juniper认证考试

Which three security concerns can be addressed by a tunnel mode IPsec VPN secured by ESP?()A、data integrityB、data confidentialityC、data authenticationD、outer IP header confidentialityE、outer IP header authentication

题目

Which three security concerns can be addressed by a tunnel mode IPsec VPN secured by ESP?()

  • A、data integrity
  • B、data confidentiality
  • C、data authentication
  • D、outer IP header confidentiality
  • E、outer IP header authentication
如果没有搜索结果,请直接 联系老师 获取答案。
如果没有搜索结果,请直接 联系老师 获取答案。
相似问题和答案

第1题:

Which three security concerns can be addressed by a tunnel mode IPsec VPN secured by AH?() (Choose three.)

A. data integrity

B. data confidentiality

C. data authentication

D. outer IP header confidentiality

E. outer IP header authentication


参考答案:A, C, E

第2题:

IPsec, also known as the internet Protocol ( ) , defines the architecture for security services for IP network traffic IPsec describes the framework for providing security a the IP layer, as well as the suite of protocols designed to provide that security: through_ ( )_ and encryption of IP network packets. IPec can be used 10 protect network data, for example, by setting up circuits using IPsec ( ), in which all data being sent between two endpoints is encrypted, as with a Virtual (请作答此空) Network connection ;for encrypting application layer data ;and for providing security for routers sending routing data across the public internet. Internet traffic can also be secured from host to host without the use of IPsec, for example by encryption at the ( ) layer with HTTP Secure (TTPS)or an the transport layer wit the Transport Layer Security (TLS)protocol.

A.pubic]
B.private]
C.personal
D.proper

答案:B
解析:

第3题:

Which three security concerns can be addressed by a tunnel mode IPsec VPN secured by ESP?() (Choose three.)

A. data integrity

B. data confidentiality

C. data authentication

D. outer IP header confidentiality

E. outer IP header authentication


参考答案:A, B, C

第4题:

What is not a difference between VPN tunnel authentication and per-user authentication?()

  • A、VPN tunnel authentication is part of the IKE specification. 
  • B、VPN tunnel authentication does not control which end user can use the IPSec SA (VPN tunnel).
  • C、User authentication is used to control access for a specific user ID, and can be used with or without a VPN tunnel for network access authorization. 
  • D、802.1X with EAP-TLS (X.509 certificates) can be used to authenticate an IPSec tunnel.

正确答案:D

第5题:

Which option ensures that data is not modified in transit?()

  • A、Authorization
  • B、Confidentiality
  • C、Authentication
  • D、Integrity

正确答案:D

第6题:

Which component of VPN technology ensures that data can be read only by its intended recipient?()

A. data integrity

B. encryption

C. key exchange

D. authentication


参考答案:D

第7题:

What does qos pre-classify provides inregardto implementing QoS over GRE/IPSec VPN tunnels?()

  • A、 enables IOS to copy the ToS field from the inner (original) IPheader to theouter tunnel IP header
  • B、 enables IOS to make a copy of the inner (original) IP header and to run a QoS classification before encryption, based on fields in the inner IP header.
  • C、 enables IOS to classify packets based on the ToS field in the inner (original) IP header
  • D、 enables IOS to classify packets based on the ToS field in the outer tunnel IP header
  • E、 enables the IOS classification engine to only see a single encrypted and tunneledflow to reduce classification complexity

正确答案:B

第8题:

When an SRX series device receives an ESP packet, what happens?()

A. If the destination address of the outer IP header of the ESP packet matches the IP address of the ingress interface, it will

B. If the destination IP address in the outer IP header of ESP does not match the IP address of the ingress interface, it will

C. If the destination address of the outer IP header of the ESP packet matches the IP address of the ingress interface, based packet.

D. If the destination address of the outer IP header of the ESP packet matches the IP address of the ingress interface, based of inner header, it will decrypt the packet.


参考答案:C

第9题:

IPSec VPN is a widely-acknowledged solution for enterprise network. Which three IPsec VPNstatements are true?()

  • A、IKE keepalives are unidirectional and sent every ten seconds
  • B、IPsec uses the Encapsulating Security Protocol (ESP) or the Authentication Header (AH)protocol for exchanging keys
  • C、To establish IKE SA, main mode utilizes six packets while aggressive mode utilizes only threepackets
  • D、IKE uses the Diffie-Hellman algorithm to generate symmetrical keys to be used by IPsec peers

正确答案:A,C,D

第10题:

Which QoS preclassification option will require the use of the qos pre-classify command for the VPN traffic? ()

  • A、VPN traffic needs to be classified based on the Layer2 header information
  • B、VPN traffic needs to be classified based on the IP precedence or DSCP
  • C、VPN traffic needs to be classified based on IP flow or Layer 3 information, such as source and destination IP address
  • D、VPN traffic with Authentication Header (AH) needs to preserve the ToS byte

正确答案:C

更多相关问题
相关内容