A.IKE keepalives are unidirectional and sent every ten seconds
B.IPsec uses the Encapsulating Security Protocol (ESP) or the Authentication Header (AH)protocol for exchanging keys
C.To establish IKE SA, main mode utilizes six packets while aggressive mode utilizes only threepackets
D.IKE uses the Diffie-Hellman algorithm to generate symmetrical keys to be used by IPsec peers
您可能感興趣的試卷
你可能感興趣的試題
Study the exhibit carefully. The Cisco IOS IPsec High Availability (IPsec HA) Enhancementsfeature provides an infrastructure for reliable and secure networks to provide transparent availability of the VPN gateways - that is, Cisco IOS Software-based routers. What are the twooptions that are used to provide High Availability IPsec?()
A.HSRP
B.Dual Router Mode (DRM) IPsec
C.IPsec Backup Peerings
D.RRI
IPSec VPN is a widely-acknowledged solution for enterprise network. What are the four steps tosetup an IPsec VPN?()
A.A
B.B
C.C
D.D
A.The cypto isakmp keepalive command is used to configure the Stateful Switchover (SSO)protocol
B.Reverse Route Injection (RRI) is configured on at the remote site to inject the central sitenetworks
C.Each Hot Standby Routing Protocol (HSRP) standby group has two well-known MACaddresses and a virtual IP address
D.The cypto isakmp keepalive command is used to configure stateless failover
A.The crypto ACL number
B.The IPSEC mode (tunnel or transport)
C.The GRE tunnel interface IP address
D.The GRE tunnel source interface or IP address, and tunnel destination IP address
E.The MTU size of the GRE tunnel interface
Refer to the exhibit. Which two statements about the AAA configuration are true?()
A.A good security practice is to havethe none parameter configured as the final method used toensure that no other authentication method will be used
B.If a TACACS+ server is not available, then a user connecting via the console port would not beable to gain access since no other authentication method has been defined
C.If a TACACS+ server is not available, then the user Bob could be able to enter privileged modeas long as the proper enable password is entered
D.Theaaa new-model command forces the router to override every other authentication methodpreviously configured for the router lines
E.To increase security, group radius should be used instead of group tacacs+
F.Two authentication options are prescribed by the displayedaaa authentication command
最新試題
Drag and drop the xDSL type on the above to the appropriate xDSL description on the below.
Drag and drop each management protocol on the above to the correct category on the below.
Drag each element of the Cisco IOS Firewall Feature Set from the above and drop onto itsdescription on the below.
Drag and drop the steps in the process for provisioning a cable modem to connect to a headendon the above to the below in the order defined by the DOCSIS standard.
As a network engineer, study the exhibit carefully. Router Net is unable to establish an ADSLconnection with its provider. Which action would correct this problem?()
In computer security, AAA stands for authentication, authorization and accounting. Which optionabout the AAA authentication enable default group radius enable command is correct?()
Study this exhibit carefully. What information can be derived from the SDM firewall configurationdisplayed?()
Drag and drop question. The upper gives the MPLS functions, the bottom describes the planes.Drag the above items to the proper location at the below
Identify the recommended steps for worm attack mitigation by dragging and dropping them into thetarget area in the correct order.
Study the exhibit carefully.Routers A and B are customer routers. Routers 1, 2, 3 and 4 are provider routers. The routers areoperating with various IOS versions. Which frame mode MPLS configuration statement is true?()