PrepAway - Latest Free Exam Questions & Answers

what can you conclude about this community?

You have a mesh VPN Community configured to create a site-to-site VPN.

Given the displayed VPN properties, what can you conclude about this community?

PrepAway - Latest Free Exam Questions & Answers

A.
Change the data-integrity setting for this VPN Community because MD5 is oncompatible with
AES.

B.
Changing the setting Perform key exchange encryption with from AES-256 to 3DES will
enhance the VPN Community’s security , and reduce encryption overhead.

C.
The VPN Community will perform IKE Phase 1 key-exchange encryption using the longest key
Security Gateway R76 supports.

D.
Changing the setting Perform IPsec data encryption with from AES-128 to 3Des will increase
the encryption overhead.

3 Comments on “what can you conclude about this community?

  1. imran says:

    A,B,C are wrong bcz

    Algorithm Key-Length in Bits Standard
    FWZ-1 40-bits Check Point proprietary
    CAST 40-bits Public
    DES 56-bits Public
    3DES 168-bits Public
    AES 256-bits Public




    0



    0
  2. Greg says:

    As far as the CPU difference between the two, there are various claims floating around stating that 3DES requires several times as much CPU as an equivalent operation under AES. In the real world whenever I have recommended that a client convert their firewall’s IPSec/Phase 2 encryption algorithm from 3DES to AES-128 their average firewall CPU load has dropped by 10-30%; every time.




    0



    0

Leave a Reply