Use LEFT and RIGHT arrow keys to navigate between flashcards;
Use UP and DOWN arrow keys to flip the card;
H to show hint;
A reads text to speech;
47 Cards in this Set
- Front
- Back
Describe benefits of VPN tech |
|
|
Describe site-to-site and remote access VPNs |
ask |
|
Describe the purpose and benefits of GRE tunnels |
|
|
Configure a site-so-site GRE tunnel |
|
|
Describe the characteristics of IPsec |
|
|
Explain how IPsec is implemented using the IPsec protocol framwork |
|
|
Explain how the Anyconnect client and client SSL remote access VPN implementations support business requirements |
|
|
Compare IPsec and SSL remote access VPNs |
|
|
Why use a VPN? |
used to ensure the security of data across the internet |
|
what do VPN's create |
private tunnel over public network |
|
to implement a VPN, what is necessary? |
a VPN gateway such as a... router firewall or ASA |
|
what do VPN's do? |
they create an end-to-end private network connection over third party networks, such as the internet or extranets |
|
benefits of VPN's |
COST SAVINGS COMPATIBILITY WITH BROADBAND TECH SECURITY |
|
where do vpn's start and begin? |
the end outer of the source and destination |
|
what does VPN Client software do? |
Encapsulates and encrypts traffic and sends over the internet to the VPN gateway at the edge of the target network |
|
Whenever you use a tunneling protocol it adds what to the packet? |
a header |
|
what is in the GRE header |
|
|
Characteristic of GRE |
Defined as a IETF standard |
|
what ip protocol is used to identify GRE? |
protocol 47 |
|
What layer dies GRE encapsulate at? |
layer 3 (network layer) |
|
GRE by itself is...? |
stateless and contains no flow-control mechanisms by defualt |
|
GRE provides strong security mechanism to protect the payload? |
False, it contains none |
|
How many bytes of additional overhead is added to packets tunneled by GRE |
24 bytes |
|
what command shows you if the tunnel is up? |
show ip interface brief | include tunnel |
|
what command shows tunnel in depth? |
show interface tunnel # |
|
command to verify OSPF adjacency |
show ip ospf neighbor |
|
What layer does IPsec Function? |
layer 3 (networking layer) |
|
what is IPsec |
a framework of open standards that is algorithm independent |
|
specific IPsec Security Servicies |
Confidentiality |
|
2 main types of encryption |
Symmetric and Asymmetric Encryption |
|
what is the diffie-helman key exchange? |
not an encryption, just a way to securely exchange keys that do the encryption |
|
why kind of keys/encryption needs to be used to use diffie-hellman key exchange? |
symmetric encryption |
|
what is HMAC? |
a mechanism for message authentication using hash functions |
|
what are the 2 common HMAC algorithms? |
MD5 and SHA |
|
how many bits does MD5 use? |
128-bit shared secret key |
|
how many bits does SHA-1 |
160-bit secret key |
|
what are the 2 common peer authentication methods? |
PSK and RSA |
|
how do you use PSK |
physically input it into the router |
|
how do you use RSA |
you can forward it digitally with messages |
|
2 IP sec protocol frameworks |
AH and ESP |
|
AH provides... |
Authentication and Integrity |
|
ESP provides... |
Encryption, authentication, and integrity |
|
You can only use one of these frameworks? T/F |
False, you can implement both |
|
does AH provide enough encryption by itself? |
False, it is almost always used in conjunction with ESP |
|
What IPsec protocol maintains integrity |
MD5 or SHA |
|
what IPsec protocol maintains authentication? |
PSK or RSA |
|
types of remote access VPN's |
SSL and IPsec |