Terms you'll need to understand:
Internet Key Exchange (IKE) Phase 1
IKE Phase 2
Crypto access list
Symmetrical access control lists (ACLs)
Transforms
Certificate authority (CA)
Registration authority (RA)
Root certificate
Identity certificate
RA certificate
Certificate revocation list (CRL)
Techniques you'll need to master:
Enabling IKE
Configuring Internet Security Association and Key Management Protocol (ISAKMP) identity
Configuring IKE Phase 1 security parameters
Configuring preshared keys
Configuring digital certificate support
Configuring crypto ACLs
Configuring IP Security (IPSec) security association (SA) lifetimes
Configuring transform sets
Configuring crypto maps
Verifying IKE configuration
Verifying and testing IPSec