SUBJECTS
|
BROWSE
|
CAREER CENTER
|
POPULAR
|
JOIN
|
LOGIN
Business Skills
|
Soft Skills
|
Basic Literacy
|
Certifications
About
|
Help
|
Privacy
|
Terms
|
Email
Search
Test your basic knowledge |
CCIE Sec Encryption Ipsec
Start Test
Study First
Subjects
:
cisco
,
it-skills
,
ccie
Instructions:
Answer 50 questions in 15 minutes.
If you are not ready to take this test, you can
study here
.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.
This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. 'requires that the sender and receiver have key pairs. By combining the sender
DSA
3DES
AES
Difffie-Hellman
2. 'Encryption - where Peer X uses Peer Y
Hashing
Difffie-Hellman
RSA
ISAKMP
3. Provides authentication and encryption of the payload.
IKE
ESP
DES
Hashing
4. DoS attacks are more probable with this mode.
IPSEC (main mode)
ESP
IPSEC (aggressive mode)
DES
5. 'is a more secure version of MD5 - and hash-based message authentication codes (HMAC) provides further security with the inclusion of a key-based hash.'
IKE
3DES
SHA
3DES
6. Where the original Layer 3 header and payload inside an IPsec packet is encapsulated. Tunnel mode does add overhead to each packet and uses some additional CPU resources.
RSA
AH/ESP
Tunnel Mode (ipsec)
IPSEC BENEFIT
7. Negotiation of a shared secret key for encryption of the IKE session using the D-H algorithm
Warning
: Invalid argument supplied for foreach() in
/var/www/html/basicversity.com/show_quiz.php
on line
183
8. 'key lengths are 128 - 192 - or 256 bits to encrypt blocks of equal length.'
AES
Difffie-Hellman
Hashing
ISAKMP
9. Is a two-phase protocol: The first phase establishes a secure authenticated channel and the second phase is where SAs are negotiated on behalf of the IPsec services.
3DES
Difffie-Hellman
IPSEC (main mode)
IKE
10. Negotiation of the ISAKMP policy by offering and acceptance of protection suites
IPSEC (main mode)
RSA
GRE
AH/ESP
11. Negotiation of the ISAKMP policy by offering and acceptance of protection suites
Warning
: Invalid argument supplied for foreach() in
/var/www/html/basicversity.com/show_quiz.php
on line
183
12. ' is defined in RFC 3174. has as output a 160-bit value -'
SHA
Difffie-Hellman
3DES
IPSEC (aggressive mode)
13. Message of arbitrary length is taken as input and produces as output a 128-bit fingerprint or message digest of the input.
AH
hash algorithms
MD5
IPSEC (aggressive mode)
14. 'in most cases - this mode is preferred with certificates.'
IPSEC (main mode)
message authentication codes (MAC).
AH/ESP
SHA
15. Key exchange for IPSEC
AH/ESP
AH/ESP
IKE
DES
16. 'produces a 160-bit hash output - which makes it more difficult to decipher.'
SHA
IPSEC (aggressive mode)
IPSEC (main mode)
AH/ESP
17. The sending device encrypts for a final time with another 56-bit key.
message authentication codes (MAC).
3DES
Hashing
IPSEC (aggressive mode)
18. The protocol of choice for key management and establishing security associations between peers on the Internet.
AES
ISAKMP
Asymetric Encryption Protocols
AES
19. 'Finally - the receiving devices decrypt the data with the first key.'
3DES
GRE
AH
Hashing
20. Used in government installs and was created to work with the SHA-1 hash algorithm.
SHA
HMAC-MD5/HMAC-SHA
DSA
DES
21. 'can be achieved using one of three methods: preshared keys - encrypted nonces - or digital signatures.'
Origin Auth (DH auth)
IKE
ESP
IKE
22. 'Message digest algorithms have a drawback whereby a hacker (man in the middle) can intercept a message containing the packet and hash values - then re-create and transmit a modified packet with the same calculated hash to the target destination.'
Hashing
RSA
AH
IPSEC (phase2)
23. That authenticate data packets and ensure that data is not tampered with or modified.
'IPSEC (phase1 -step3)'
'MD5 - SHA-1 - or RSA'
hash algorithms
Difffie-Hellman
24. 'Created by NIST in 1994 - is the algorithm used for digital signatures but not for encryption.'
IPSEC (aggressive mode)
DSA
SHA
Hashing
25. 'is a block-cipher algorithm - which means that it performs operations on fixed-length data streams of 64-bit blocks. The key ostensibly consists of 64 bits; however - only 56 are actually used by the algorithm.'
DES
hash-based message authentication codes (HMAC).
IKE
Difffie-Hellman
26. 'group 5 identifies a 1536-bit key - provides for highest security but is the slowest of all groups.'
IKE
ESP
3DES
Difffie-Hellman
27. 'Digital signatures. Peer X encrypts a hash value with his private key and then sends the data to Peer Y. Peer Y obtains Peer X
ISAKMP
'IPSEC (phase1 -step3)'
RSA
hash algorithms
28. 'DSA is roughly the same speed as RSA when creating signatures - but 10 to 40 times slower when verifying signatures. Because verification happens more frequently than creation - this issue is worth noting when deploying DSA in any environment.'
Hashing
IPSEC (phase2)
AH/ESP
DSA
29. IPSEC Encryption is performed by
Warning
: Invalid argument supplied for foreach() in
/var/www/html/basicversity.com/show_quiz.php
on line
183
30. 'establishes ISAKMP SA in three messages -because it negotiates a ISAKMP policy and a DJ nonce exchange together.'
3DES
RSA
Asymetric Encryption Protocols
IPSEC (aggressive mode)
31. Takes variable-length clear-text data to produce fixed-length hashed data that is unreadable.
MD5
IPSEC BENEFIT
ISAKMP
IPSEC (aggressive mode)
32. 'including Internet Security Association and Key Management Protocol (ISAKMP) - Secure Key Exchange Mechanism for the Internet (SKEME) - and Oakley.'
IKE
DSA
Difffie-Hellman
IPSEC (aggressive mode)
33. Drawback of this is that the hash is passed unencrypted and is susceptible to PSK crack attacks.
Asymetric Encryption Protocols
IPSEC (aggressive mode)
IPSEC BENEFIT
Antireplay
34. 'group 2 identifies a 1024-bit key - group 2 is more secure - but slower to execute.'
IPSEC BENEFIT
hash algorithms
SHA
Difffie-Hellman
35. It also provides protection for ISAKMP peer identities with encryption.
IPSEC
Transport Mode (Ipsec)
ISAKMP
IPSEC (main mode)
36. This mode does not support identity protection or protection against clogging attacks and spoofing.
SHA
GRE
Hashing
IPSEC (aggressive mode)
37. IPSEC tunnels data through IP using one of two protocols?
Hashing
AH/ESP
HMAC-MD5/HMAC-SHA
Antireplay
38. Verify whether the data has been altered.
Hashing
AH
DES
Tunnel Mode (ipsec)
39. Has a trailer which identifies IPsec information and ESP integrity-check information.
SHA
SHA
MD5
ESP
40. Does not provide payload encryption.
SHA
IPSEC BENEFIT
AH
RSA
41. Origin authentication validates the origin of a message upon receipt; this process is done during initial communications.
SHA
IKE
AH
IPSEC BENEFIT
42. IPSec SAs are negotiated and protected by the existing IPsec SA.
IPSEC (phase2)
IKE
IPSEC (aggressive mode)
Difffie-Hellman
43. IPSEC performs this function by using a sequence field in the IPsec header combined with integrity checks.
Antireplay
DSA
3DES
IPSEC (main mode)
44. Integrity checks are done
Warning
: Invalid argument supplied for foreach() in
/var/www/html/basicversity.com/show_quiz.php
on line
183
45. Uses the D-H algorithm to come to agreement over a public network.
Transport Mode (Ipsec)
IKE
HMAC
3DES
46. The DES algorithm that performs 3 times sequentially.
3DES
IPSEC (aggressive mode)
Tunneling
Difffie-Hellman
47. 'often called public-key algorithms - do not rely on a randomly generated shared encryption key; instead - they create two static keys. These static keys are completely different - but mathematically bound to each other; what one key encrypts - the o
Hashing
IPSEC (main mode)
Asymetric Encryption Protocols
hash-based message authentication codes (HMAC).
48. Used for integrity checks on peer and data sent by peer and for authentication checks.
AH
DES
RSA
ESP
49. Uses protocol number 50.
ESP
RSA
Difffie-Hellman
IPSEC (aggressive mode)
50. Provide authentication in Internet Key Exchange (IKE) Phase 2.
RSA
SHA
HMAC
Difffie-Hellman
Sorry!:) No result found.
Can you answer 50 questions in 15 minutes?
Let me suggest you:
Browse all subjects
Browse all tests
Most popular tests
Major Subjects
Tests & Exams
AP
CLEP
DSST
GRE
SAT
GMAT
Certifications
CISSP go to https://www.isc2.org/
PMP
ITIL
RHCE
MCTS
More...
IT Skills
Android Programming
Data Modeling
Objective C Programming
Basic Python Programming
Adobe Illustrator
More...
Business Skills
Advertising Techniques
Business Accounting Basics
Business Strategy
Human Resource Management
Marketing Basics
More...
Soft Skills
Body Language
People Skills
Public Speaking
Persuasion
Job Hunting And Resumes
More...
Vocabulary
GRE Vocab
SAT Vocab
TOEFL Essential Vocab
Basic English Words For All
Global Words You Should Know
Business English
More...
Languages
AP German Vocab
AP Latin Vocab
SAT Subject Test: French
Italian Survival
Norwegian Survival
More...
Engineering
Audio Engineering
Computer Science Engineering
Aerospace Engineering
Chemical Engineering
Structural Engineering
More...
Health Sciences
Basic Nursing Skills
Health Science Language Fundamentals
Veterinary Technology Medical Language
Cardiology
Clinical Surgery
More...
English
Grammar Fundamentals
Literary And Rhetorical Vocab
Elements Of Style Vocab
Introduction To English Major
Complete Advanced Sentences
Literature
Homonyms
More...
Math
Algebra Formulas
Basic Arithmetic: Measurements
Metric Conversions
Geometric Properties
Important Math Facts
Number Sense Vocab
Business Math
More...
Other Major Subjects
Science
Economics
History
Law
Performing-arts
Cooking
Logic & Reasoning
Trivia
Browse all subjects
Browse all tests
Most popular tests