Q: 7
DRAG DROP [Network Security] Drag and drop the VPN functions from the left onto the description on the right.
Drag & Drop
Discussion
SHA-1 → ensures data integrity, ISAKMP → defines IKE SAs, AES → confidentiality, RSA → authentication. Only thing is if they asked about signing or digital signatures, could maybe flip SHA-1 and RSA in a weird context, but for VPNs pretty sure this matches Cisco docs. Let me know if I'm missing an edge case.
SHA-1 to ensures data integrity, ISAKMP to defines IKE SAs, AES to ensures data confidentiality, RSA to provides authentication. Seen a similar mapping in official practice labs. Pretty sure that's right for VPN fundamentals, but open if anyone has seen different options on their exam.
This order looks solid to me: SHA-1 for integrity, ISAKMP for IKE SAs, AES does confidentiality, RSA gives authentication. Pretty standard VPN roles per Cisco docs. If anyone sees a gotcha here let me know but I think this covers it.
SHA-1 to data integrity, ISAKMP for IKE SAs, AES does confidentiality, RSA gives authentication. Official guide covers these, review practice questions too.
Probably B. D is a common guess, but platform settings are more about things like NTP and device basics, not actual policies.
SHA-1 to ensures data integrity, ISAKMP to defines IKE SAs, AES to ensures data confidentiality, RSA to provides authentication.
Pretty sure it's SHA-1 to integrity, ISAKMP to IKE SAs, AES for confidentiality, RSA for authentication.
Nah, I don't think ISAKMP is a trap here. SHA-1 to integrity, ISAKMP to IKE SAs, AES for confidentiality, RSA for authentication.
SHA-1 → ensures data integrity, ISAKMP → defines IKE SAs, AES → ensures data confidentiality, RSA → provides authentication. Pretty sure that's right since AES is for encryption, ISAKMP is the framework for SAs, SHA-1 handles hash checks. I don't think ISAKMP for confidentiality is a trap but saw that mix-up before.
Maybe D, since intrusion policy is a big focus with FMC device management.
Be respectful. No spam.
