CCNA 4 Chapter 7 v5 Exam Answers 2013
CCNA 4 Chapter 7 v5 Exam Answers 2013
CCNA 4 Chapter 7 v5 Exam Answers 2013
January 15, 2014 | Filed under: CCNA 4 Connecting Networks v5.0 Answers 2013 and tagged with: ccna
4 chapter 7 v5, CCNA 4 Chapter 7 v5 exam answers 2013, cisco ccna v5 answers routing and switching,
connecting networks answers v5, exam ccna v5 answers
Share
CCCNA 4 Chapter 7 v5 exam answers R&S Connecting Networks
CISCO CCNA ANSWERS V5 ROUTING AND SWITCHING TEST QUESTION AND ANSWERS
2013-2014
1. How is tunneling accomplished in a VPN?
New headers from one or more VPN protocols encapsulate the original packets.
All packets between two hosts are assigned to a single physical medium to ensure that the packets are
kept private.
Packets are disguised to look like other types of traffic so that they will be ignored by potential attackers.
A dedicated circuit is established between the source and destination devices for the duration of the
connection.
____________________________________________________________________
2. Which two scenarios are examples of remote access VPNs? (Choose two.)
A toy manufacturer has a permanent VPN connection to one of its parts suppliers.
All users at a large branch office can access company resources through a single VPN connection.
A mobile sales agent is connecting to the company network via the Internet connection at a hotel.
A small branch office with three employees has a Cisco ASA that is used to create a VPN connection to
the HQ.
An employee who is working from home uses VPN client software on a laptop in order to connect to
the company network.
____________________________________________________________________
3.
Refer to the exhibit. Which IP address would be configured on the tunnel interface of the destination
router?
172.16.1.1
172.16.1.2
209.165.200.225
1
209.165.200.226
____________________________________________________________________
4. Which statement correctly describes IPsec?
IPsec works at Layer 3, but can protect traffic from Layer 4 through Layer 7.
IPsec uses algorithms that were developed specifically for that protocol.
IPsec implements its own method of authentication.
IPsec is a Cisco proprietary standard.
____________________________________________________________________
5. What is an IPsec protocol that provides data confidentiality and authentication for IP packets?
AH
ESP
RSA
IKE
____________________________________________________________________
6. Which three statements describe the building blocks that make up the IPsec protocol framework?
(Choose three.)
IPsec uses encryption algorithms and keys to provide secure transfer of data.
IPsec uses Diffie-Hellman algorithms to encrypt data that is transferred through the VPN.
IPsec uses 3DES algorithms to provide the highest level of security for data that is transferred through a
VPN.
IPsec uses secret key cryptography to encrypt messages that are sent through a VPN.
IPsec uses Diffie-Hellman as a hash algorithm to ensure integrity of data that is transmitted through a
VPN.
IPsec uses ESP to provide confidential transfer of data by encrypting IP packets.
____________________________________________________________________
7. What key question would help determine whether an organization should use an SSL VPN or an IPsec
VPN for the remote access solution of the organization?
Is a Cisco router used at the destination of the remote access tunnel?
What applications or network resources do the users need for access?
Are both encryption and authentication required?
Do users need to be able to connect without requiring special VPN software?
____________________________________________________________________
8. What is the purpose of a message hash in a VPN connection?
It ensures that the data cannot be duplicated and replayed to the destination.
It ensures that the data is coming from the correct source.
It ensures that the data has not changed while in transit.
It ensures that the data cannot be read in plain text.
____________________________________________________________________
9. A network design engineer is planning the implementation of a cost-effective method to interconnect
multiple networks securely over the Internet. Which type of technology is required?
a dedicated ISP
a VPN gateway
a leased line
a GRE IP tunnel
____________________________________________________________________
10. What is one benefit of using VPNs for remote access?
lower protocol overhead
2
Open the PT Activity. Perform the tasks in the activity instructions and then answer the question. What
problem is preventing the hosts from communicating across the VPN tunnel?
The EIGRP configuration is incorrect.
The tunnel destinations addresses are incorrect.
The tunnel IP addresses are incorrect.
The tunnel source interfaces are incorrect
____________________________________________________________________
21. What is the purpose of utilizing Diffie-Hellman (DH) algorithms as part of the IPsec standard?
DH algorithms allow unlimited parties to establish a shared public key that is used by encryption and hash
algorithms.
DH algorithms allow two parties to establish a shared public key that is used by encryption and hash
algorithms.
5
DH algorithms allow two parties to establish a shared secret key that is used by encryption and
hash algorithms.
DH algorithms allow unlimited parties to establish a shared secret key that is used by encryption and hash
algorithms.
____________________________________________________________________
22.
Refer to the exhibit. A tunnel was implemented between routers R1 and R2. Which two conclusions can
be drawn from the R1 command output? (Choose two.)
A GRE tunnel is being used.
____________________________________________________________________
23. Two corporations have just completed a merger. The network engineer has been asked to connect the
two corporate networks without the expense of leased lines. Which solution would be the most cost
effective method of providing a proper and secure connection between the two corporate networks?
Cisco AnyConnect Secure Mobility Client with SSL
Frame Relay
remote access VPN using IPsec
Cisco Secure Mobility Clientless SSL VPN
site-to-site VPN
____________________________________________________________________
24. Which remote access implementation scenario will support the use of generic routing encapsulation
tunneling?
a mobile user who connects to a SOHO site
a central site that connects to a SOHO site without encryption
a branch office that connects securely to a central site
a mobile user who connects to a router at a central site