Home > Articles > Certification > Cisco Certification

  • Print
  • + Share This
This chapter is from the book

This chapter is from the book

Review Questions

Answer the following review questions, which delve into some of the key facts and concepts covered in this chapter:

1. Name an advantage and a disadvantage of using preshared keys for authentication.

2. What command do you use to enter a preshared key?

3. How do you view IKE policies in the PIX's configuration?

4. How do you enable IKE for one interface and not for another?

5. How many transforms can be defined in a transform set?

6. How do you configure IPSec security association lifetimes on the PIX Firewall?

7. What command do you use to define the traffic flows to be protected?

8. When are the IPSec SAs initialized with IKE configured?

9. How can you view IKE events as they occur between IPSec peers?

10. Why does IKE fail for preshared keys in the following sample configurations?

Example 17-22 PIX1

crypto isakmp policy 100
 authentication rsa-sig
 group 2
 lifetime 5000
crypto isakmp policy 200
 hash md5
 authentication pre-share
crypto isakmp policy 300
 authentication rsa-encr
 lifetime 10000

Example 17-23 PIX2

crypto isakmp policy 100

authentication rsa-sig group 2 lifetime 5000 crypto isakmp policy 200 authentication rsa-sig lifetime 10000 crypto isakmp policy 300 hash sha authentication pre-share
  • + Share This
  • 🔖 Save To Your Account