Answer CCNA Security Chapter 8 Test – CCNAS v1.1 | Invisible Algorithm
http://www.invialgo.com/2012/answer-ccna-security-chapter-8-test-ccnas-v1-1/[11/1/2012 1:21:02 AM]
RECENTLY WRITTEN
Disable w3 TotalCache PluginCompletelyUnable to Connectto Internet EsetSmart SecurityAtheros AR5007EGWindows 7 DriverNetwork SecurityChapter 4 PacketTracer Activity AAnswerAnswer CCNASecurity Chapter 10Test – CCNAS v1.1
COFFEE FOR ME
SEARCH
Answer CCNA SecurityChapter 8 Test –CCNAS v1.1
This post is about questions and answers for CCNA SecurityChapter 8 Test. I took this test on 14th June 2012. This CCNASecurity Chapter 8 test is using CCNAS v1.1. So i would like to
Posted on June 20, 2012
Rackmount your CiscoRack mount kits for your ASA5505 and your AirWLC-2100 serieswww.rackmount.it/cisrack
App securityMaintain control over critical data DownloadSecureSphere Whitepaper!www.Imperva.com
X.25 Network ConversionBest Value for X.25-TCP/IP Gateways SupportsXOT, SVC, PVC, SNMP & LAPBwww.microtronix.com
PMP Exam PreparationPrepare for your PMP exam with PCMi PMI R.E.P.5 day workshop in Londonwww.pcmi.co.uk
Home Category Search Sitemap Contact Us About
VMware Courses-Free ExamsVMware and Zimbra training courses Register today and become a VCP
www.alfavad.com
Answer CCNA Security Chapter 8 Test – CCNAS v1.1 | Invisible Algorithm
http://www.invialgo.com/2012/answer-ccna-security-chapter-8-test-ccnas-v1-1/[11/1/2012 1:21:02 AM]
InvisibleAlgorithmonFacebook
105 peoplelike
Like
Facebook social plugin
+6
Follow
Find us on Google+
CCNA SECURITY
Chapter 1Chapter 2Chapter 3Chapter 4Chapter 5
share the new questions and answers i chooses. Just to be clear,for this test i only got 90%. It’s not 100% solution. If you havebetter answer or new questions, please do share by leave yourcomment so i can improve this post’s answer for the benefits all ofus.
Updated: 100% Correct.
1.
Refer to the exhibit. Based on the CCP screen that is shown, whichtwo conclusions can be drawn about the IKE policy that is beingconfigured? (Choose two.)It will use digital certificates for authentication.It will use a predefined key for authentication. It will use a very strong encryption algorithm. (Original answer,Confirmed by Xase)It will be the default policy with the highest priority.It is being created using the CCP VPN Quick Setup Wizard. (Andy’sanswer)
2. A network administrator is planning to implement centralizedmanagement of Cisco VPN devices to simplify VPN deployment forremote offices and teleworkers. Which Cisco IOS feature wouldprovide this solution?
Cisco Easy VPNCisco VPN ClientCisco IOS SSL VPNDynamic Multipoint VPN
3. Which statement describes an important characteristic of asite-to-site VPN?
It must be statically set up.
Answer CCNA Security Chapter 8 Test – CCNAS v1.1 | Invisible Algorithm
http://www.invialgo.com/2012/answer-ccna-security-chapter-8-test-ccnas-v1-1/[11/1/2012 1:21:02 AM]
Chapter 6Chapter 7Chapter 8Chapter 9Chapter 10Final Exam
RANDOM TERMS
chapter 10 to 15 indatabase systemsfinal exam questionsand answerscisco ccna1 practicetest chapter twowhy is theusernamenamesecretpasswordcommand preferredover theusernamenamepasswordpasswordcommand?
It is ideally suited for use by mobile workers.It requires using a VPN client on the host PC.It is commonly implemented over dialup and cable modem networks.After the initial connection is established, it can dynamicallychange connection information.
4. With the Cisco Easy VPN feature, which process ensures that astatic route is created on the Cisco Easy VPN Server for theinternal IP address of each VPN client?
Cisco Express ForwardingNetwork Access ControlOn-Demand RoutingReverse Path ForwardingReverse Route Injection
5. Which two authentication methods can be configured when usingthe CCP Site-to-Site VPN wizard? (Choose two.)
MD5SHApre-shared keysencrypted noncesdigital certificates
6. Which UDP port must be permitted on any IP interface used toexchange IKE information between security gateways?
400500600700
7. When verifying IPsec configurations, which show commanddisplays the encryption algorithm, hash algorithm, authenticationmethod, and Diffie-Hellman group configured, as well as defaultsettings?
show crypto mapshow crypto ipsec sashow crypto isakmp policyshow crypto ipsec transform-set
8.
Answer CCNA Security Chapter 8 Test – CCNAS v1.1 | Invisible Algorithm
http://www.invialgo.com/2012/answer-ccna-security-chapter-8-test-ccnas-v1-1/[11/1/2012 1:21:02 AM]
answers ccnas secuchapter 5escribe zone-basedpolicy firewall rulesthat govern interfacebehavior and thetraffic movingbetween ciscosecurity
Refer to the exhibit. A site-to-site VPN is required from R1 to R3.The administrator is using the CCP Site-to-Site VPN wizard on R1.Which IP address should the administrator enter in thehighlighted field?10.1.1.110.1.1.210.2.2.110.2.2.2192.168.1.1192.168.3.1
9. A user launches Cisco VPN Client software to connect remotelyto a VPN service. What does the user select before entering theusername and password?
the SSL connection typethe IKE negotiation processthe desired preconfigured VPN server sitethe Cisco Encryption Technology to be applied
10. What is the default IKE policy value for encryption?
128-bit AES192-bit AES256-bit AES3DES (Original answer)DES (Corrected by Ja Shin)
11.
Answer CCNA Security Chapter 8 Test – CCNAS v1.1 | Invisible Algorithm
http://www.invialgo.com/2012/answer-ccna-security-chapter-8-test-ccnas-v1-1/[11/1/2012 1:21:02 AM]
Refer to the exhibit. Which two IPsec framework components arevalid options when configuring an IPsec VPN on a Cisco ISR router?(Choose two.)Integrity options include MD5 and RSA.IPsec protocol options include GRE and AH.Confidentiality options include DES, 3DES, and AES.Authentication options include pre-shared key and SHA.Diffie-Hellman options include DH1, DH2, and DH5.
12.
Refer to the exhibit. Based on the CCP settings that are shown,which Easy VPN Server component is being configured?group policytransform setIKE proposaluser authentication
13. Which action do IPsec peers take during the IKE Phase 2exchange?
exchange of DH keysnegotiation of IPsec policyverification of peer identity
Answer CCNA Security Chapter 8 Test – CCNAS v1.1 | Invisible Algorithm
http://www.invialgo.com/2012/answer-ccna-security-chapter-8-test-ccnas-v1-1/[11/1/2012 1:21:02 AM]
negotiation of IKE policy sets
14. When configuring an IPsec VPN, what is used to define thetraffic that is sent through the IPsec tunnel and protected by theIPsec process?
crypto mapcrypto ACL (Corrected by Ja Shin)ISAKMP policy (Original answer)IPsec transform set
15. What is required for a host to use an SSL VPN to connect to aremote network device?
VPN client software must be installed.A site-to-site VPN must be preconfigured.A web browser must be installed on the host.The host must be connected to a wired network.
16. What are two benefits of an SSL VPN? (Choose two.)
It supports all client/server applications.It supports the same level of cryptographic security as an IPsecVPN.It has the option of only requiring an SSL-enabled webbrowser.The thin client mode functions without requiring any downloads orsoftware.It is compatible with DMVPNs, Cisco IOS Firewall, IPsec,IPS, Cisco Easy VPN, and NAT.
17. When using ESP tunnel mode, which portion of the packet is notauthenticated?
ESP headerESP trailernew IP headeroriginal IP header
18. How many bytes of overhead are added to each IP packet whileit is transported through a GRE tunnel?
81624
Answer CCNA Security Chapter 8 Test – CCNAS v1.1 | Invisible Algorithm
http://www.invialgo.com/2012/answer-ccna-security-chapter-8-test-ccnas-v1-1/[11/1/2012 1:21:02 AM]
32
19. Which two statements accurately describe characteristics ofIPsec? (Choose two.)
IPsec works at the application layer and protects all applicationdata.IPsec works at the transport layer and protects data at thenetwork layer.IPsec works at the network layer and operates over all Layer2 protocols.IPsec is a framework of proprietary standards that depend onCisco specific algorithms.IPsec is a framework of standards developed by Cisco that relieson OSI algorithms.IPsec is a framework of open standards that relies onexisting algorithms.
20.
Refer to the exhibit. A network administrator is troubleshooting aGRE VPN tunnel between R1 and R2. Assuming the R2 GREconfiguration is correct and based on the running configuration ofR1, what must the administrator do to fix the problem?Change the tunnel source interface to Fa0/0.Change the tunnel destination to 192.168.5.1.Change the tunnel IP address to 192.168.3.1.Change the tunnel destination to 209.165.200.225.Change the tunnel IP address to 209.165.201.1.
Again, this answer CCNA Security Chapter 8 answer is not 100%correct. I only got 90% from this answer. So, if you have a betteranswer or new questions, please share. I’ll improve this post basedon the correction you provide. Thank You.
Answer CCNA Security Chapter 8 Test – CCNAS v1.1 | Invisible Algorithm
http://www.invialgo.com/2012/answer-ccna-security-chapter-8-test-ccnas-v1-1/[11/1/2012 1:21:02 AM]
6 THOUGHTS ON “ANSWER CCNA SECURITY CHAPTER 8 TEST – CCNAS V1.1”
This entry was posted in Data Network, Network Security and tagged 2012,Answer, CCNA Security, CCNA Security Chapter 8 Answer, CCNASecurity Chapter 8 Test, CCNAS Chapter 8 Test, CCNAS v1.1, Chapter8 Test, Solution, Solution CCNA Security Chapter 8 by InviAlgo. Bookmarkthe permalink.
Cisco Vpn Vpn Services Virtual Office Web hosting servers
JaShin on June 26, 2012 at 9:54 PM said:
Hi,
thank for sharing these tests, thiswebsite rules !
the answer of question 10 is “DES”, andthe answer of question 14 is “cryptoACL”.
JaShin.
Reply ↓
InviAlgoon June 28, 2012 at 12:38AM said:
Hi Ja Shin,Thanks for your comment andcorrection.Really appreciate it.
Reply ↓
JaShinon June 29, 2012at 7:26 PM said:
You’re welcome
Reply ↓
Answer CCNA Security Chapter 8 Test – CCNAS v1.1 | Invisible Algorithm
http://www.invialgo.com/2012/answer-ccna-security-chapter-8-test-ccnas-v1-1/[11/1/2012 1:21:02 AM]
Andy on July 3, 2012 at 11:44 PM said:
Ad.1. Should beIt will use a predefined key forauthentication.It is being created using the CCP VPNQuick Setup Wizard.
Reply ↓
InviAlgoon July 5, 2012 at 8:54 PMsaid:
Hi Andy,Thank You for the correction.Really appreciate it
Reply ↓
leandro on August 3, 2012 at 2:36 PM said:
Te agradezco mucho, muchas gracias.Si no es mucha molestia podrias subir elchapter 5 porfavor?. Mañana tengo querendirlo y no pude estudiarlo suficientepor falta de tiempo.
Reply ↓
Leave a ReplyYour email address will not be published. Requiredfields are marked *
Name *
Answer CCNA Security Chapter 8 Test – CCNAS v1.1 | Invisible Algorithm
http://www.invialgo.com/2012/answer-ccna-security-chapter-8-test-ccnas-v1-1/[11/1/2012 1:21:02 AM]
Search Invisible Algorithm:ccna security chapter 10 exam answers, refer to the exhibit based onthe ccp screen that is shown which two conclusions can be drawnabout the ike policy that is being configured? (choose two ), ccnasecurity version 1 1 answers, ccna security chapter 8 exam answers,which technology does ccp require for configuring remote access vpnsupport with the easy vpn server wizard?, which two authenticationmethods can be configured when using the ccp site-to-site vpnwizard? (choose two ), ccna security exam answers v1 1, ccnasecurity chapter 7 exam answers, ccna security chapter 8 answers,ccna security 1 1 final exam
All
Notify me of followup
comments via e-mail. You
can also subscribe without commenting.
Email *
Website
Comment