• Shuffle
    Toggle On
    Toggle Off
  • Alphabetize
    Toggle On
    Toggle Off
  • Front First
    Toggle On
    Toggle Off
  • Both Sides
    Toggle On
    Toggle Off
  • Read
    Toggle On
    Toggle Off
Reading...
Front

Card Range To Study

through

image

Play button

image

Play button

image

Progress

1/12

Click to flip

Use LEFT and RIGHT arrow keys to navigate between flashcards;

Use UP and DOWN arrow keys to flip the card;

H to show hint;

A reads text to speech;

12 Cards in this Set

  • Front
  • Back
What Is IPsec?
IPsec is essentially a way to provide security for data sent between two computers on an IP network.
IPsec protects data between two IP addresses by providing the following services:
Data authentication
Data origin authentication
Data integrity
Anti-replay protection
Encryption
Does every IPsec Policy rule have an IP flter list?
Yes, even if the list has only one IP flter.
n terms of its function within an IPsec Policy, what does a flter action do?
A flter action determines whether the traffc captured by an IP flter in a given
policy rule is permitted, blocked, encrypted, or authenticated.
Authentication Header (AH)
AH provides data origin authentication, data integrity, and anti-replay protection for the entire IP packet.
Encapsulating Security Payload (ESP)
ESP provides data encryption, data origin authentication, data integrity, and anti-replay protection for the ESP payload.
IKE performs a two-phase negotiation
Phase 1 negotiation is known as main mode negotiation, and Phase 2 is known as quick mode negotiation.
tunnel mode
With tunnel mode, an entire IP packet is protected and then encapsulated with an additional, unprotected IP header.
Authentication Methods for IPsec
kerberos (Active Directory)
Certifcates
Preshared key
Assigning a Predefned IPsec Policy
Client (Respond Only)
server (Request security)
secure server (Require security)
Isolation rule
This is a general rule used to authenticate all traffc for select network profles (network location types)
Authentication Exemption rule
You can use this rule type to exempt specifc computers or a group or range of IP addresses (computers) from being required to authenticate themselves, regardless of other Connection Security Rules.