• Shuffle
    Toggle On
    Toggle Off
  • Alphabetize
    Toggle On
    Toggle Off
  • Front First
    Toggle On
    Toggle Off
  • Both Sides
    Toggle On
    Toggle Off
  • Read
    Toggle On
    Toggle Off
Reading...
Front

Card Range To Study

through

image

Play button

image

Play button

image

Progress

1/23

Click to flip

Use LEFT and RIGHT arrow keys to navigate between flashcards;

Use UP and DOWN arrow keys to flip the card;

H to show hint;

A reads text to speech;

23 Cards in this Set

  • Front
  • Back
3 Characteristics of a secure VPN
Authentication (Identity), Data Confidentality (no eavesdropping), Data Integrity (no tampering).
Examples of Encapsulating Protocols
- GRE
- IPSec
- L2F
- PPTP
- L2TP
Two IPSec Encryption Modes
1. Tunnel
2. Transport
IPSec Tunnel Mode
Encrypts the header and payload of each packet
IPSec Transport Mode
Encrypts only the payload of each packet
Once an IPSec tunnel is active, which encryption is used, Symmetric or Asymmetric?
Symmetric
Which encryption type is used for authenticating both ends of an IPSec tunnel?
Asymmetric
Examples of Asymmetric encryption algorithms
- RSA
Examples of Symmetric encryption algorithms
- DES
- 3DES
- AES
What is another term for Asymmetric encryption?
Public-key cryptography
Symmetric key lengths
- 80
- 112
- 128
- 192
- 256
Asymmetric key lengths
- 1024
- 2048
- 3072
- 7680
- 15,360
The two types of symmetric key encryption algorithms are:
1. Stream Ciphers
2. Block Ciphers
DES key length
56 bits, 64 bits counting parity

DES is symmetric
3DES key length
168 bits, effective length 112 bits

3DES is symmetric
AES key length
128, 192, or 256

AES is symmetric
Examples of one-way hash functions (HMAC)

(for assuring Data Integrity)
- MD5
- SHA-1
IPSec 3 main protocols:
- IKE
- ESP
- AH (deprecated)
AH protocol number
51
ESP protocol number
50
Initial router config for SDM
Router(config)# username ciscosdm privilege 15 password 0 ciscosdm
Router(config)# ip http server
Router(config)# ip http secure-server
Router(config)# ip http authentication local
Router(config)# line vty 0 4
Router(config)# login local
Router(config)# transport input telnet ssh
Basic GRE tunnel config
R(config)# int tun<tun>
R(config-if)# tunnel source <phys int>
R(config-if)# tunnel dest <dest IP>
R(config-if)# ip addr <ipaddr> <mask>
Steps for setting up basic IPSec
1. Enable IKE
2. Create ISAKMP policy
3. Add elements to the ISAKMP policy
4. Configure pre-shared keys
5. Configure transform sets
6. Set SA lifetimes
7. Define interesting traffic
8. Create crypto map
9. Apply crypto map to interface