Vous êtes sur la page 1sur 10

Answer CCNA Security Chapter 8 Test CCNAS v1.

1 | Invisible Algorithm

Home

Category

Search

Sitemap

Contact Us

About

VMware Courses-Free Exams


VMware and Zimbra training courses Register today and become a VCP
www.alfavad.com

Answer CCNA Security Chapter 8 Test CCNAS v1.1


Posted on June 20, 2012

RECENTLY WRI TTEN

Disable w3 Total Cache Plugin Completely Unable to Connect to Internet Eset Smart Security Atheros AR5007EG Windows 7 Driver Network Security Chapter 4 Packet Tracer Activity A Answer Answer CCNA Security Chapter 10 Test CCNAS v1.1

Rackmount your Cisco


Rack mount kits for your ASA5505 and your Air WLC-2100 series
www.rackmount.it/cisrack

App security
Maintain control over critical data Download SecureSphere Whitepaper!
www.Imperva.com

X.25 Network Conversion


Best Value for X.25-TCP/IP Gateways Supports XOT, SVC, PVC, SNMP & LAPB
www.microtronix.com COFFEE FOR ME

PMP Exam Preparation


Prepare for your PMP exam with PCMi PMI R.E.P. 5 day workshop in London
www.pcmi.co.uk SEARCH

This post is about questions and answers for CCNA Security Chapter 8 Test. I took this test on 14th June 2012. This CCNA Security Chapter 8 test is using CCNAS v1.1. So i would like to

Search

http://www.invialgo.com/2012/answer-ccna-security-chapter-8-test-ccnas-v1-1/[11/1/2012 1:21:02 AM]

Answer CCNA Security Chapter 8 Test CCNAS v1.1 | Invisible Algorithm

share the new questions and answers i chooses. Just to be clear, for this test i only got 90%. Its not 100% solution. If you have better answer or new questions, please do share by leave your comment so i can improve this posts answer for the benefits all of us. Updated: 100% Correct. 1.
105 people like
Facebook social plugin
Login

Invisible Algorithm
on Facebook Like

Follow

+6

Refer to the exhibit. Based on the CCP screen that is shown, which two conclusions can be drawn about the IKE policy that is being configured? (Choose two.) It will use digital certificates for authentication. It will use a predefined key for authentication. It will use a very strong encryption algorithm. (Original answer,

Find us on Google+

Confirmed by Xase)
It will be the default policy with the highest priority. It is being created using the CCP VPN Quick Setup Wizard. (Andys

answer)
2. A network administrator is planning to implement centralized management of Cisco VPN devices to simplify VPN deployment for remote offices and teleworkers. Which Cisco IOS feature would provide this solution? Cisco Easy VPN Cisco VPN Client Cisco IOS SSL VPN Dynamic Multipoint VPN
CCNA SECURI TY

3. Which statement describes an important characteristic of a site-to-site VPN? It must be statically set up.

Chapter 1 Chapter 2 Chapter 3 Chapter 4 Chapter 5

http://www.invialgo.com/2012/answer-ccna-security-chapter-8-test-ccnas-v1-1/[11/1/2012 1:21:02 AM]

Answer CCNA Security Chapter 8 Test CCNAS v1.1 | Invisible Algorithm

It is ideally suited for use by mobile workers. It requires using a VPN client on the host PC. It is commonly implemented over dialup and cable modem networks. After the initial connection is established, it can dynamically change connection information. 4. With the Cisco Easy VPN feature, which process ensures that a static route is created on the Cisco Easy VPN Server for the internal IP address of each VPN client? Cisco Express Forwarding Network Access Control On-Demand Routing Reverse Path Forwarding Reverse Route Injection 5. Which two authentication methods can be configured when using the CCP Site-to-Site VPN wizard? (Choose two.) MD5 SHA pre-shared keys encrypted nonces digital certificates 6. Which UDP port must be permitted on any IP interface used to exchange IKE information between security gateways? 400 500 600 700 7. When verifying IPsec configurations, which show command displays the encryption algorithm, hash algorithm, authentication method, and Diffie-Hellman group configured, as well as default settings? show crypto map show crypto ipsec sa show crypto isakmp policy show crypto ipsec transform-set 8.

Chapter 6 Chapter 7 Chapter 8 Chapter 9 Chapter 10 Final Exam

RANDOM TERMS

chapter 10 to 15 in database systems final exam questions and answers cisco ccna1 practice test chapter two why is the usernamenamesecretpassword command preferred over the usernamenamepasswordpassword command?

http://www.invialgo.com/2012/answer-ccna-security-chapter-8-test-ccnas-v1-1/[11/1/2012 1:21:02 AM]

Answer CCNA Security Chapter 8 Test CCNAS v1.1 | Invisible Algorithm

answers ccnas secu chapter 5 escribe zone-based policy firewall rules that govern interface behavior and the traffic moving between cisco security

Refer to the exhibit. A site-to-site VPN is required from R1 to R3. The administrator is using the CCP Site-to-Site VPN wizard on R1. Which 10.1.1.1 10.1.1.2 10.2.2.1 10.2.2.2 192.168.1.1 192.168.3.1 9. A user launches Cisco VPN Client software to connect remotely to a VPN service. What does the user select before entering the username and password? the SSL connection type the IKE negotiation process the desired preconfigured VPN server site the Cisco Encryption Technology to be applied 10. What is the default IKE policy value for encryption? 128-bit AES 192-bit AES 256-bit AES 3DES (Original answer) DES ( Corrected by Ja Shin ) 11. IP address should the administrator enter in the highlighted field?

http://www.invialgo.com/2012/answer-ccna-security-chapter-8-test-ccnas-v1-1/[11/1/2012 1:21:02 AM]

Answer CCNA Security Chapter 8 Test CCNAS v1.1 | Invisible Algorithm

Refer to the exhibit. Which two IPsec framework components are valid options when configuring an IPsec VPN on a Cisco ISR router? (Choose two.) Integrity options include MD5 and RSA. IPsec protocol options include GRE and AH. Confidentiality options include DES, 3DES, and AES. Authentication options include pre-shared key and SHA. Diffie-Hellman options include DH1, DH2, and DH5. 12.

Refer to the exhibit. Based on the CCP settings that are shown, which Easy VPN Server component is being configured? group policy transform set IKE proposal user authentication 13. Which action do IPsec peers take during the IKE Phase 2 exchange? exchange of DH keys negotiation of IPsec policy verification of peer identity
http://www.invialgo.com/2012/answer-ccna-security-chapter-8-test-ccnas-v1-1/[11/1/2012 1:21:02 AM]

Answer CCNA Security Chapter 8 Test CCNAS v1.1 | Invisible Algorithm

negotiation of IKE policy sets 14. When configuring an IPsec VPN, what is used to define the traffic that is sent through the IPsec tunnel and protected by the IPsec process? crypto map crypto ACL (Corrected by Ja Shin) ISAKMP policy (Original answer) IPsec transform set 15. What is required for a host to use an SSL VPN to connect to a remote network device? VPN client software must be installed. A site-to-site VPN must be preconfigured. A web browser must be installed on the host. The host must be connected to a wired network. 16. What are two benefits of an SSL VPN? (Choose two.) It supports all client/server applications. It supports the same level of cryptographic security as an IPsec VPN. It has the option of only requiring an SSL-enabled web browser. The thin client mode functions without requiring any downloads or software. It is compatible with DMVPNs, Cisco IOS Firewall, IPsec, IPS, Cisco Easy VPN, and NAT. 17. When using ESP tunnel mode, which portion of the packet is not authenticated? ESP header ESP trailer new IP header original IP header 18. How many bytes of overhead are added to each IP packet while it is transported through a GRE tunnel? 8 16 24

http://www.invialgo.com/2012/answer-ccna-security-chapter-8-test-ccnas-v1-1/[11/1/2012 1:21:02 AM]

Answer CCNA Security Chapter 8 Test CCNAS v1.1 | Invisible Algorithm

32 19. Which two statements accurately describe characteristics of IPsec? (Choose two.) IPsec works at the application layer and protects all application data. IPsec works at the transport layer and protects data at the network layer. IPsec works at the network layer and operates over all Layer 2 protocols. IPsec is a framework of proprietary standards that depend on Cisco specific algorithms. IPsec is a framework of standards developed by Cisco that relies on OSI algorithms. IPsec is a framework of open standards that relies on existing algorithms. 20.

Refer to the exhibit. A network administrator is troubleshooting a GRE VPN tunnel between R1 and R2. Assuming the R2 GRE configuration is correct and based on the running configuration of R1, what must the administrator do to fix the problem? Change the tunnel source interface to Fa0/0. Change the tunnel destination to 192.168.5.1. Change the tunnel IP address to 192.168.3.1. Change the tunnel destination to 209.165.200.225. Change the tunnel IP address to 209.165.201.1.

Again, this answer CCNA Security Chapter 8 answer is not 100% correct. I only got 90% from this answer. So, if you have a better answer or new questions, please share. Ill improve this post based on the correction you provide. Thank You.

http://www.invialgo.com/2012/answer-ccna-security-chapter-8-test-ccnas-v1-1/[11/1/2012 1:21:02 AM]

Answer CCNA Security Chapter 8 Test CCNAS v1.1 | Invisible Algorithm

Cisco Vpn

Vpn Services

Virtual Office

Web hosting servers

This entry was posted in Data Network, Network Security and tagged 2012, Answer, CCNA Security, CCNA Security Chapter 8 Answer, CCNA Security Chapter 8 Test, CCNAS Chapter 8 Test, CCNAS v1.1, Chapter 8 Test, Solution, Solution CCNA Security Chapter 8 by InviAlgo. Bookmark the permalink.

6 THOUGHTS ON ANSWER CCNA SECURITY CHAPTER 8 TEST CCNAS V1.1

JaShin on June 26, 2012 at 9:54 PM said:

Hi, thank for sharing these tests, this website rules ! the answer of question 10 is DES, and the answer of question 14 is crypto ACL. JaShin.
Reply

InviAlgo on June 28, 2012 at 12:38 AM said:

Hi Ja Shin, Thanks for your comment and correction. Really appreciate it.
Reply

JaShin on June 29, 2012 at 7:26 PM said:

Youre welcome
Reply

http://www.invialgo.com/2012/answer-ccna-security-chapter-8-test-ccnas-v1-1/[11/1/2012 1:21:02 AM]

Answer CCNA Security Chapter 8 Test CCNAS v1.1 | Invisible Algorithm

Andy on July 3, 2012 at 11:44 PM said:

Ad.1. Should be It will use a predefined key for authentication. It is being created using the CCP VPN Quick Setup Wizard.
Reply

InviAlgo on July 5, 2012 at 8:54 PM said:

Hi Andy, Thank You for the correction. Really appreciate it


Reply

leandro on August 3, 2012 at 2:36 PM said:

Te agradezco mucho, muchas gracias. Si no es mucha molestia podrias subir el chapter 5 porfavor?. Maana tengo que rendirlo y no pude estudiarlo suficiente por falta de tiempo.
Reply

Leave a Reply
Your email address will not be published. Required fields are marked *

Name

http://www.invialgo.com/2012/answer-ccna-security-chapter-8-test-ccnas-v1-1/[11/1/2012 1:21:02 AM]

Answer CCNA Security Chapter 8 Test CCNAS v1.1 | Invisible Algorithm

Email

Website

Comment

All All

Post Comment

Notify me of followup comments via e-mail. You can also subscribe without commenting.

Search Invisible Algorithm: ccna security chapter 10 exam answers, refer to the exhibit based on the ccp screen that is shown which two conclusions can be drawn about the ike policy that is being configured? (choose two ), ccna security version 1 1 answers, ccna security chapter 8 exam answers, which technology does ccp require for configuring remote access vpn support with the easy vpn server wizard?, which two authentication methods can be configured when using the ccp site-to-site vpn wizard? (choose two ), ccna security exam answers v1 1, ccna security chapter 7 exam answers, ccna security chapter 8 answers, ccna security 1 1 final exam

http://www.invialgo.com/2012/answer-ccna-security-chapter-8-test-ccnas-v1-1/[11/1/2012 1:21:02 AM]