SUBJECTS
|
BROWSE
|
CAREER CENTER
|
POPULAR
|
JOIN
|
LOGIN
Business Skills
|
Soft Skills
|
Basic Literacy
|
Certifications
About
|
Help
|
Privacy
|
Terms
|
Email
Search
Test your basic knowledge |
CCIE Sec Encryption Ipsec
Start Test
Study First
Subjects
:
cisco
,
it-skills
,
ccie
Instructions:
Answer 50 questions in 15 minutes.
If you are not ready to take this test, you can
study here
.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.
This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. The receiving device decrypts the data with the third key.
3DES
ESP
Difffie-Hellman
Hashing
2. No additional Layer 3 header is created. The original Layer 3 header is used.
IPSEC (aggressive mode)
ESP
3DES
Transport Mode (Ipsec)
3. Uses protocol number 50.
MD5
IKE
ESP
IKE
4. Message of arbitrary length is taken as input and produces as output a 128-bit fingerprint or message digest of the input.
MD5
SHA
'DES - 3DES - or AES.'
RSA
5. Hybrid protocol that defines the mechanism to derive authenticated keying material and negotiation of security associations (SA).
AES
RSA
GRE
IKE
6. 'The sending device decrypts the data with the second key - which is also 56 bits in length.'
3DES
Difffie-Hellman
SHA
Hashing
7. 'group 1 identifies a 768-bit key - group 1 is faster to execute - but it is less secure -'
'DES - 3DES - or AES.'
IPSEC (aggressive mode)
RSA
Difffie-Hellman
8. This mode does not support identity protection or protection against clogging attacks and spoofing.
IKE
IPSEC (aggressive mode)
Asymetric Encryption Protocols
'MD5 - SHA-1 - or RSA'
9. 'establishes ISAKMP SA in three messages -because it negotiates a ISAKMP policy and a DJ nonce exchange together.'
IKE
IPSEC (aggressive mode)
Tunnel Mode (ipsec)
IPSEC BENEFIT
10. A
IPSEC BENEFIT
AES
Hashing
SHA
11. It also provides protection for ISAKMP peer identities with encryption.
ISAKMP
IPSEC (main mode)
AES
RSA
12. 'Encryption - where Peer X uses Peer Y
3DES
RSA
IKE
Tunnel Mode (ipsec)
13. IPSEC Encryption is performed by
Warning
: Invalid argument supplied for foreach() in
/var/www/html/basicversity.com/show_quiz.php
on line
183
14. 'defines the mode of communication - creation - and management of security associations.'
hash-based message authentication codes (HMAC).
Transport Mode (Ipsec)
ISAKMP
DSA
15. 'requires that the sender and receiver have key pairs. By combining the sender
3DES
IPSEC (main mode)
Difffie-Hellman
ESP
16. RFC 2631 on the workings of the key generation/exchange process.
Difffie-Hellman
RSA
SHA
'IPSEC (phase1 -step2)'
17. Turns clear-text data into cipher text with an encryption algorithm. The receiving station decrypts the data from cipher text into clear text. The encryption key is a shared secret key that encrypts and decrypts messages.
DES
AH/ESP
IPSEC BENEFIT
'MD5 - SHA-1 - or RSA'
18. Benefits are that the preshared authentication can be based on ID versus IP address and the speed of the process.
IPSEC (aggressive mode)
IPSEC (main mode)
ESP
DSA
19. A variable block- length and key-length cipher.
IPSEC (main mode)
'IPSEC (phase1 -step2)'
IPSEC (main mode)
AES
20. Used for integrity checks on peer and data sent by peer and for authentication checks.
AH
GRE
Tunnel Mode (ipsec)
Antireplay
21. Uses the D-H algorithm to come to agreement over a public network.
IPSEC (main mode)
3DES
IKE
3DES
22. Invented by Ron Rivest of RSA Security (RFC 1321).
'IPSEC (phase1 -step1)'
MD5
3DES
AES
23. 'DSA is roughly the same speed as RSA when creating signatures - but 10 to 40 times slower when verifying signatures. Because verification happens more frequently than creation - this issue is worth noting when deploying DSA in any environment.'
'DES - 3DES - or AES.'
DSA
3DES
Origin Auth (DH auth)
24. IPSEC performs this function by using a sequence field in the IPsec header combined with integrity checks.
Difffie-Hellman
Antireplay
HMAC-MD5/HMAC-SHA
RSA
25. 'provides everything required to securely connect over a public media - such as the Internet.'
SHA
AH/ESP
Difffie-Hellman
IPSEC
26. 'Message digest algorithms have a drawback whereby a hacker (man in the middle) can intercept a message containing the packet and hash values - then re-create and transmit a modified packet with the same calculated hash to the target destination.'
Hashing
Difffie-Hellman
Antireplay
Tunnel Mode (ipsec)
27. 'Finally - the receiving devices decrypt the data with the first key.'
MD5
3DES
Difffie-Hellman
MD5
28. Act of encapsulating a packet within another packet.
Tunnel Mode (ipsec)
IPSEC (phase2)
Tunneling
hash algorithms
29. Where the original Layer 3 header and payload inside an IPsec packet is encapsulated. Tunnel mode does add overhead to each packet and uses some additional CPU resources.
'IPSEC (phase1 -step2)'
3DES
Tunnel Mode (ipsec)
SHA
30. 'Created by NIST in 1994 - is the algorithm used for digital signatures but not for encryption.'
3DES
DSA
IPSEC (main mode)
IPSEC
31. Is a two-phase protocol: The first phase establishes a secure authenticated channel and the second phase is where SAs are negotiated on behalf of the IPsec services.
IKE
Difffie-Hellman
HMAC
RSA
32. That authenticate data packets and ensure that data is not tampered with or modified.
ESP
hash algorithms
IKE
AES
33. 'algorithm encrypts and decrypts data three times with 3 different keys - effectively creating a 168-bit key.'
SHA
3DES
'DES - 3DES - or AES.'
MD5
34. The sending device encrypts for a final time with another 56-bit key.
'IPSEC (phase1 -step1)'
3DES
message authentication codes (MAC).
RSA
35. 'has a Next Protocol field which identifies the next Layer 4 transport protocol in use - TCP or UDP'
3DES
IKE
AH/ESP
IPSEC (aggressive mode)
36. It uses UDP 500 and is defined by RFC 2409.
'IPSEC (phase1 -step1)'
GRE
IPSEC (aggressive mode)
IKE
37. 'key exchange is vulnerable to a man-in-the-middle attack. You can rectify this problem by allowing the two parties to authenticate themselves to each other with a shared secret key - digital signatures - or public-key certificates.'
IPSEC
RSA
Difffie-Hellman
MD5
38. Data integrity is the process of making sure data is not tampered with while it
IPSEC BENEFIT
'IPSEC (phase1 -step3)'
IKE
SHA
39. Uses IKE for key exchange.
ISAKMP
3DES
Antireplay
DSA
40. More CPU intensive
SHA
DSA
Difffie-Hellman
'IPSEC (phase1 -step3)'
41. Has a trailer which identifies IPsec information and ESP integrity-check information.
IPSEC (aggressive mode)
ESP
3DES
Hashing
42. 'in most cases - this mode is preferred with certificates.'
Asymetric Encryption Protocols
Difffie-Hellman
IPSEC
IPSEC (main mode)
43. Main mode establishes ISAKMP security association in six messages and performs authenticated D-H exchange.
IPSEC (main mode)
3DES
DES
SHA
44. 'MACs with hash algorithms -'
RSA/DSA
hash-based message authentication codes (HMAC).
IPSEC (main mode)
RSA
45. 'The messages are authenticated - and the mechanisms that provide such integrity checks based on a secret key are usually called'
'IPSEC (phase1 -step1)'
Difffie-Hellman
message authentication codes (MAC).
AES
46. Used in IPsec for two discreet purposes:
DES
RSA
Hashing
ISAKMP
47. ID exchange and authentication of D-H key by using the reply to the received nonce or string of bits
Warning
: Invalid argument supplied for foreach() in
/var/www/html/basicversity.com/show_quiz.php
on line
183
48. Origin authentication validates the origin of a message upon receipt; this process is done during initial communications.
IPSEC BENEFIT
DES
3DES
SHA
49. IPsec implements using a shim header between L2 and L3
Difffie-Hellman
Origin Auth (DH auth)
message authentication codes (MAC).
AH/ESP
50. 'Digital signatures. Peer X encrypts a hash value with his private key and then sends the data to Peer Y. Peer Y obtains Peer X
RSA
Hashing
DSA
IKE
Sorry!:) No result found.
Can you answer 50 questions in 15 minutes?
Let me suggest you:
Browse all subjects
Browse all tests
Most popular tests
Major Subjects
Tests & Exams
AP
CLEP
DSST
GRE
SAT
GMAT
Certifications
CISSP go to https://www.isc2.org/
PMP
ITIL
RHCE
MCTS
More...
IT Skills
Android Programming
Data Modeling
Objective C Programming
Basic Python Programming
Adobe Illustrator
More...
Business Skills
Advertising Techniques
Business Accounting Basics
Business Strategy
Human Resource Management
Marketing Basics
More...
Soft Skills
Body Language
People Skills
Public Speaking
Persuasion
Job Hunting And Resumes
More...
Vocabulary
GRE Vocab
SAT Vocab
TOEFL Essential Vocab
Basic English Words For All
Global Words You Should Know
Business English
More...
Languages
AP German Vocab
AP Latin Vocab
SAT Subject Test: French
Italian Survival
Norwegian Survival
More...
Engineering
Audio Engineering
Computer Science Engineering
Aerospace Engineering
Chemical Engineering
Structural Engineering
More...
Health Sciences
Basic Nursing Skills
Health Science Language Fundamentals
Veterinary Technology Medical Language
Cardiology
Clinical Surgery
More...
English
Grammar Fundamentals
Literary And Rhetorical Vocab
Elements Of Style Vocab
Introduction To English Major
Complete Advanced Sentences
Literature
Homonyms
More...
Math
Algebra Formulas
Basic Arithmetic: Measurements
Metric Conversions
Geometric Properties
Important Math Facts
Number Sense Vocab
Business Math
More...
Other Major Subjects
Science
Economics
History
Law
Performing-arts
Cooking
Logic & Reasoning
Trivia
Browse all subjects
Browse all tests
Most popular tests