chapter 13

Question 1

what is access control list (ACL)?

432

Answer 1

An access control list (ACL) is a table that tells a computer, routers and more operating system which access rights each user has to a particular system object, such as a file directory or individual file. Each object has a security attribute that identifies its access control list.

Question 2

the Allowing or blocking network packets into or out of a device or the network based on their application (port number).
433

Answer 2

port filtering

Question 3

encapsulating one protocol within another to ensure a transmission is secure is called what?
it is a special connection made over a network between two computers or network devices.
434

Answer 3

tunneling

Question 4

what are the tunneling protocol that we need to know about?

Answer 4

• virtual private network (VPN)
• Secure Socket Layer, SSL
• Layer 2 Tunneling Protocol (L2TP)
• The Point-to-Point Tunneling Protocol (PPTP)
• Generic Routing Encapsulation (GRE)
• IP sec
• ISAKMP

Question 5

virtual private network (VPN)

Answer 5

a method employing encryption to provide secure access to a remote computer over the Internet.

Question 6

4 categories of VPN, what are they

436

Answer 6

host to host VPNs ( remote access VPNs )
host to host VPNs
Sit to sit VPNs
Extranet VPNs ( B2B)

Question 7

Secure Socket Layer, SSL

436

Answer 7

SSL is a protocol based on RSA, it is used to enable secure the session layer connection over the internet between a web browser and a web server

Question 8

the SSL was merged with other Transport layer security protocol to form a new protocol named what?
436

Answer 8

Transport layer Security TLS

Question 9

what is the latest version of TLS?

436

Answer 9

TLS 2.0

Question 10

Layer 2 Tunneling Protocol (L2TP):

437

Answer 10

Layer 2 Tunneling Protocol (L2TP) is a tunneling protocol used to support virtual private networks (VPNs) or as part of the delivery of services by ISPs. It does not provide any encryption or confidentiality by itself.

Question 11

The Point-to-Point Tunneling Protocol (PPTP)

437

Answer 11

The Point-to-Point Tunneling Protocol (PPTP) is a method for implementing virtual private networks. PPTP uses a control channel over TCP and a GRE tunnel operating to encapsulate PPP packets.

Question 12

What is Generic Routing Encapsulation (GRE)?

438

Answer 12

Generic Routing Encapsulation (GRE) is a tunneling protocol developed by Cisco Systems that can encapsulate a wide variety of network layer protocols inside virtual point-to-point links over an Internet Protocol network.

Question 13

IP sec

439

Answer 13

IP Security, IP sec is a set of protocols developed by the Internet Engineering Task Force to support the secure exchange of packets at the IP layer.

Question 14

in which layer of the OSI model does IPSec work?

439

Answer 14

it work at the net work layer( layer 3), it secures all applications of that layer and the layers above it.

Question 15

IPSec can work with IPv4 and IPV6. T/F

439

Answer 15

True

Question 16

their are 2 protocol working in IPSec, what are they/

439

Answer 16

The authentication header ( AH )

encapsulation security payload ( ESP)

Question 17

AH protocol within IPSec is compatible with network running NAT ( network address Translation). T/F
439

Answer 17

False

Question 18

AH provides Authentication services only. T/F

439

Answer 18

true

Question 19

ESP provides authentication and encryption abilities. T/F

439

Answer 19

true

Question 20

IPSec works in 2 mode what are they?

439

Answer 20

transport mode

tunneling mode

Question 21

transport mode

Answer 21

it create secure tunnel between 2 devices end to end.

, that mean the packet is protected.

Question 22

tunneling mode

Answer 22

it is created between 2 endpoints like; 2 routers or 2 gateway servers, all the traffic going through the tunnel is protected.

Question 23

what is encryption?

440

Answer 23

The process of making data unreadable by other humans or computers for the purpose of preventing others from gaining access to its contents. Encrypted data is generated using an encryption program such as PGP, encryption machine, or a simple encryption key and appears as garbage until it is decrypted. To read or use the data, it must be decrypted, and only those who have the correct password or decryption key can make the data readable again.

Question 24

what is an Encryption Key?

441

Answer 24

An Encryption Key is a random string of characters that is used with the encrypted algorithm to encrypt or decrypt data.

Question 25

the encryption Key is unique to each transaction. T/F

441

Answer 25

True

Question 26

Encryption Key come in 2 flavors what bare they?

441

Answer 26

public and private.

Question 27

3 encryption standard, what are they?

442

Answer 27

DES
3DES
AES

Question 28

Symmetric encryption key is ____

442

Answer 28

• Symmetric encryption is the oldest and best-known technique. A secret key, which can be a number, a word, or just a string of random letters, is applied to the text of a message to change the content in a particular way.
• both the sender and the receiver have the same key and use it to encrypt and decrypt all messages.

Question 29

what can we say about DES, data encryption standard?

442

Answer 29

• uses lookup and functions
• uses 56 bit key
• works much faster then other complex systems.
• it is not exactly secure.

Question 30

what is Triple DES?

442

Answer 30

Triple DES (3DES) is the common name for the Triple Data Encryption Algorithm (TDEA or Triple DEA) symmetric-key block cipher, which applies the Data Encryption Standard (DES) cipher algorithm three times to each data block.

Question 31

how many bits are in the 3DES?

442

Answer 31

56x3 = 168

Question 32

of the 168 bit key of the 3DES how many are effective?

442

Answer 32

80 bits.

Question 33

The Advanced Encryption Standard (AES):

442

Answer 33

The Advanced Encryption Standard (AES), also known as Rijndael (its original name), is a specification for the encryption of electronic data.
AES key lengths is 128,192 or 256 bits.