Certification Zone Join NowLog InMy Shopping Cart
Tutorials Study Quizzes Lab Scenarios Practice Exams

Security a Growing Topic on All Cisco R&S; Exams

Those who are not spending a great deal of time studying security topics because they are not studying for a Cisco security exam may be in for a surprise. Security finds its way into many Cisco exams. If you read the topic lists for the CCIE R&S; written and the BCRAN 642-821 exams you find very little mentioned about security, but that's not what we are hearing. People are telling us that a solid understanding of security topics is necessary if you want to pass these two exams. Topics that we've heard that are on these two exams include: AAA, IPSec, AH, ESP, and IKE. CertZone now has three excellent Study Guides on these topics:

Securing Communications Part 1 by Annlee Hines
Other VPNs by Annlee Hines
And the newly released AAA by David Wolsefer

1. Encryption alone can assure

a) Privacy

b) Confidentiality

c) Source identity

d) Authorship

2. A Digital Certificate is a Digital Signature that has been encrypted with the signer's public key.

a) True

b) False

3. Which of the following are IPSec protocols?
(Choose 2)

a) Authentication Header (AH)

b) Internet Key Exchange (IKE)

c) Encapsulating Security Payload (ESP)

d) Security Association (SA)

4. Which of the following are IPSec operating modes?
(Choose 2)

a) Manual configuration mode

b) IKE mode

c) Tunnel mode

d) Transport mode

5. IPSec VPNs offer more ________ than Layer 2 VPNs.

a) Confidentiality

b) Nonrepudiation

c) Integrity

d) All of these are correct

6. IPSec crypto access lists:

a) Select/deselect traffic for IPSec processing

b) Select/deselect traffic for passage through the interface

c) Cause manual IPSec associations to be created

d) All of these are correct

7. While IPSec can be nested with Layer 2 VPNs, it cannot be applied in multiple layers itself.

a) True

b) False

8. Which of the following is true concerning IKE?

a) IKE authenticates IPSec peers and establishes a session to create and manage keys (if necessary)

b) IKE occurs in two phases

c) IKE negotiation occurs using UDP rather than TCP

d) All of these are correct

9. Which AAA system(s) does CiscoSecure ACS support?

a) Radius

b) Tacacs

c) Kerberos

d) Radius and Tacacs

e) Radius, Tacacs, and Kerberos

10. Which AAA protocol(s) encrypt the entire body of the packet, but leaves a standard header?

a) Radius

b) Tacacs

c) Kerberos

d) Radius and Tacacs

e) None of the above, you need IPSec ESP to do this.

Please enter the email address you would like your results emailed to. In order to take advantage of any special offers, you will need to subscribe to Certification Zone using this same address:

I would like to receive Certification Zone emails about new features, special offers, discounts, and free "Study Question of the Week" newsletter: 

Personal Study Zone

Join Now
About the Site
Exam Study Assistant
Zone Newsletter
Shop for Study Tools
Meet the Experts
Partner / Advertise
Contact Us
More Resources
"Certification Zone is the first place I look to find subject materials to study."

Mang Chau

Read More Testimonials
Click Here!
Copyright © Genium Group, Inc. All rights reserved. Terms of Use | Privacy Policy 
Certification Zone is an independent product, not sponsored by, endorsed by, or affiliated with Cisco Systems, Microsoft Corporation, or the Field Certified Professionals Association. Cisco®, Cisco Systems®, CCNA™, CCNP™, CCIE™, CCSI™, and the Cisco Systems logo are trademarks or registered trademarks of Cisco Systems Inc. Microsoft®, Windows®, Windows 2000™, Windows 2003™, MCSA™, and MCSE™ are trademarks or registered trademarks of Microsoft Corporation. FCSA™ and FCSE™ are registered trademarks of the Field Certified Professionals Association.