Lab 10

Question 1

Why is there no ICMP traffic captured for the ping from 10.1.24.102 (i.e., PC20) and 10.1.24.254?

You did not ping the default gateway from PC20

PC20 is already encyrpting its communications

Traffic from PC20 to all non-PC10 system is not sent to PC10 to be captured

The gateway sent any responses to the ping from PC20

Answer 1

Traffic from PC20 to all non-PC10 system is not sent to PC10 to be captured

Question 2

What are the three main types of IPSec policies that can be configured? (Select 3)

Permit
Block
Negotiate
Request
Enable

Answer 2

Permit
Block
Negotiate

Question 3

What is the primary benefit of tunneling?

Encryption
Faster routing
Promiscuous sniffing
Availability
Non-repudiation

Answer 3

Encryption

Question 4

Score: 1
In the lab, why was PC10 unable to collect the packets from PC20 directed to the default gateway or the website?

The packets from PC20 were not sent to the PC10 interface

PC20 did not communicate with the default gateway or website

The IPSec policy was in effect even before it was assigned

PC10 has a filter to ignore all traffic from PC10

Answer 4

The packets from PC20 were not sent to the PC10 interface

Question 5

Which of the following are options for implementing encrypted tunnels for secure communications? (Select all that apply)

IPsec
SSH
TLS
DNS
HTTP
FTP
ICMP

Answer 5

IPsec
SSH
TLS

Question 6

Your company is implementing IPSec policies on all internal systems. However, the configuration change will be rolled out over a three-month period. What is the best choice for the IPSec policy during the initial implementation phase?

Accept unsecured communication, but always respond using IPsec

Allow fallback to unsecured communications if a secure connection can not be established

Require all communications use IPSec

Do not respond to IPSec initiation queries

Answer 6

Allow fallback to unsecured communications if a secure connection can not be established