NAT, WAN, & VPN Challenge

NAT Knowledge

WAN Concepts

VPN Basics

Troubleshooting & Commands

IPsec Deep Dive

100

NAT stands for this.

What is Network Address Translation?

100

A WAN connects multiple networks over this type of distance.

What is a long geographic distance?

100

VPN stands for this.

What is Virtual Private Network?

100

This command displays the routing table.

What is show ip route?

100

IPsec stands for this.

What is Internet Protocol Security?

200

This type of NAT allows multiple devices to share one public IP address using port numbers.

What is PAT (Port Address Translation)?

200

This WAN technology uses a provider’s private cloud to connect enterprise sites.

What is MPLS?

200

This type of VPN connects two entire networks together.

What is a Site-to-Site VPN?

200

This command verifies Phase 1 status of an IPsec VPN.

What is show crypto isakmp sa?

200

This IPsec protocol provides encryption and is more commonly used than AH.

What is ESP (Encapsulating Security Payload)?

300

These are the three private IPv4 address ranges defined in RFC 1918

What are 10.0.0.0/8, 172.16.0.0–172.31.255.255, and 192.168.0.0/16?

300

Compared to LANs, WANs typically have higher ______.

What is latency?

300

This type of VPN allows an individual user to securely connect to a company network.

What is a Remote Access VPN?

300

This command verifies active IPsec security associations.

What is show crypto ipsec sa?

300

This IPsec mode encrypts the entire original IP packet.

What is Tunnel Mode?

400

This term describes a private IP address before it is translated.

What is an Inside Local address?

400

This is the boundary where the service provider’s responsibility ends.

What is the demarcation point (demarc)?

400

VPNs create this secure structure over the public internet.

What is an encrypted tunnel?

400

If NAT is not working, these interface roles must be correctly configured.

What are inside and outside designations?

400

This protocol is responsible for negotiating keys and security parameters in IPsec.

What is IKE (Internet Key Exchange)?

500

This command verifies active NAT translations on a Cisco router.

What is show ip nat translations?

500

This device typically connects a customer LAN to an ISP WAN.

What is a router?

500

Companies use VPNs as a cost-effective alternative to this dedicated WAN connection.

What is a leased line?

500

If a VPN tunnel forms but traffic does not pass, this is often misconfigured.

What is the ACL (access control list)?

500

IPsec provides these three core security services.

What are Confidentiality, Integrity, and Authentication?