A tunneling protocol developed by Cisco that can encapsulate a wide variety of network layer protocol packet types inside IP tunnels.
What is Generic Routing Encapsulation (GRE)?
100
It is designed to manage the transportation of multiprotocol and IP multicast traffic between two or more sites, that may only have IP connectivity
What is GRE?
100
an IETF standard that defines how a VPN can be configured in a secure manner using the Internet Protocol
What is IPSec?
100
a type of encryption that requires each of the two networking devices a shared secret key to decode the information
What is Symmetric Encryption?
100
These algorithms allow two parties to establish a shared secret key that is used by encryption and hash algorithms.
What are Diffie-Hellman algorithms?
200
A standalone firewall device that combines firewall, VPN concentrator, and intrusion prevention functionality into one software image
What is an Adaptive Security Appliance (ASA)?
200
This is the biggest disadvantage of GRE.
What is "it does not provide encryption or any other security mechanism".
200
This is the ability to detect and reject replayed packets and helps prevent spoofing. Packets are protected by comparing the sequence number of the received packets with a sliding window on the destination host or security gateway
What is Anti-Replay Protection?
200
the first system to utilize public key or asymmetric cryptographic keys which allows for two parties to securely exchange the keys used by encryption and hash algorithms
What is Diffie-Hellman Key Exchange?
200
This function of IPsec security services allows the receiver to verify that the data was transmitted without being changed or altered in any way.
What is "data integrity" or "integrity"?
300
a type of VPN that is created when devices on both sides of the VPN connection are aware of the VPN configuration in advance
What is site-to-site VPN?
300
[TRUE or FALSE] GRE by default includes flow-control mechanisms.
What is FALSE?
300
Confidentiality is achieved through the encryption of traffic as it travels through a VPN. The degree of security depends on these two aspects
What is are "key length" and "sophistication" of the encryption algorithm?
300
a mechanism for message authentication using hash functions that guarantees the integrity of a message. It has two parameters, a message input and a secret key that is known only to the message originator and intended receivers.
What is Hash-based Message Authentication Code (HMAC)?
300
This IPsec protocol provides data confidentiality and authentication for IP packets
What is ESP?
400
This is used to interconnect two similar networks over a dissimilar middle network; for example, two IPv6 networks over an IPv4 network.
What is VPN?
400
This is the transport delivery protocol carries the encapsulated protocol in a GRE tunnel
What is IP?
400
IPsec's mechanism to ensure that the encrypted portion of the packet, or the entire header and data portion of the packet, has not been changed
What is Data Integrity?
400
IPsec uses this for authentication in the context of IKE. This method uses a digital signature setup in which each device digitally signs a set of data and sends it to the other party.
What is RSA?
400
A network design engineer is planning the implementation of a cost-effective method to interconnect multiple networks securely over the Internet. This type of technology is best suited for this requirement.
What is a VPN gateway?
500
This type of VPN is created when VPN information is not statically set up, but instead allows for dynamically changing information, and can be enabled and disabled.
What is remote-access VPN?
500
Use this command to verify the state of a GRE tunnel
What is "show interface tunnel"?
500
IPSec mechanism which ensures that the connection is made with the desired communication partner. This is necessary to guard against a number of attacks that depend on spoofing the identity of the sender.
What is Authentication?
500
two main IPSec framework protocols
What are Authentication Header (AH) and Encapsulating Security Payload (ESP)?
500
Recommended encryption algorithm used in IPsec VPNs