SUBJECTS
|
BROWSE
|
CAREER CENTER
|
POPULAR
|
JOIN
|
LOGIN
Business Skills
|
Soft Skills
|
Basic Literacy
|
Certifications
About
|
Help
|
Privacy
|
Terms
|
Email
Search
Test your basic knowledge |
CCIE Sec Encryption Ipsec
Start Test
Study First
Subjects
:
cisco
,
it-skills
,
ccie
Instructions:
Answer 50 questions in 15 minutes.
If you are not ready to take this test, you can
study here
.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.
This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. Is a two-phase protocol: The first phase establishes a secure authenticated channel and the second phase is where SAs are negotiated on behalf of the IPsec services.
AH/ESP
IKE
IPSEC (aggressive mode)
IPSEC (main mode)
2. 'The messages are authenticated - and the mechanisms that provide such integrity checks based on a secret key are usually called'
Difffie-Hellman
RSA/DSA
AES
message authentication codes (MAC).
3. 'Encryption - where Peer X uses Peer Y
IPSEC (aggressive mode)
IPSEC (aggressive mode)
RSA
Tunneling
4. 'Finally - the receiving devices decrypt the data with the first key.'
Tunneling
IPSEC (main mode)
AES
3DES
5. Turns clear-text data into cipher text with an encryption algorithm. The receiving station decrypts the data from cipher text into clear text. The encryption key is a shared secret key that encrypts and decrypts messages.
DES
hash algorithms
AH/ESP
IPSEC BENEFIT
6. 'group 1 identifies a 768-bit key - group 1 is faster to execute - but it is less secure -'
Difffie-Hellman
ISAKMP
'DES - 3DES - or AES.'
GRE
7. Negotiation of the ISAKMP policy by offering and acceptance of protection suites
3DES
RSA/DSA
IPSEC (main mode)
IKE
8. 'DSA is roughly the same speed as RSA when creating signatures - but 10 to 40 times slower when verifying signatures. Because verification happens more frequently than creation - this issue is worth noting when deploying DSA in any environment.'
DSA
Hashing
ISAKMP
hash algorithms
9. 'A 56-bit encryption algorithm - meaning the number of possible keys
MD5
AH
DES
Asymetric Encryption Protocols
10. 'The sending device decrypts the data with the second key - which is also 56 bits in length.'
RSA
message authentication codes (MAC).
3DES
DES
11. 'Created by NIST in 1994 - is the algorithm used for digital signatures but not for encryption.'
IPSEC (aggressive mode)
SHA
DSA
3DES
12. Negotiation of the ISAKMP policy by offering and acceptance of protection suites
Warning
: Invalid argument supplied for foreach() in
/var/www/html/basicversity.com/show_quiz.php
on line
183
13. Takes variable-length clear-text data to produce fixed-length hashed data that is unreadable.
Difffie-Hellman
SHA
ISAKMP
MD5
14. 'key exchange is vulnerable to a man-in-the-middle attack. You can rectify this problem by allowing the two parties to authenticate themselves to each other with a shared secret key - digital signatures - or public-key certificates.'
DSA
Difffie-Hellman
AES
GRE
15. It also provides protection for ISAKMP peer identities with encryption.
3DES
IPSEC (aggressive mode)
RSA/DSA
IPSEC (main mode)
16. 'provides everything required to securely connect over a public media - such as the Internet.'
RSA
SHA
IPSEC
IKE
17. 'is a block-cipher algorithm - which means that it performs operations on fixed-length data streams of 64-bit blocks. The key ostensibly consists of 64 bits; however - only 56 are actually used by the algorithm.'
DES
3DES
MD5
Hashing
18. 'requires that the sender and receiver have key pairs. By combining the sender
Difffie-Hellman
IPSEC BENEFIT
IPSEC (aggressive mode)
IPSEC
19. Uses protocol number 51.
Hashing
Transport Mode (Ipsec)
SHA
AH
20. 'defines the mode of communication - creation - and management of security associations.'
IKE
3DES
ISAKMP
IKE
21. 'including Internet Security Association and Key Management Protocol (ISAKMP) - Secure Key Exchange Mechanism for the Internet (SKEME) - and Oakley.'
IPSEC
IKE
IPSEC (aggressive mode)
ISAKMP
22. Message of arbitrary length is taken as input and produces as output a 128-bit fingerprint or message digest of the input.
MD5
DES
ISAKMP
HMAC
23. Has a trailer which identifies IPsec information and ESP integrity-check information.
AH
3DES
ESP
RSA
24. Main mode establishes ISAKMP security association in six messages and performs authenticated D-H exchange.
Hashing
IPSEC (main mode)
Antireplay
Hashing
25. Used in government installs and was created to work with the SHA-1 hash algorithm.
IKE
hash-based message authentication codes (HMAC).
IKE
DSA
26. Does not provide payload encryption.
SHA
IKE
ESP
AH
27. Origin authentication validates the origin of a message upon receipt; this process is done during initial communications.
GRE
HMAC
Hashing
IPSEC BENEFIT
28. The protocol of choice for key management and establishing security associations between peers on the Internet.
Difffie-Hellman
Origin Auth (DH auth)
Hashing
ISAKMP
29. DoS attacks are more probable with this mode.
IPSEC BENEFIT
IPSEC (aggressive mode)
3DES
AH
30. Verify whether the data has been altered.
Hashing
Origin Auth (DH auth)
message authentication codes (MAC).
Difffie-Hellman
31. Negotiation of a shared secret key for encryption of the IKE session using the D-H algorithm
Warning
: Invalid argument supplied for foreach() in
/var/www/html/basicversity.com/show_quiz.php
on line
183
32. Provide authentication in Internet Key Exchange (IKE) Phase 2.
HMAC
'IPSEC (phase1 -step1)'
ISAKMP
DES
33. ID exchange and authentication of D-H key by using the reply to the received nonce or string of bits
Warning
: Invalid argument supplied for foreach() in
/var/www/html/basicversity.com/show_quiz.php
on line
183
34. 'Message digest algorithms have a drawback whereby a hacker (man in the middle) can intercept a message containing the packet and hash values - then re-create and transmit a modified packet with the same calculated hash to the target destination.'
Hashing
RSA
IKE
RSA
35. Integrity checks are done
Warning
: Invalid argument supplied for foreach() in
/var/www/html/basicversity.com/show_quiz.php
on line
183
36. 'can be achieved using one of three methods: preshared keys - encrypted nonces - or digital signatures.'
Difffie-Hellman
AH/ESP
Origin Auth (DH auth)
HMAC
37. Common key size is 1024 bits.
Transport Mode (Ipsec)
ISAKMP
Hashing
RSA
38. 'is a more secure version of MD5 - and hash-based message authentication codes (HMAC) provides further security with the inclusion of a key-based hash.'
Antireplay
ESP
HMAC-MD5/HMAC-SHA
SHA
39. 'It is not used for encryption or digital signatures; it is used to obtain a shared secret
Difffie-Hellman
IKE
DES
DSA
40. The receiving device then encrypts the data with the second key.
IKE
RSA
3DES
IPSEC (aggressive mode)
41. Main disadvantage of asymmetric algorithms is that they are slow.
IPSEC (aggressive mode)
RSA/DSA
IPSEC BENEFIT
IPSEC (main mode)
42. Data integrity is the process of making sure data is not tampered with while it
Origin Auth (DH auth)
RSA
DES
IPSEC BENEFIT
43. 'Three keys encrypt the data - which results in a 168-bit encryption key. The sending device encrypts the data with the first 56-bit key.'
3DES
IKE
IKE
Hashing
44. 'in most cases - this mode is preferred with certificates.'
Difffie-Hellman
IPSEC (aggressive mode)
AES
IPSEC (main mode)
45. Benefits are that the preshared authentication can be based on ID versus IP address and the speed of the process.
AH/ESP
IPSEC (aggressive mode)
GRE
'IPSEC (phase1 -step2)'
46. A variable block- length and key-length cipher.
ISAKMP
DES
AES
hash algorithms
47. RFC 2631 on the workings of the key generation/exchange process.
RSA
Difffie-Hellman
IPSEC (main mode)
IPSEC (main mode)
48. Can be implemented efficiently on a wide range of processors and in hardware.
AH/ESP
AES
IPSEC (aggressive mode)
IKE
49. This mode does not support identity protection or protection against clogging attacks and spoofing.
DES
IPSEC (aggressive mode)
Asymetric Encryption Protocols
Difffie-Hellman
50. A
DSA
HMAC
Hashing
AH/ESP
Sorry!:) No result found.
Can you answer 50 questions in 15 minutes?
Let me suggest you:
Browse all subjects
Browse all tests
Most popular tests
Major Subjects
Tests & Exams
AP
CLEP
DSST
GRE
SAT
GMAT
Certifications
CISSP go to https://www.isc2.org/
PMP
ITIL
RHCE
MCTS
More...
IT Skills
Android Programming
Data Modeling
Objective C Programming
Basic Python Programming
Adobe Illustrator
More...
Business Skills
Advertising Techniques
Business Accounting Basics
Business Strategy
Human Resource Management
Marketing Basics
More...
Soft Skills
Body Language
People Skills
Public Speaking
Persuasion
Job Hunting And Resumes
More...
Vocabulary
GRE Vocab
SAT Vocab
TOEFL Essential Vocab
Basic English Words For All
Global Words You Should Know
Business English
More...
Languages
AP German Vocab
AP Latin Vocab
SAT Subject Test: French
Italian Survival
Norwegian Survival
More...
Engineering
Audio Engineering
Computer Science Engineering
Aerospace Engineering
Chemical Engineering
Structural Engineering
More...
Health Sciences
Basic Nursing Skills
Health Science Language Fundamentals
Veterinary Technology Medical Language
Cardiology
Clinical Surgery
More...
English
Grammar Fundamentals
Literary And Rhetorical Vocab
Elements Of Style Vocab
Introduction To English Major
Complete Advanced Sentences
Literature
Homonyms
More...
Math
Algebra Formulas
Basic Arithmetic: Measurements
Metric Conversions
Geometric Properties
Important Math Facts
Number Sense Vocab
Business Math
More...
Other Major Subjects
Science
Economics
History
Law
Performing-arts
Cooking
Logic & Reasoning
Trivia
Browse all subjects
Browse all tests
Most popular tests