Marcos Avila
Quiz by , created more than 1 year ago

NSE4 6.0 NSE4 6.0 Quiz on Site-to-Site IPSec VPN I, created by Marcos Avila on 21/07/2018.

269
1
0
Marcos Avila
Created by Marcos Avila over 6 years ago
Close

Site-to-Site IPSec VPN I

Question 1 of 17

1

The three most used protocols in the suite are the following: (Select 3)

Select one or more of the following:

  • lnternet Key Exchange (IKE)

  • Encapsulation Security Payload (ESP)

  • Authentication Header (AH)

  • Point – to – Point Tunneling Protocol (PPTP)

  • Secure Sockets Layer (SSL)

Explanation

Question 2 of 17

1

, which does the handshake, tunnel maintenance, and disconnection.

, which ensures data integrity andencryption.

, which offers only data integrity-not encryption.

Drag and drop to complete the text.

    lnternet Key Exchange (IKE)
    Encapsulation Security Payload (ESP)
    Authentication Header (AH)

Explanation

Question 3 of 17

1

FortiGate uses ESP to transport the packet payload and authenticate.

Select one of the following:

  • True
  • False

Explanation

Question 4 of 17

1

IKE uses port

Select one of the following:

  • UDP 500

  • TCP 500

  • UDP 4500

  • TCP 4500

Explanation

Question 5 of 17

1

IKE uses if NAT-T is enabled in a NAT scenario:

Select one of the following:

  • UDP port 4500

  • TCP port 4500

  • UDP port 5000

  • TCP port 5000

Explanation

Question 6 of 17

1

SA

Select one of the following:

  • Security Association

  • Security Access

Explanation

Question 7 of 17

1

For phase 1, there are two possible negotiation modes that can be used:

Select one or more of the following:

  • main mode

  • aggressive mode

  • quick mode

Explanation

Question 8 of 17

1

Phase 2 uses only one negotiation mode:

Select one of the following:

  • quick mode

  • main mode

  • aggressive mode

Explanation

Question 9 of 17

1

AH is used by FortiGate

Select one of the following:

  • True
  • False

Explanation

Question 10 of 17

1

IKE

Select one or more of the following:

  • Internet Key Exchange

  • Internal Key Exchange

  • Internal Keep Exchange

Explanation

Question 11 of 17

1

ESP is

Select one of the following:

  • UDP encapsulated

  • TCP encapsulated

Explanation

Question 12 of 17

1

Authenticates or encrypts packets using the following protocols:
(Select 3)

Select one or more of the following:

  • Internet Key Exchange (IKE)

  • Encapsulation Security Payload (ESP)

  • Authentication Header (AH)

  • Point-to-Point Tunneling Protocol (PPTP)

  • Layer 2 Tunneling Protocol (L2TP)

Explanation

Question 13 of 17

1

Provides both data integrity and encryption:

Select one of the following:

  • Encapsulation Security Payload (ESP)

  • Internet Key Exchange (IKE)

  • Authentication Header (AH)

Explanation

Question 14 of 17

1

Easy configuration
Few tunnels
High central bandwidth
Not fault tolerant
Low system requirements on average,
but high for center
Scalable
No direct communication between
spokes

Select one of the following:

  • Hub-and-Spoke

  • Partial Mesh

  • Full Mesh

Explanation

Question 15 of 17

1

Moderate configuration
Medium number of tunnels
Medium bandwidth in hub sites
Some fault tolerance
Medium system requirements
Somewhat scalable
Direct communication between some
sites

Select one of the following:

  • Hub-and-Spoke

  • Partial Mesh

  • Full Mesh

Explanation

Question 16 of 17

1

Complex configuration
Many tunnels
Low bandwidth
Fault tolerant
High system requirements
Difficult to scale
Direct communication between all sites

Select one of the following:

  • Hub-and-Spoke

  • Partial Mesh

  • Full Mesh

Explanation

Question 17 of 17

1

FortiOS provides two options for IPsec VPNs:

route-based (also known as ) or policy-based (also known as ).

Drag and drop to complete the text.

    interface-based
    tunnel-mode

Explanation