What are the two phases of an IPSEC VPN?

What are the two phases of an IPSEC VPN?

• CRYPTO and POLICY
• IKE and CRYPTO
• IKE and IPSEC
• IKE and JONESEY 

 

EXPLANATION

https://www.google.com/url?sa=t&rct=j&q=&esrc=s&source=web&cd=3&cad=rja&...

Configure Phase 2 of the IPsec VPN tunnel.

1. (Optional) Configure a custom IPsec Phase 2 proposal. This step is optional, as you can use a predefined IPsec Phase 2 proposal set (Standard, Compatible, or Basic).
2. Configure an IPsec policy that references either your custom IPsec Phase 2 proposal or a predefined IPsec Phase 2 proposal set. Specify perfect forward secrecy (PFS) keys.
3. Configure an IPsec VPN tunnel that references both the IKE gateway and the IPsec policy. Specify the proxy IDs to be used in Phase 2 negotiations.

   (For route-based VPNs) Bind the secure tunnel interface st0.x to the IPsec VPN tunnel.

 SOURCE

https://www.google.com/url?sa=t&rct=j&q=&esrc=s&source=web&cd=3&cad=rja&uact=8&ved=0ahUKEwijve__s_vXAhUs3IMKHfv7C1gQFggyMAI&url=http%3A%2F%2Fwww.ciscopress.com%2Farticles%2Farticle.asp%3Fp%3D24833%26seqNum%3D6&usg=AOvVaw0WF2U-qwYgHjTvkVu2BzSZ

 

Read More

What Type of Hypervisor is VMware ESXi

What Type of Hypervisor is VMware ESXi

• Type 2
• Type 3
• Type 1
• Type 11 

 

EXPLANATION

Type 1 hypervisor running directly on the hardware with VM resources provided by the hypervisor such as VMware ESXi and Citrix XenServer

Type 2 hypervisor runs on a host operating system to provide virtualization services such as VMware Workstation or Oracle VirtualBox running on Microsoft Windows, or Debian Linux.

For more information on Hypervisors
https://en.wikipedia.org/wiki/Hypervisor

SOURCE

https://en.wikipedia.org/wiki/VMware_ESXi

Read More

Where do stratum 1 NTP servers get time from?

Where do stratum 1 NTP servers get time from?

• Averaging time from other trusted sources
• A stratum 2 clock
• A reference clock
• They generate it internally 

 

EXPLANATION

Stratum 1 NTP servers are the highest, most trusted order of NTP servers. They receive their time by being directly connected to a reference clock, typically an atomic clock. Reference clocks are also referred to as stratum 0 devices.

http://support.ntp.org/bin/view/Servers/ServerStratum

Read More

Which of the following PowerShell cmdlets creates a new Active Directory user account?

Which of the following PowerShell cmdlets creates a new Active Directory user account?

• New-ADUser
• Add-ADUser
• Create-ADUser
• Make-ADUser 

 

EXPLANATION

The New-ADUser cmdlet creates a new Active Directory user. You can set commonly used user property values by using the cmdlet parameters.

 

 

Read More

What we use to increase the random access memory (RAM) capacity of a running virtual machine (VM) without downtime in vSphere setting

What we use to increase the random access memory (RAM) capacity of a running virtual machine (VM) without downtime in vSphere setting

• memory hot-add
• cpu-hotplug
• drive hot-plug
• cpu hot-add 

 

 

EXPLANATION

VMware vSphere hot add is a feature that allows an administrator to increase the random access memory (RAM) capacity of a running virtual machine (VM) without downtime

VSphere hot add can be enabled during the configuration of VMware VMs running hardware version 7 and newer, on compatible OSes and with the use of VMware Tools. Because vSphere hot add is disabled by default, and VMs must be powered off to enable it, administrators should consider enabling hot add from the start if there's a possibility that a VM will need more resources at any point.

SOURCE

https://searchvmware.techtarget.com/definition/vSphere-hot-add

 

Read More

Which of these is an NSA Type-1 Programmable Encryption Device used primarily by the Department of Defense for linux-based tracking systems?

Which of these is an NSA Type-1 Programmable Encryption Device used primarily by the Department of Defense for linux-based tracking systems?

• SKL
• ANCD
• KGV-72
• RT-1523 

 

EXPLANATION

 The KGV-72 Type-1 Programmable Encryption Device features a modular architecture with the programmability and scalability to accommodate a wide range of link and Internet Protocol (IP) in-line network encryption applications. Developed as part of the Force XXI Battle Command, Brigade-and-Below (FBCB2) Type-1 Encryption Device (T1ED) Program, the KGV-72 is a high-grade security solution that is compatible with existing and future Blue Force Tracking (BFT) terminals and transceivers. Its flexible, software-upgradeable design supports both legacy FBCB2 L-band/BLOS link communications and evolving IP standards. The KGV-72 is secured with the programmable National Security Agency (NSA)-certified Sierra II™ encryption module, which meets all requirements of the NSA’s Cryptographic Modernization initiative. Programming of Suite-A and Suite-B algorithms is also supported, allowing the KGV-72 to be used for a wide range of in-line network applications. The KGV-72 operates seamlessly with installed FBCB2 remote computers and provides high-grade traffic data encryption. For easy operation, the KGV-72 front panel features only a single knob and LED. Tested to MIL-STD-810F requirements, the KGV-72 is a military-rugged encryption device in a compact, form factor package ideal for secure force tracking applications.

Read More

What is the name of the file that Imagex or DISM if you wish to exclude folders from sysprep and capture?

What is the name of the file that Imagex or DISM if you wish to exclude folders from sysprep and capture?

• wimscript.inf
• wimconf.ini
• sysexclude.inf
• WimScript.ini 

 

EXPLANATION

The Deployment Image Servicing and Management (DISM) tool is a command-line tool that you can use to capture and apply Windows images. You can create a configuration list file to determine the following:

Which files and folders must be excluded from the capture process when you use the /Capture-Image option with the DISM tool.

Which folders, files, and file types must be excluded from the compression process when you use the /Compress argument.

The /ConfigFile argument enables you to customize specific compression, capture, and boundary alignment actions for each file and folder when you capture an image using DISM.exe. You can create a configuration list (.ini) file by using a text editor, such as Notepad.

SOURCE

https://docs.microsoft.com/en-us/windows-hardware/manufacture/desktop/dism-configuration-list-and-wimscriptini-files-winnext

Read More