Study your flashcards anywhere!

Download the official Cram app for free >

  • Shuffle
    Toggle On
    Toggle Off
  • Alphabetize
    Toggle On
    Toggle Off
  • Front First
    Toggle On
    Toggle Off
  • Both Sides
    Toggle On
    Toggle Off
  • Read
    Toggle On
    Toggle Off

How to study your flashcards.

Right/Left arrow keys: Navigate between flashcards.right arrow keyleft arrow key

Up/Down arrow keys: Flip the card between the front and back.down keyup key

H key: Show hint (3rd side).h key

A key: Read text to speech.a key


Play button


Play button




Click to flip

16 Cards in this Set

  • Front
  • Back
The two features of IPSec
authentication and encryption.

Can be used together or separately.
IPSec authentication does what to your data?
protects against tampering by digitally signing contents of packet (AH)
IPSec encryption does what to your data?
obscures payload contents using ESP
How does a host know what its IPSec settings are?
On startup the IPSec Policy Agent connects to an AD server, fetches the IPSec policy and passes it to the IPSec code.
IPSec used to authenticate/encrypt between two machines so that traffic protected before it leaves machine 1 and secure until machine 2 receives and decrypts - which mode
end to end or transport mode
IPSec authentication/encryption used to secure traffic on someone else's wires
tunnel mode
IPSec authentication methods (used in initial phase to build SA)


Pre-shared keys
Win2K default use of IPSec
There is no policy by default, therefore no use.
How to force an IPSec policy update on a client
Restart the Policy Agent service.

Default interval for checking for updates is 180 mins
Default interval for Key regeneration
8 hours
Network monitor application is installed on
Win 2K Server or Advanced Server
Network Monitor driver installed on
any Win 2K machine
What does the network monitor driver do when installed on a Win 2K machine
put the NIC into promiscuous mode
Win 2K network monitor

supported clients

traffic captured
clients - win 2K only

traffic - to and from server on which installed
SMS network monitor

supported clients

traffic captured
WinNT, 95, 98 clients

traffic anywhere on network
If more than one segement, router must pass multicast packets, otherwise you'll only be able to see local stuff.
What does 'Identify Network Monitor Users' do
scans network for other NICs in promiscuous mode.