DH algorithms allow unlimited parties to establish a shared secret key that is used by encryption and hash algorithms.

    • D. 

      DH algorithms allow two parties to establish a shared public key that is used by encryption and hash algorithms.

  • 18. 
    What is the purpose of a message hash in a VPN connection?
    • A. 

      It ensures that the data cannot be read in plain text.

    • B. 

      It ensures that the data has not changed while in transit.

    • C. 

      It ensures that the data is coming from the correct source.

    • D. 

      It ensures that the data cannot be duplicated and replayed to the destination.

  • 19. 
    What key question would help determine whether an organization should use an SSL VPN or an IPsec VPN for the remote access solution of the organization?
    • A. 

      Is a Cisco router used at the destination of the remote access tunnel?

    • B. 

      What applications or network resources do the users need for access?

    • C. 

      Are both encryption and authentication required?

    • D. 

      Do users need to be able to connect without requiring special VPN software?

  • 20. 
    What is an advantage of using the Cisco Secure Mobility Clientless SSL VPN?
    • A. 

      Any device can connect to the network without authentication.

    • B. 

      Clients use SSH to access network resources.

    • C. 

      Security is provided by prohibiting network access through a browser.

    • D. 

      Clients do not require special software.

  • 21. 
    Which two characteristics describe IPsec VPNs? (Choose two.)
    • A. 

      IPsec is specifically designed for web-enabled applications.

    • B. 

      Specific PC client configuration is required to connect to the VPN.

    • C. 

      IPsec authenticates by using shared secrets or digital certificates.

    • D. 

      IPsec authentication is one-way or two-way.

    • E. 

      Key lengths range from 40 bits to 256 bits.

  • 22. 
    ____________ is a site-to-site tunnel protocol developed by Cisco to allow multiprotocol and IP multicast traffic between two or more sites.
  • 23. 
    What problem is preventing the hosts from communicating across the VPN tunnel?
    • A. 

      The EIGRP configuration is incorrect.

    • B. 

      The tunnel IP addresses are incorrect.

    • C. 

      The tunnel source interfaces are incorrect.

    • D. 

      The tunnel destinations addresses are incorrect.

Back to Top Back to top