1. How is “tunneling” accomplished in a VPN?
New headers from one or more VPN protocols encapsulate the original packets.
All packets between two hosts are assigned to a single physical medium to ensure that the packets are kept private.
Packets are disguised to look like other types of traffic so that they will be ignored by potential attackers.
A dedicated circuit is established between the source and destination devices for the duration of the connection.
2. Which two scenarios are examples of remote access VPNs? (Choose two.)
A toy manufacturer has a permanent VPN connection to one of its parts suppliers.
All users at a large branch office can access company resources through a single VPN connection.
A mobile sales agent is connecting to the company network via the Internet connection at a hotel.
A small branch office with three employees has a Cisco ASA that is used to create a VPN connection to the HQ.
An employee who is working from home uses VPN client software on a laptop in order to connect to the company network.
Refer to the exhibit. Which IP address would be configured on the tunnel interface of the destination router?
4. Which statement correctly describes IPsec?
IPsec works at Layer 3, but can protect traffic from Layer 4 through Layer 7.
IPsec uses algorithms that were developed specifically for that protocol.
IPsec implements its own method of authentication.
IPsec is a Cisco proprietary standard.
5. What is an IPsec protocol that provides data confidentiality and authentication for IP packets?
6. Which three statements describe the building blocks that make up the IPsec protocol framework? (Choose three.)
IPsec uses encryption algorithms and keys to provide secure transfer of data.
IPsec uses Diffie-Hellman algorithms to encrypt data that is transferred through the VPN.
IPsec uses 3DES algorithms to provide the highest level of security for data that is transferred through a VPN.
IPsec uses secret key cryptography to encrypt messages that are sent through a VPN.
IPsec uses Diffie-Hellman as a hash algorithm to ensure integrity of data that is transmitted through a VPN.
IPsec uses ESP to provide confidential transfer of data by encrypting IP packets.
What key question would help determine whether an organization should
use an SSL VPN or an IPsec VPN for the remote access solution of the
Is a Cisco router used at the destination of the remote access tunnel?
What applications or network resources do the users need for access?
Are both encryption and authentication required?
Do users need to be able to connect without requiring special VPN software?
8. What is the purpose of a message hash in a VPN connection?
It ensures that the data cannot be duplicated and replayed to the destination.
It ensures that the data is coming from the correct source.
It ensures that the data has not changed while in transit.
It ensures that the data cannot be read in plain text.
A network design engineer is planning the implementation of a
cost-effective method to interconnect multiple networks securely over
the Internet. Which type of technology is required?
a dedicated ISP
a VPN gateway
a leased line
a GRE IP tunnel
10. What is one benefit of using VPNs for remote access?
lower protocol overhead
potential for reduced connectivity costs
increased quality of service
ease of troubleshooting
11. Which statement describes a characteristic of IPsec VPNs?
IPsec can secure traffic at Layers 1 through 3.
IPsec works with all Layer 2 protocols.
IPsec encryption causes problems with routing.
IPsec is a framework of Cisco proprietary protocols
12. What is the purpose of the generic routing encapsulation tunneling protocol?
to support basic unencrypted IP tunneling using multivendor routers between remote sites
to provide fixed flow-control mechanisms with IP tunneling between remote sites
to manage the transportation of IP multicast and multiprotocol traffic between remote sites
to provide packet level encryption of IP traffic between remote sites
13. Which algorithm is an asymmetrical key cryptosystem?
A network design engineer is planning the implementation of an IPsec
VPN. Which hashing algorithm would provide the strongest level of
15. What two encryption algorithms are used in IPsec VPNs? (Choose two.)
16. Which statement describes a feature of site-to-site VPNs?
Internal hosts send normal, unencapsulated packets.
VPN client software is installed on each host.
The VPN connection is not statically defined.
Individual hosts can enable and disable the VPN connection.
Which Cisco VPN solution provides limited access to internal network
resources by utilizing a Cisco ASA and provides browser-based access
clientless SSL VPN
client-based SSL VPN
18. Which two algorithms use Hash-based Message Authentication Code for message authentication? (Choose two.)
Which function of IPsec security services allows the receiver to verify
that the data was transmitted without being changed or altered in any
Home » Routing And Switching Connecting Networks V5 Answers » CCNA 4 Chapter 7 v5.0 Exam Answers 2014
CCNA 4 Chapter 7 v5.0 Exam Answers 2014
by Loffy D Monky , at 9:04 PM , have 0 comments