If you were NOT using IKE aggressive mode for your IPsec tunnel, how many packets would you see for normal Phase 1 exchange?
How many packets does the IKE exchange use for Phase 1 Main Mode?
How many packets does the IKE exchange use for Phase 1 Aggressive Mode?
Which of the following actions take place in IKE Phase 2 with Perfect Forward Secrecy disabled?
A. The DH public keys are exchanged.
B. Peers authenticate using certificates or preshared secrets.
C. Symmetric IPsec keys are generated.
D. Each Security Gateway generates a private Diffie-Hellman (DH) key from random pools.
Which of the following commands can be used to remove site-to-site IPsec Security Association
A. fw ipsec tu
B. vpn ipsec
C. vpn debug ipsec
D. vpn tu
In which IKE phase are IKE SA’s negotiated?
A. Phase 4
B. Phase 1
C. Phase 3
D. Phase 2
In which IKE phase are IPsec SA’s negotiated?
A. Phase 3
B. Phase 1
C. Phase 2
D. Phase 4
You wish to configure an IKE VPN between two R71 Security Gateways, to protect two networks.
The network behind one Gateway is 10.15.0.0/16, and network 192.168.9.0/24 is behind the peer’s Gateway. Which type of address translation should you use to ensure the two networks access each other through the VPN tunnel?
A. Hide NAT
B. Static NAT
C. Manual NAT
Which operating system is not supported by SecureClient?
A. MacOS X
B. Windows XP SP2
C. Windows Vista
D. IPSO 3.9
Which of the following SSL Network Extender server-side prerequisites is NOT correct?
A. The Gateway must be configured to work with Visitor Mode.
B. There are distinctly separate access rules required for SecureClient users vs. SSL Network Extender users.
C. To use Integrity Clientless Security (ICS), you must install the IC3 server or configuration tool.
D. The specific Security Gateway must be configured as a member of the Remote Access Community
DownloadLatest Checkpoint 156-215.71 Real Free Tests , help you to pass exam 100%.