12.6 VPNs Flashcards

1
Q

What are the two primary categories of VPNs?

A

Site-to-site and client-to-site

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

IPSec

A

IP Security

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

GRE

A

Generic routing encapsulation

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

L2TP

A

Layer 2 Transport Protocol, A VPN protocol that lacks security features, such as encryption and operates at Layer 2.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

L2F

A

Layer 2 forwarding, A VPN protocol designed with the intent of providing a tunneling protocol for PPP.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

IPSec VPNs offers what type of protection?

A

Confidentiality, integrity, and authentication.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

IPSec operates at what layer?

A

3

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

IKE +

A

Internet Key Exchange. IPSec can provide encryption between authenticated peers using encryption keys, which are periodically changed. IKE, however, allows an administrator to manually configure keys.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

What are the three modes of operation that IKE can use?

A

Main mode (involves three exchanges of info), aggressive mode, quick mode.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

PFS +

A

Perfect forward secrecy, makes sure that a session key remains secure.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

ISAKMP

A

Internet security association and key management protocol

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

SA

A

Security association

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

IPSec relies on either the _____ protocol (IP protocol number 51) or the _____ protocol (IP protocol number 50)

A

Authentication Header AH, Encapsulating Security Payload ESP

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

What is the main distinction between AH and ESP?

A

ESP encrypts the original packet, while AH does not offer encryption

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

What does the GRE tunneling Protocol do?

A

The original IP packet is encapsulated inside of a GRE tunnel packet, which adds a new GRE tunnel header. The GRE packet is then sent over an IPSec tunnel. Even if the IPSec tunnel were running in transport mode, the original packet’s IP header would still not be visible. Instead, the GRE packet’s header would be visible.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

Ah and ESP operate in one of two modes:

A

Transport or tunnel mode

17
Q

SSL +

A

Secure socket layer provides cryptography and reliability for upper layers (Layers 5–7) of the OSI model.

18
Q

PPTP

A

Point-to-Point Tunneling Protocol (PPTP) is an older VPN protocol (which supported the dial-up networking feature in older versions of Microsoft Windows)

19
Q

TLS +

A

Transport Layer Security (TLS) has largely replaced SSL as the VPN protocol of choice for providing cryptography and reliability to upper layers of the OSI model.