Cisco Certified Network Associate (CCNA) Practice Exam

Disable ads (and more) with a membership for a one time $2.99 payment

Prepare for the Cisco Certified Network Associate (CCNA) Practice Exam. Test your knowledge with our interactive quizzes featuring multiple choice questions, hints, and explanations. Equip yourself for success!

Each practice test/flash card set has 50 randomly selected questions from a bank of over 500. You'll get a new set of questions each time!

Practice this question and more.

Which of the following are modes of IPsec for VPNs?

Tunnel mode and Stunnel mode
Transport mode and Alignment mode
Tunnel mode and Transport mode
End-to-end mode and Site-to-site mode

The correct answer is: Tunnel mode and Transport mode

In the context of IPsec for VPNs, the two main modes are Tunnel mode and Transport mode. Tunnel mode is used for site-to-site VPNs where the entire original IP packet is encapsulated within a new IP packet. This mode is advantageous for creating secure connections between different networks over the internet, as it allows for the transmission of IP packets securely and can even be used to connect two different types of networks. Transport mode, on the other hand, only encrypts the payload and not the original IP headers. This mode is typically used for end-to-end communications, meaning that both ends of the communication are secured while the data is being transmitted. Since only the data portion is encrypted, this mode is generally considered faster than tunnel mode, as it involves less overhead. The other options present modes that do not exist in the context of IPsec, such as Stunnel mode and Alignment mode—none of which are recognized IPsec modes. End-to-end and Site-to-site are more about the types of VPN configurations rather than modes specifically defined within IPsec. Understanding these modes is essential for implementing effective VPN solutions and ensuring secure data transport over potentially insecure networks.