FiltersDone

Question type

Essay

Multiple Choice

Short Answer

True False

Matching

Exam 9: Ip Security

Show Answer

Share

---

All types

Filters

Study FlashcardsPractice ExamLearn

Question 1

Multiple Choice

Review LaterAdd Note

Review Later

The _________ facility enables communicating nodes to encrypt messages to prevent eavesdropping by third parties.

A) security
B) key management
C) authentication
D) confidentiality

E) A) and C)
F) A) and D)

Correct Answer

verified

Show Answer

Question 2

True/False

Review LaterAdd Note

Review Later

IPsec is executed on a packet-by-packet basis.

A) True
B) False

Correct Answer

verified

Show Answer

Question 3

Short Answer

Review LaterAdd Note

A __________ attack is one in which an attacker obtains a copy of an authenticated packet and later transmits it to the intended destination.

__________ provides the capability to secure communications across a LAN, across private and public WANs, and across the Internet.

The Security Parameters Index identifies a security association.

The __________ facility is concerned with the secure exchange of keys.

The means by which IP traffic is related to specific SAs is the _________ .

The Payload Data Field is designed to deter replay attacks.

_________ consists of an encapsulating header and trailer used to provide encryption or combined encryption/authentication.The current specification is RFC 4303.

_________ identifies the type of data contained in the payload data field by identifying the first header in that payload.

IKE key determination employs __________ to ensure against replay attacks.

IPsec policy is determined primarily by the interaction of two databases: The security policy database and the __________ .

The key management mechanism that is used to distribute keys is coupled to the authentication and privacy mechanisms only by way of the _________ .

IPsec encompasses three functional areas: authentication, key management, and __________ .

The __________ payload contains either error or status information associated with this SA or this SA negotiation.

_________ defines a number of techniques for key management.

The default automated key management protocol for IPsec is referred to as ISAKMP/Oakley.

A value chosen by the responder to identify a unique IKE SA is a _________ .

_________ can be used to provide confidentiality, data origin authentication, connectionless integrity, an anti-replay service, and traffic flow confidentiality.

A security association is uniquely identified by three parameters: Security Protocol Identifier, IP Destination Address, and ________ .