The questions and scenarios in this book are more difficult than what you will experience on the actual exam. The questions do not attempt to cover more breadth or depth than the exam, but they are designed to make sure that you know the answer. Rather than enabling you to derive the answer from clues hidden inside the question itself, the questions challenge your understanding and recall of the subject.
Hopefully, mastering these questions will help you limit the number of exam questions on which you narrow your choices to two options, and then guess.
The answers to these questions can be found in Appendix A.
1. What are the features of IPsec?
2. What are the three main protocols specified by IPsec?
3. Describe the differences between data confidentiality and data integrity.
4. Which IPsec features are performed by an HMAC?
5. How does IPsec tunnel mode differ from IPsec transport mode?
6. Describe the port or protocol numbers used for AH, ESP, and IKE.
7. Define one-time passwords.
8. Which peer authentication methods require the use of predefined and/or preconfigured information into the IPsec endpoints?
9. What problem does IKE solve for IPsec?
10. Which IKE phase is responsible for extended authentication?
11. IKE creates a number of SAs. What is the purpose of a bidirectional SA?
12. Describe the three IKE modes.
13. What are some of the additional features of IKE?
14. What are the features of symmetric encryption?
15. Which algorithms are considered asymmetric?
16. Which optional PKI component can handle enrollment requests?
17. X.509v3 is considered the current version of which security mechanism?
18. Within the PKI, what are LDAP and HTTP examples of?
Was this article helpful?