1. IPsec can protect traffic in which OSI layers? (Choose four.)
- Layer 1
- Layer 2
- Layer 3
- Layer 4
- Layer 5
- Layer 6
- Layer 7
Explanation: IPsec can protect traffic from Layer 4 through Layer 7.
2. Which IPsec function uses pre-shared passwords, digital certificates, or RSA certificates?
- IPsec protocol
- Confidentiality
- Integrity
- Authentication
- Diffie-Hellman
Explanation: Authentication uses pre-shared passwords, digital certificates, or RSA certificates.
3. True or False: The IPsec framework must be updated each time a new standard is developed.
- True
- False
Explanation: The correct answer is False: IPsec is not bound to any specific rules for secure communications. This flexibility of the framework allows IPsec to easily integrate new security technologies without updating the existing IPsec standards.
4. Which choices are packet encapslation options suported by IPsec? (Choose two.)
- AES
- AH
- DH24
- ESP
- PSK
- RSA
- SHA
Explanation: The IPsec Protocol function of the IPsec framework can use AH, ESP, or AH+ESP.
5. Which choices provide for the Confidentiality function in the IPsec framework? (Choose three.)
- 3DES
- AES
- AH
- DH24
- PSK
- SEAL
- SHA
Explanation: The Confidentiality function of the IPsec framework can use 3DES, AES, and SEAL. The confidentiality function of the IPsec framework can also use DES, although DES is no longer recommended.
6. Which choices provide for the Integrity function in the IPsec framework? (Choose two.)
- AES
- AH
- DH24
- MD5
- PSK
- SEAL
- SHA
Explanation: The Integrity function of the IPsec framework can use MD5 and SHA.
7. Which choices are available for the Authentication function in the IPsec framework? (Choose two.)
- AES
- AH
- DH24
- PSK
- RSA
- SEAL
- SHA
Explanation: The Authentication function of the IPsec framework can use PSK and RSA.
8. Which Diffie-Hellman group choices are no longer recommended?
- DH groups 1, 2, and 5
- DH groups 14, 15, and 16
- DH groups 19, 20, 21 and 24
Explanation: DH groups 1, 2, and 5 should no longer be used.