CIT 484 Final Exam Questions With
Correct Answers
The |authentication |process |for |SSL-based |VPNs |uses |hashing |technologies. |- |CORRECT |
ANSWER✔✔-True
Which |of |the |following |statements |most |accurately |describes |how |packets |are |encrypted |in |
IPSec |ESP |when |in |tunnel |mode?:
1. |The |entire |packet |is |encrypted |and |encapsulated |in |a |new |IP |header.
2. |The |packet |is |tunneled |over |ssh.
3. |The |IP |header |of |the |original |packet |is |left |unencrypted |and |the |remainder |of |the |packet |is |
encrypted.
4. |The |IP |header |is |encrypted |and |the |remainder |of |the |packet |is |left |unencrypted. |- |CORRECT
|ANSWER✔✔-The |entire |packet |is |encrypted |and |encapsulated |in |a |new |IP |header.
Which |of |the |following |algorithms |uses |asymmetrical |keys |to |establish |a |symmetric |key |in |
IPSec |phase |1?:
1. |RSA
2. |SHA
3. |DH
4. |AES |- |CORRECT |ANSWER✔✔-DH
Which |of |the |following |is |used |to |encrypt |data |being |sent |over |a |VPN |using |asymmetric |
encryption?
1. |Sender's |public |key
2. |Receiver's |private |key
3. |Sender's |private |key
4. |Receiver's |public |key |- |CORRECT |ANSWER✔✔-Sender's |private |key
, What |types |of |VPNs |are |not |supported |over |Cisco |routers |and |ASAs? |(Choose |two):
1. |IPsec |client |remote-access |VPNs
2. |SSL |full-tunnel |client |remote-access |VPNs
3. |SSL |clientless |remote-access |VPNs
4. |SSL |site-to-site |VPNs
5. |IPsec |site-to-site |VPNs
6. |IPsec |clientless |remote-access |VPNs |- |CORRECT |ANSWER✔✔-SSL |site-to-site |VPNs
IPsec |clientless |remote-access |VPNs
Which |hashing |algorithm |has |larger |digests |and |is |therefore |more |secure |and |less |likely |to |
have |problems |with |collisions?:
1. |AES
2. |SHA
3. |DES
4. |MD5 |- |CORRECT |ANSWER✔✔-SHA
Which |of |the |following |would |not |part |of |the |IKE |Phase |1 |process?:
1. |Running |Diffie-Hellman |key |exchange
2. |Authenticating |the |peer |using |a |pre-shared |key |or |RSA |signatures
3. |Negotiation |of |the |IKE |phase |1 |protocols
4. |Negotiating |the |transform |set |to |use |- |CORRECT |ANSWER✔✔-Negotiating |the |transform |set
|to |use
What |VPN |algorithms |provide |confidentiality?:
1. |3DES
2. |AES
Correct Answers
The |authentication |process |for |SSL-based |VPNs |uses |hashing |technologies. |- |CORRECT |
ANSWER✔✔-True
Which |of |the |following |statements |most |accurately |describes |how |packets |are |encrypted |in |
IPSec |ESP |when |in |tunnel |mode?:
1. |The |entire |packet |is |encrypted |and |encapsulated |in |a |new |IP |header.
2. |The |packet |is |tunneled |over |ssh.
3. |The |IP |header |of |the |original |packet |is |left |unencrypted |and |the |remainder |of |the |packet |is |
encrypted.
4. |The |IP |header |is |encrypted |and |the |remainder |of |the |packet |is |left |unencrypted. |- |CORRECT
|ANSWER✔✔-The |entire |packet |is |encrypted |and |encapsulated |in |a |new |IP |header.
Which |of |the |following |algorithms |uses |asymmetrical |keys |to |establish |a |symmetric |key |in |
IPSec |phase |1?:
1. |RSA
2. |SHA
3. |DH
4. |AES |- |CORRECT |ANSWER✔✔-DH
Which |of |the |following |is |used |to |encrypt |data |being |sent |over |a |VPN |using |asymmetric |
encryption?
1. |Sender's |public |key
2. |Receiver's |private |key
3. |Sender's |private |key
4. |Receiver's |public |key |- |CORRECT |ANSWER✔✔-Sender's |private |key
, What |types |of |VPNs |are |not |supported |over |Cisco |routers |and |ASAs? |(Choose |two):
1. |IPsec |client |remote-access |VPNs
2. |SSL |full-tunnel |client |remote-access |VPNs
3. |SSL |clientless |remote-access |VPNs
4. |SSL |site-to-site |VPNs
5. |IPsec |site-to-site |VPNs
6. |IPsec |clientless |remote-access |VPNs |- |CORRECT |ANSWER✔✔-SSL |site-to-site |VPNs
IPsec |clientless |remote-access |VPNs
Which |hashing |algorithm |has |larger |digests |and |is |therefore |more |secure |and |less |likely |to |
have |problems |with |collisions?:
1. |AES
2. |SHA
3. |DES
4. |MD5 |- |CORRECT |ANSWER✔✔-SHA
Which |of |the |following |would |not |part |of |the |IKE |Phase |1 |process?:
1. |Running |Diffie-Hellman |key |exchange
2. |Authenticating |the |peer |using |a |pre-shared |key |or |RSA |signatures
3. |Negotiation |of |the |IKE |phase |1 |protocols
4. |Negotiating |the |transform |set |to |use |- |CORRECT |ANSWER✔✔-Negotiating |the |transform |set
|to |use
What |VPN |algorithms |provide |confidentiality?:
1. |3DES
2. |AES
