Pregunta 1
Pregunta
Protocol RFC 2409 (__V1) RFC 4305 (__V2)
NAT IP protocol 17: UDP port 500 (UDP 4500 for rekey, quick mode. mode-cfg)
No NAT IP protocol 17: UDP port 500
Pregunta 2
Pregunta
Protocol RFC 4303
NAT IP protocol 17: UDP port 4500
No NAT IP protocol 50
Pregunta 3
Respuesta
-
Internet Key Exchange
-
Internet Key Extend
-
Internet Key Expert
Pregunta 4
Respuesta
-
Authentication Header
-
Authentication Helpers
Pregunta 5
Pregunta 6
Pregunta
is used to authenticate peers, exchange keys, and negotiate the encryption and checksums that will be used; essentially, it is the control channel.
Pregunta 7
Pregunta
contains the authentieetion header—the checksums that verify the integrity of the data.
Pregunta 8
Pregunta
is the encapsulated security payload—the encrypted payload, essentially, the data channel.
Pregunta 9
Pregunta
Authentication Header (AH) does not offer encryption. So AH is not used by Fortigate.
Pregunta 10
Pregunta
IPsec provides services at the:
Respuesta
-
Network layer
-
Transport layer
-
Session layer
-
Data link layer
Pregunta 11
Pregunta
IPsec can operate in two modes:
Pregunta 12
Pregunta
directly encapsulates and protects the fourth layer (transport) and above. The original IP header is not protected and no additional lP header is added.
Respuesta
-
Transport mode
-
Tunnel mode
Pregunta 13
Pregunta
is a true tunnel. The whole lP packet is encapsulated and a new IP header is added at the beginning. After the lPsec packet reaches the remote LAN, and is unwrapped, the original packet can continue on its journey.
Respuesta
-
Tunnel mode
-
Transport mode
Pregunta 14
Respuesta
-
Security Association
-
System Association
-
Security Access
Pregunta 15
Pregunta
IKE no uses phases
Pregunta 16
Pregunta
In which encapsulation mode is the original IP header protected?
Respuesta
-
A. Tunnel mode
-
B. Transport mode
Pregunta 17
Pregunta
Which encapsulation mode is used for end—to-end (or client-to-client) VPNS?
Respuesta
-
Tunnel mode
-
Transport mode