Why tunnels are dynamically negotiated with IKEv1/IKEv2. What are the two data structures used to build a tunnel by IPSec?. What is a security association?. What is a security parameters index?. Which port is used to form a security association with ISAKMP?. Which port is used to form a security association with ISAKMP if there is a NAT device?. What are the IPSec tunnel negotiation phases?. What are the main phase 1 negotiation parameters included in the isakmp policy?. Mention encryption algorithms. Mention the hash algorithms. What are the two main IKEv1 proposal modes?. How is the IKEv1 phase 1 negotiation work flow? Initiator sends its isakmp policy Receiver sends which isakmp policy they can used Initiator sends a hash of its preshare key Receiver ends a hash of its preshare key Initiator will tell receiver if hash matches Receiver checks if previous hash sent by initiator matches its hash. What are the two encapsulation protocols for IPSec?. What are the two IPSec encapsulation modes?. What is also know as proxy identities?. Which ip protocol number is AH?. Which ip protocol number is ESP?. Why is a good option enabling PFS?. Which encapsulation protocols for IPSec we can not use when there NAT in between?. Is NAT-T automatically negotiated?. What does ESP stand for?. What does AH stand for?. What does IKE stand for?. What does ISAKMP stand for?. What does HMAC stand for?. What does SPI stand for?.