Which one of these statements is correct in regards to Next Gen University Ipsec tunnel between its Santa Cruz main campus and its SJ remote campus?

Site-to-site VPN SDM Lab Sim
Which one of these statements is correct in regards to Next Gen University Ipsec tunnel between its Santa Cruz main campus and its SJ remote campus?
exhibit

Site-to-site VPN SDM Lab Sim

Which one of these statements is correct in regards to Next Gen University Ipsec tunnel between its Santa Cruz main campus and its SJ remote campus?

A.
It is using Ipsec tunnel mode, AES encryption, and SHA HMAC integrity Check.

B.
It is using Ipsec transport mode, 3DES encryption, and SHA HMAC integrity Check.

C.
It is using Ipsec tunnel mode to protect the traffic between the 10.10.10.0/24 and the 10.2.54.0/24 subnet.

D.
It is using digital certificate to authenticate between the Ipsec peers and DH group 2.

E.
It is using pre-shared key to authenticate between the Ipsec peers and DH group 5.

Explanation:
From the Site-to-site VPN tab, we specify that the SJ’s IP address is 192.168.2.57 with IPsec Rule of 152. Click on the IPSec Rules group to see what rule 152 is -> rule 152 is permit source 10.10.10.0/24 to destination 10.2.54.0/24.

Also, in the description of the above tab, we can see “Tunnel to SJ remote campus” -> it uses Tunnel mode (although it is only the description and can be anything but we can believe it uses Tunnel mode). If you don’t want to accept this explanation then have a look at the IPSec Policy & Seq No. columns, which are SDM_CMAP_1 & 1. Click on the VPN ComponentsIPSecIPSec Policies group we will learn the corresponding Transform Set is ESP-3DES-SHA. Then click on the Transform Sets group we can see the corresponding mode is TUNNEL.



Leave a Reply 1

Your email address will not be published. Required fields are marked *


networkmanagers

networkmanagers

I have the same idea.