Use LEFT and RIGHT arrow keys to navigate between flashcards;
Use UP and DOWN arrow keys to flip the card;
H to show hint;
A reads text to speech;
28 Cards in this Set
- Front
- Back
IP security is a capability that can be added to either current version of the Internet Protocol by means of additional headers.
|
True
|
|
The principal feature of IPsec is that it can encrypt and/or authenticate all traffic at the IP level.
|
True
|
|
Transport mode provides protections to the entire IP packet.
|
False
|
|
Additional padding may be added to provide partial traffic flow confidentiality by concealing the actual length of the payload.
|
True
|
|
Authentication must be applied to the entire original IP packet.
|
False
|
|
An end user whose system is equipped with IP security protocols can make a local call to an ISP and gain secure access to a company network.
|
True
|
|
Both tunnel and transport modes can be accommodated by the encapsulation security payload encryption format.
|
True
|
|
An individual SA can implement both the AH and the ESP protocol.
|
False
|
|
By implementing security at the IP level an organization can ensure secure networking not only for applications that have security mechanisms but also for the many security ignorant applications.
|
True
|
|
IPsec can guarantee that all traffic designated by the network administrator is authenticated bu cannot guarantee that it is encrypted.
|
False
|
|
Any traffic from the local host to a remote host for purposes of an IKE exchange bypasses the IPsec processing.
|
True
|
|
IPsec is executed on a packet-by-packet basis.
|
True
|
|
The Payload Data Field is designed to deter replay attacks.
|
False
|
|
The Security Parameters Index identifies a security association.
|
True
|
|
The default automated key management protocol for IPsec is referred to as ISAKMP/Oakley.
|
True
|
|
Authentication applied to the entire original IP packet is ______.
|
tunnel mode
|
|
_________ defines a number of techniques for key management.
|
SKE
|
|
Authentication applied to all of the packets except for the IP header is ___________.
|
transport mode
|
|
The __________ mechanism assures that a received packet was in fact transmitted by the party identified as the source in the packet header and assures that the packet has not been altered in transit.
|
authentication
|
|
________ provides the capability to secure communications across a LAN, across private and public WANs, and across and Internet.
|
IPsec
|
|
The __________ facility enables communicating nodes to encrypt messages to prevent eavesdropping by third parties.
|
confidentiality
|
|
The key management mechanism that is used to distribute keys is coupled to the authentication and privacy mechanisms only by way of the __________.
|
SPI
|
|
A ________ is a one way relationship between a sender and a receiver that affords security services to the traffic carried on it.
|
SA
|
|
The means by which IP traffic is related to specific SAs is the _________.
|
SPD
|
|
_________ consists of an encapsulating header and trailer used to provide encryption of combined encryption/authentication. The current specification is RFC 4303.
|
IPsec
|
|
___________ identifies the type of data contained in the payload data field by identifying the first header in that payload.
|
Sequence header
|
|
A value chosen by the responder to identify a unique IKESA is a ____________.
|
responder cookie
|
|
IKE key determination employs _________ to ensure against replay attacks.
|
flags
|