Study your flashcards anywhere!

Download the official Cram app for free >

  • Shuffle
    Toggle On
    Toggle Off
  • Alphabetize
    Toggle On
    Toggle Off
  • Front First
    Toggle On
    Toggle Off
  • Both Sides
    Toggle On
    Toggle Off
  • Read
    Toggle On
    Toggle Off
Reading...
Front

How to study your flashcards.

Right/Left arrow keys: Navigate between flashcards.right arrow keyleft arrow key

Up/Down arrow keys: Flip the card between the front and back.down keyup key

H key: Show hint (3rd side).h key

A key: Read text to speech.a key

image

Play button

image

Play button

image

Progress

1/41

Click to flip

41 Cards in this Set

  • Front
  • Back
You control IPSec by using a policy configuration that you manage in _ _ _ _
IP Security Policy Managemen
To configure IPSec policies for computers, you must have the appropriate administrator rights to _ _ or be a member of the local system's _ group.
Group Policy
Administrators
Managing IPSec Policies:
Manage only the computer on which the console is running, Click _ _
Local Computer.
Manage IPSec policies for any domain members Click _ _ _ for this computer's _ .
Manage domain policy for this computer's domain
Manage IPSec policies for a domain of which the computer that is running this console is not a member Click _ _ policy for _ _.
Manage domain
another domain
Using Predefined IPSec Policies
Client (Respond Only)
This policy is for computers that _ _ _secure communications
enables _ with computers requesting _
do not require
negotiation
IPSec
Using Predefined IPSec Policies
Server (Request Security)

-This policy is for computers that require secure communications _ _ _ _
-enables the computer to accept _ _, but always attempts to _ _ _ by requesting security from the original sender.
- This policy allows the entire communication to be _ if the other computer is _ _ for IPSec.
most of the time
unsecured traffic
secure additional communications
unsecured
not enabled
Using Predefined IPSec Policies
Secure Server (Require Security)
This policy is for computers that _ require _ communications.
- This policy _ _ incoming communications, and outgoing traffic is _ _.
always
secure
rejects unsecured
always secured
The transport mode _ and _ data flowing between any two computers running Windows 2000
authenticates
encrypts
_ _ is the default IPSec mode.
Transport mode
The transport mode provides _ for the network and can potentially support a secure connection with _ _ _ _ computer
security
more than one other
_ mode is used to create secure communications for remote networks.
Tunnel
The advantage of tunnel mode is that data is _between the two tunnel ends, regardless of the _.
secure
destination
When you configure IPSec for tunnel mode, _ communications between networks are _, without requiring you to _ _on each computer.
all
secure
configure IPSec
Tunnel mode for IPSec _ and _ data flowing within an IP tunnel that is created between two _
authenticates
encrypts
routers
Windows 2000 requires _ _ _ to implement tunnel mode for IPSec.
Routing and Remote Access
Windows 2000 supports _ tunnel mode connections, but only _ _ at a time. Each tunnel connection requires a _ rule.
multiple
one tunnel
separate
You can create_ IPSec policies to select which _ require _ and the security _ that are used for encryption
customized
computers
encryption
methods
IPSec policies use _ to govern how and when a policy is invoked
rules
A rule provides the ability to initiate and control secure actions based on the _ , destination, and _ of IP traffic.
source
type
Each IPSec policy may contain _ rules.
multiple
Components of a Rule:

Tunnel _
_ Type
_ Method
IP _ List
_ Action
Endpoint
Network
Authentication
Filter
Filter
Encryption types:
SHA - FIPS accepted for U.S. _ _. This high-security method uses a _ bit key.
government contracts
160
Encryption types:
MD5 - Most widely used method for _ _. This high-security method uses a single _ bit key and has a _ performance overhead.
commercial applications
128-bit
lower
56-bit DES - Method used for most _ applications and _ business traffic, such as e-mail. This low-security method uses a single _ bit key.
exported
low-security
56-bit
40-bit DES Method supported for application exports to _. This low-security method uses a single _-bit key. The _-bit Data Encryption Standard (DES) is not _ compliant.
France
40-bit
40
RFC
3DES _ _ method. Uses _ _-bit keys. 3DES processes each block three times, using a unique key each time. This high-security method increases processor utilization by a factor of about 2.5 compared with other DES encryption.
Most secure
3
56
Before secured data can be exchanged, a _ _ between the two computers must be established
security association (SA)
In an SA, both computers _ how to exchange and protect information.
negotiate
The initiating computer sends an _ _of potential security _to the responding _.
offer list
levels
peers
The responder either _ _ _ accepting the offer, or discards the offer and sends back a message indicating that _ _was chosen.
sends a reply
no offer
If the active policies allow _ communications with non-IPSec-capable computers, a _ _ is established.
unsecured
soft SA
If active policies are compatible, a _, or _ _is established.
secured
hard, SA
IPSec at the _ _level provides protection for server applications and services, without _ those server applications and services that use IP for transport of data.
IP transport
modifying
By default, the Secure Server policy is _
disabled
IPsec is a security service that gives administrators the ability to apply various security methods to the _ data packet regardless of which program generates the data.
IP
Your organization operates on an IP-based network. You want to provide secure end-to-end security for your intranet by securing all IP-based traffic to and from your Windows 2000-based application servers. Which policy should you assign to your application servers?
Secure Server (Require Security).
IPSec at the _ _level provides protection for server applications and services, without _ those server applications and services that use IP for transport of data.
IP transport
modifying
By default, the Secure Server policy is _
disabled
IPsec is a security service that gives administrators the ability to apply various security methods to the _ data packet regardless of which program generates the data.
IP
Your organization operates on an IP-based network. You want to provide secure end-to-end security for your intranet by securing all IP-based traffic to and from your Windows 2000-based application servers. Which policy should you assign to your application servers?
Secure Server (Require Security).