Chris Bryant (ccie12933) on Twittergreat free widgetsWidgetboxMore info




	More Testimonials >

Visit my blog for free daily Cisco CCNA and CCNP certification questions, my latest free articles and tutorials, and more!

CCNP Practice Exam For ISCW Study:

Virtual Private Networks

Vital Reading And Watching For All Cisco Certification Candidates:

The July 2010 CCNP Changes (And How To Beat Them!)

Here's a seven-question ISCW practice exam on VPNs and the protocols we use to build them.

More practice exams for the ISCW, BSCI, ONT, and BCMSN exams await you on our CCNP Practice Exam page - four new exams every day in February!

Enjoy the questions!

Chris Bryant

CCIE #12999

"The Computer Certification Bulldog"

chris@thebryantadvantage.com

Question 1:

Which of the following is NOT an option for an ISAKMP policy's authentication?

A. pre-shared keys

B. RSA Signature

C. RSA Encryption

D. RSA Victor

Question 2:

An encryption scheme that uses the same key for encryption and decryption is called what?

A. diadolic

B. bidirectional

C. symmetric

D. asymmetric

Question 3:

Identify the true statements regarding GRE over IPSec tunneling.

A. GRE offers multiprotocol support that IPSec alone cannot.

B. GRE offers data integrity and confidentiality that IPSec alone cannot.

C. IPSec offers multiprotocol support that IPSec cannot.

D. IPSec offers data integrity and confidentiality that GRE alone cannot.

Question 4:

What protocol or service must be enabled before configuring Easy VPN Server?

A. Easy VPN Client

B. AAA

C. Password encryption

D. CDP

Question 5:

Which of the following correctly describes Tunnel Mode?

A. ESP can use it, but AH can't.

B. AH can use it, but ESP can't.

C. Both ESP and AH can use it.

D. Specialized IPSec gateway devices handle the workload.

E. The end hosts perform the encryption and encapsulation.

Question 6:

When configuring Group Authorization in SDM for Easy VPN Server, what option(s) do you have?

A. RADIUS

B. TACACS+

C. Local

D. None of the above

Question 7:

What common VTP data term is defined as "only the devices that should see the data in an unencrypted form will see that data in that form"?

A. Confidentiality

B. Origin Authentication

C. Integrity

D. Encryption

Answers at the bottom of the page!

Earn Your CCNP With The Personal Guarantee Of Chris Bryant, CCIE #12933:

“I GUARANTEE You'll Pass The Current CCNP Exams - BSCI, ONT, ISCW, and BCMSN - Before The July 31, 2010 Cutoff Date With My CCNP Study Packages ...

... And If You Don't Pass FOR ANY REASON Before That Time, I'll Give You a 100% Free CCNP Study Package Download For The New Exam Track!"

You Also Get A FREE CCNA Security Study Package, Valued at $67, With The Purchase Of Any CCNP Study Package!

Answers:

1. "A, B, C". The valid options are pre-shared keys, RSA Signature, and RSA Encryption.

2. "C". Symmetric encryption uses the same key for encryption and decryption.

3. "A, D". GRE supplies multiprotocol support, and IPSec offers data integrity and confidentiality.

4. "B". AAA must be enabled with the aaa new-model command before you can install Easy VPN Server.

5. "C, D". Both ESP and AH can run in Tunnel mode; special IPSec gateways will handle all the work, leaving the host devices out of the process.

6. "A, C". The options are Local and RADIUS.

7. "A". Data Confidentiality means that only the hosts that should see the data in an unencrypted form will indeed be the only ones who do see the data in that form.