chapter 13 Flashcards
what is access control list (ACL)?
432
An access control list (ACL) is a table that tells a computer, routers and more operating system which access rights each user has to a particular system object, such as a file directory or individual file. Each object has a security attribute that identifies its access control list.
the Allowing or blocking network packets into or out of a device or the network based on their application (port number).
433
port filtering
encapsulating one protocol within another to ensure a transmission is secure is called what?
it is a special connection made over a network between two computers or network devices.
434
tunneling
what are the tunneling protocol that we need to know about?
- virtual private network (VPN)
- Secure Socket Layer, SSL
- Layer 2 Tunneling Protocol (L2TP)
- The Point-to-Point Tunneling Protocol (PPTP)
- Generic Routing Encapsulation (GRE)
- IP sec
- ISAKMP
virtual private network (VPN)
a method employing encryption to provide secure access to a remote computer over the Internet.
4 categories of VPN, what are they
436
host to host VPNs ( remote access VPNs )
host to host VPNs
Sit to sit VPNs
Extranet VPNs ( B2B)
Secure Socket Layer, SSL
436
SSL is a protocol based on RSA, it is used to enable secure the session layer connection over the internet between a web browser and a web server
the SSL was merged with other Transport layer security protocol to form a new protocol named what?
436
Transport layer Security TLS
what is the latest version of TLS?
436
TLS 2.0
Layer 2 Tunneling Protocol (L2TP):
437
Layer 2 Tunneling Protocol (L2TP) is a tunneling protocol used to support virtual private networks (VPNs) or as part of the delivery of services by ISPs. It does not provide any encryption or confidentiality by itself.
The Point-to-Point Tunneling Protocol (PPTP)
437
The Point-to-Point Tunneling Protocol (PPTP) is a method for implementing virtual private networks. PPTP uses a control channel over TCP and a GRE tunnel operating to encapsulate PPP packets.
What is Generic Routing Encapsulation (GRE)?
438
Generic Routing Encapsulation (GRE) is a tunneling protocol developed by Cisco Systems that can encapsulate a wide variety of network layer protocols inside virtual point-to-point links over an Internet Protocol network.
IP sec
439
IP Security, IP sec is a set of protocols developed by the Internet Engineering Task Force to support the secure exchange of packets at the IP layer.
in which layer of the OSI model does IPSec work?
439
it work at the net work layer( layer 3), it secures all applications of that layer and the layers above it.
IPSec can work with IPv4 and IPV6. T/F
439
True
their are 2 protocol working in IPSec, what are they/
439
The authentication header ( AH )
encapsulation security payload ( ESP)
AH protocol within IPSec is compatible with network running NAT ( network address Translation). T/F
439
False
AH provides Authentication services only. T/F
439
true
ESP provides authentication and encryption abilities. T/F
439
true
IPSec works in 2 mode what are they?
439
transport mode
tunneling mode
transport mode
it create secure tunnel between 2 devices end to end.
, that mean the packet is protected.
tunneling mode
it is created between 2 endpoints like; 2 routers or 2 gateway servers, all the traffic going through the tunnel is protected.
what is encryption?
440
The process of making data unreadable by other humans or computers for the purpose of preventing others from gaining access to its contents. Encrypted data is generated using an encryption program such as PGP, encryption machine, or a simple encryption key and appears as garbage until it is decrypted. To read or use the data, it must be decrypted, and only those who have the correct password or decryption key can make the data readable again.
what is an Encryption Key?
441
An Encryption Key is a random string of characters that is used with the encrypted algorithm to encrypt or decrypt data.
the encryption Key is unique to each transaction. T/F
441
True
Encryption Key come in 2 flavors what bare they?
441
public and private.
3 encryption standard, what are they?
442
DES
3DES
AES
Symmetric encryption key is ____
442
- Symmetric encryption is the oldest and best-known technique. A secret key, which can be a number, a word, or just a string of random letters, is applied to the text of a message to change the content in a particular way.
- both the sender and the receiver have the same key and use it to encrypt and decrypt all messages.
what can we say about DES, data encryption standard?
442
- uses lookup and functions
- uses 56 bit key
- works much faster then other complex systems.
- it is not exactly secure.
what is Triple DES?
442
Triple DES (3DES) is the common name for the Triple Data Encryption Algorithm (TDEA or Triple DEA) symmetric-key block cipher, which applies the Data Encryption Standard (DES) cipher algorithm three times to each data block.
how many bits are in the 3DES?
442
56x3 = 168
of the 168 bit key of the 3DES how many are effective?
442
80 bits.
The Advanced Encryption Standard (AES):
442
The Advanced Encryption Standard (AES), also known as Rijndael (its original name), is a specification for the encryption of electronic data.
AES key lengths is 128,192 or 256 bits.
