CCNP Security FAQ : Configuring Access VPNs
Q1. What is the Easy VPN Server functionality known as Initial Contact?
A. Ability to cause the Easy VPN Server to delete any existing connections, thus preventing SA synchronization problems
B. The first connection between an Easy VPN Client and Easy VPN Server
C. The initial message sent from the Easy VPN Server to the Easy VPN Client
D. The initial message sent from the Easy VPN Client to the Easy VPN Server
E. None of theses answers are correct
Q2. Which of the following platforms does not support the Easy VPN Remote feature functionality?
A. 800 Series routers
B. 900 Series routers
C. 7200 Series routers
D. 1700 Series routers
E. None of these answers are correct
Q3. Which two IKE authentication mechanisms do the Easy VPN Remote Clients support? (Choose two.)
A. Username/password
B. Preshared keys
C. Diffie-Hellman
D. Digital certificates
E. XAUTH
Q4. How many different operation modes does the Easy VPN Remote feature support?
A. 1
B. 4
C. 2
D. 3
E. None of these answers are correct
Q5. In which Easy VPN Remote mode are the IP addresses of the remote systems visible on the Easy VPN Server network?
A. Client mode.
B. Network extension mode.
C. Server mode.
D. No Easy VPN Remote modes support this functionality.
E. All Easy VPN Remote modes
Q6. The Cisco VPN Software Client supports which key management techniques?
A. IKE main mode
B. IKE aggressive mode
C. IKE active mode
D. Diffie-Hellman groups 1, 2, 5, and 7
E. All of these answers are correct
F. None of these answers are correct
Q7. What is Secure Unit Authentication (SUA)?
A. The ability to require the hosts on the remote protected network to be authenticated individually based on the IP address of the inside host
B. The ability to require one-time passwords, two-factor authentication, and similar authentication schemes before the establishment of a VPN tunnel to the Easy VPN Server
C. An authentication mechanism between the remote systems and the Easy VPN Remote Client
D. An authentication mechanism that the Cisco VPN Software Client uses to connect with the Easy VPN Remote feature
E. None of these answers are correct
Q8. Which authentication mechanisms are supported with PPPoE?
A. PAP
B. CHAP
C. IKE
D. MS-CHAP
E. None of these answers are correct
Q9. Which command enables the Cisco Security Appliance to pass configuration parameters learned from a DHCP server to its DHCP clients?
A. dhcpd auto_config
B. dhcpd option 150
C. dhcpd address
D. dhcpd bind
E. None of these answers are correct
Q10. Which of the following is false with regard to the Security Appliance?
A. You can pass configuration parameters learned from the DHCP client to the Security Appliance’s DHCP clients.
B. You can pass configuration parameters learned from the PPPoE client to the Security Appliance’s DHCP clients.
C. You can enable the DHCP client and the DHCP server simultaneously.
D. You can enable the PPPoE client and the DHCP client on the same interface simultaneously.
E. All of these statements are true.
Q11. Which two major components comprise the Easy VPN solution?
Q12. Which three types of devices can serve as Easy VPN Servers?
Q13. What is DPD?
Q14. What is Initial Contact?
Q15. Which client platforms support the Easy VPN Remote feature?
Q16. Which router platforms can be used as Cisco Easy VPN Clients?
Q17. What are the six major steps that occur when the Easy VPN Remote client initiates a connection with the Easy VPN Server gateway?
Q18. When initiating the VPN connection, the client can use which two IKE authentication mechanisms?
Q19. What is XAUTH?
Q20. Which two modes of operation does the Easy VPN Remote support?
Q21. In which Easy VPN Remote mode are the addresses of the remote system visible on the Easy VPN Server network?
Q22. What feature enables the Cisco VPN Software Client to be simple to deploy and manage?
Q23. Which encryption algorithms are supported by the Cisco VPN Software Client?
Q24. What is SUA?
Q25. What is IUA?
Q26. What is PPPoE?
Q27. What type of DHCP functionality does the Security Appliance provide?
Q28. Which command enables you to configure the Security Appliance to pass configuration parameters learned by using either PPPoE or DHCP to its DHCP clients?
More Resources