• Authentication headers (AHs) provide data integrity, anti-replay, and data origin authentication.

  • Encapsulating Security Payload (ESP) provides data integrity, anti-replay, data origin authentication, and data confidentiality.

  • The maximum number of transformations in the crypto ipsec transform-set command is three.

  • The ip local pool command is used to create a pool of IP addresses used by remote access clients using PPTP or L2TP.

  • Internet Key Exchange (IKE) is a hybrid protocol used to exchange keys.

  • AH and ESP can both be used at the same time. ESP is performed first and then encapsulated inside the AH.

  • The clear ipsec sa command is used to delete or clear all the current security associations.

  • Security associations can be created using either IKE dynamically or a manual process.

CSPFA Exam Cram 2 (Exam 642-521)
CCSP CSPFA Exam Cram 2 (Exam Cram 642-521)
ISBN: 0789730235
EAN: 2147483647
Year: 2003
Pages: 218

flylib.com © 2008-2017.
If you may any questions please contact us: flylib@qtcs.net