Scribd
Upload
74 views1 page

IPsec and IPS Policies Overview

This document contains answers to 4 questions about IPsec and IPS (Intrusion Prevention System) configuration. Question 1 defines the two key functions of IPsec: using IKE to negotiate security associations and using Diffie-Hellman to establish a shared secret key. Question 2 lists three tasks of the IPS Policies Wizard: selecting the interface, traffic direction, and inspection policy. Question 3 identifies that enabling "Engine Fail Closed" determines how traffic is handled when a new IPS signature is being compiled. Question 4 states that all network-based IPS sensors contain monitoring interfaces and command and control interfaces.

Uploaded by

vvesch
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as DOCX, PDF, TXT or read online on Scribd
74 views1 page

IPsec and IPS Policies Overview

This document contains answers to 4 questions about IPsec and IPS (Intrusion Prevention System) configuration. Question 1 defines the two key functions of IPsec: using IKE to negotiate security associations and using Diffie-Hellman to establish a shared secret key. Question 2 lists three tasks of the IPS Policies Wizard: selecting the interface, traffic direction, and inspection policy. Question 3 identifies that enabling "Engine Fail Closed" determines how traffic is handled when a new IPS signature is being compiled. Question 4 states that all network-based IPS sensors contain monitoring interfaces and command and control interfaces.

Uploaded by

vvesch
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as DOCX, PDF, TXT or read online on Scribd

1.

IPsec Questions
July 9th, 2010in CCNA SecurityGo to comments
Here you will find answers to IPsec Questions
Question 1
Internet Protocol Security (IPsec) is a protocol suite for securing Internet Protocol (IP)
communications by authenticating and encrypting each IP packet of a data stream. IPsec
operation requires which two functions? (Choose two)
A. using PKI for pre-shared-key authentication
B. using AH protocols for encryption and authentication
C. using IKE to negotiate the SA
D. using Diffie-Hellman to establish a shared-secret key

Answer: C D
Question 2
With which three tasks does the IPS Policies Wizard help you? (Choose three)
A. Selecting the interface to which the IPS rule will be applied
B. Selecting the direction of traffic that will be inspected
C. Selecting the inspection policy that will be applied to the interface
D. Selecting the Signature Definition File (SDF) that the router will use
Answer: A B D
Question 3
Examine the following options ,when editing global IPS settings, which one determines if the IOS-
based IPS feature will drop or permit traffic for a particular IPS signature engine while a new
signature for that engine is being compiled?
A. Enable Engine Fail Closed
B. Enable Fail Opened
C. Enable Signature Default
D. Enable Default IOS Signature
Answer: A
Question 4
Based on the following items, which two types of interfaces are found on all network-based IPS
sensors? (Choose two)
A. Loopback interface
B. Monitoring interface
C. Command and control interface
D. Management interface
Answer: B C

You might also like