Entire Site
Free Trial
Safari Books Online is a digital library providing on-demand subscription access to thousands of learning resources.
- Create BookmarkCreate Bookmark
- Create Note or TagCreate Note or Tag
- DownloadDownload
- PrintPrint
Chapter 20 Fill in the Blanks Answers
Chapter 20 Fill in the Blanks Answers
| 1. | The ISR will use the identity certificate to identify itself to remote clients. |
| 2. | Split tunneling can increase the risk to remote clients and internal resources because the clients can potentially act as a relay between untrusted and trusted networks. |
| 3. | When terminating a clientless VPN, the ISR acts as a proxy to provide access to internal resources to remote users. |
| 4. | Full tunneling VPNs require VPN client software to be installed on the remote computer or dedicated VPN devices (hardware clients) to enable full routed IP access to internal resources. |
| 5. | Clientless VPNs are easier to deploy than a full tunneling remote access VPN, but they typically provide limited access to resources when compared to the full tunnel. |
| 6. | Clientless deployments require that the user open a web browser, which acts as the VPN client, and the VPN gateway acts as a proxy device to the internal resources. |
| 7. | The recommended algorithms for IKE session encryption are AES-128 and 3DES. |
| 8. | The recommended hash algorithm to provide message authentication and integrity is SHA-1 HMAC. |
| 9. | The recommended algorithms for encryption of user traffic are AES-128 and 3DES. |
| 10. | Port forwarding requires administrative privileges because it changes the local host’s file. |
