Which of the following is the authentication transform …

adminDecember 11, 2017

You create a static pointtopoint VTI tunnel on RouterA. Afterward, you issue the show runningconfig commandand receive the following output:

Which of the following is the authentication transform that will be used by the static VTI tunnel? (Select the best
answer.)

PrepAway - Latest Free Exam Questions & Answers

A.
ESP with 128bit AES

B.
ESP with 256bit AES

C.
ESP with 56bit DES

D.
ESP with 168bit 3DES

E.
ESP with MD5

F.
ESP with SHA

G.
AH with MD5

H.
AH with SHA

Explanation:
The static virtual tunnel interface (VTI) tunnel will use Encapsulating Security Payload (ESP) with Secure Hash
Algorithm (SHA) as the authentication transform, as indicated by the crypto ipsec transformset command. The
syntax of the crypto ipsec transformset command is crypto ipsec transformset transformname transform1
[transform2] [transform3] [transform4]. Up to four transforms can be specified in an IP Security (IPSec)
transform set: one ESP authentication transform, one authentication header (AH) transform, one ESP
encryption transform, and one IP compression transform.
ESP can use the Message Digest 5 (MD5) and SHA algorithms for authentication. The following keywords can
be used to specify the ESP authentication transform:
– espmd5hmac
– espshahmac
AH can also use the MD5 and SHA algorithms for authentication. The following keywords can be used to
specify the AH transform:
– ahmd5hmac
– uses AH with MD5
– ahshahmac
– uses AH with SHA
ESP can use the following encryption methods:
-128bit, 192bit, and 256bit Advanced Encryption Standard (AES)- 56bit Data Encryption Standard (DES)
– 168bit Triple DES (3DES)
-160bit Softwareoptimized Encryption ALgorithm (SEAL)
-Null encryption
The following keywords can be used to specify the ESP encryption transform:
– espies
– espaes 192
– espaes 256
– espdes
– esp3des
– espseal
– espnull
The LempelZivStac (LZS) algorithm is the only IP compression method that can be used in an IPSec transform
set. To configure a transform set to use LZS IP compression, you should use the complzs keyword.
Cisco: Cisco IOS Security Command Reference: crypto ipsec transformset

Get 50% Discount on All Your Purchases
at PrepAway.com - Latest Exam Questions

This is ONE TIME OFFER

Enter your email address to receive your 50% off dicount code:

SPECIAL OFFER: GET 50% OFF

Use Discount Code:

Cisco Exam Questions

Free Cisco Study Guide

Which of the following is the authentication transform …

Leave a Reply Cancel reply