CHAPTER 14: Remote Access

Question 1

Information transmitted in a continuously variable form. Phone systems are an example of an information system that uses analog data.

Answer 1

analog

Question 2

Routines used by servers to establish the identity of a remote client attempting to connect and communicate with the server.

Answer 2

authentication protocols

Question 3

Technology that allows user data from the corporate data center to be buffered on branch servers or workstations for local client use. Local clients can access cached data instead of retieving it over the WAN again.

Answer 3

BranchCache

Question 4

Digital information that describes the identity of a user or computer. A user or computer can inspect the certifi cate and decide if its validity can be trusted. Certifi cates are issued by special servers called Certifi cation Authorities (CA). If a user or computer trusts a CA, then they typically trust the certifi cates issued by the CA.

Answer 4

certifi cate

Question 5

A more secure authentication protocol than PAP. CHAP is used to periodically identify the client identity without sending the actual password over the client and server data stream. CHAP passwords are simple by design and do not support strong security methods. This presents a security risk and therefore this authentication protocol is discouraged unless the risk from communication eavesdropping is considered low.

Answer 5

Challenge-Handshake Authentication Protocol (CHAP)

Question 6

A replacement for VPN access to corporate intranet data sources and applications utilizing bidirectional IPv6 communication with a specialized DirectAccess server. Workstations and users connect separately, allowing corporate IT administrators to manage both.

Answer 6

DirectAccess

Question 7

A modular standard for defi ning authentication protocols that can be used to validate a computer or user. A product developer can introduce a custom authentication protocol for their product if it is not already included with Windows 7. EAP is available as an authentication standard with dial-up, VPN, and wireless connections.

Answer 7

Extensible Authentication Protocol (EAP)

Question 8

A geographic area where a Wi-Fi wireless signal from a Wireless Access Point is available to wireless networking clients to enable network and/or Internet access.

Answer 8

hotspot

Question 9

An application protocol commonly used to transfer TCP data in a secured session between a client and server. Because this is a common protocol used with Web servers, many fi rewalls allow this protocol to pass without blocking it.

Answer 9

HyperText Transport Protocol Secure (HTTPS)

Question 10

A protocol designed to work together with IKEv2 to allow a host involved in a secure IKEv2 initiated SA to change its IP address, switch to a different network interface, or recover from a network outage.

Answer 10

IKEv2 Mobility and Multihoming Protocol (MOBIKE)

Question 11

A direct, digital dial-up connection to a PSTN that operates at 64 KB per channel over regular twisted-pair cable between a subscriber and the PSTN offi ce.

Answer 11

Integrated Service Digital Network (ISDN)

Question 12

An authentication protocol that identifi es the identity of both the client and server to each other. Once the identity of both sides is established, one or more IPSec based SAs are established between them for data transfer. IKEv2 is considered a strong authentication protocol.

Answer 12

Internet Key Exchange version 2 (IKEv2)

Question 13

A protocol that allows a secure IP tunnel to be established with a secure HTTP connection for the purpose of transporting IPv6 packets. A IP-HTTPS client must initiate a connection to a confi gured IP-HTTPS server. The connection between client and server is not likely to be stopped by a fi rewall because the HTTPS protocol is not commonly blocked.

Answer 13

IP-HTTPS

Question 14

A protocol that is used to secure and authenticate IP connections.

Answer 14

IPSec

Question 15

A protocol used to carry PPP packets through IP networks.

Answer 15

Layer 2 Tunneling Protocol (L2TP)

Question 16

See IKEv2 Mobility and Multihoming Protocol.

Answer 16

MOBIKE

Question 17

A Microsoft version of the Challenge-Handshake Authentication Protocol (CHAP). MS-CHAP-v1 adds features to change the password during a session, as well as limit authentication retries, between a client and server. MS-CHAP-v2 added the ability for both sides to confi rm each other?s identity instead of just the server confi rming the client?s identity.

Answer 17

MS-CHAP-v1&2

Question 18

A simple authentication method that establishes the identity of a remote client with the authentication password sent in the data stream between the client and server. This presents a security risk and therefore this authentication protocol is discouraged unless the risk from communication eavesdropping is considered low.

Answer 18

Password Authentication Protocol (PAP)

Question 19

See Public Switched Telephone Network (PSTN).

Answer 19

Plain Old Telephone System (POTS)

Question 20

A network-layer transport protocol that manages connectivity over serial or modem lines. PPP can negotiate any transport protocol used by both systems involved in the link and can automatically assign TCP/IP settings.

Answer 20

Point-to-Point Protocol (PPP)

Question 21

A protocol used to carry PPP packets through IP networks.

Answer 21

Point-to-Point Tunneling Protocol (PPTP)

Question 22

An enhancement of EAP that encrypts the entire EAP process. This protects all EAP communication before authentication is performed.

Answer 22

Protected Extensible Authentication Protocol (PEAP)

Question 23

Provides a connection to subscribers for dial-up devices such as analog or ISDN modems. Originally developed to connect telephones and allow people to make analog phone calls.

Answer 23

Public Switched Telephone Network (PSTN)

Question 24

A system where clients are able to remotely connect to a network and access resources as though the remote client is connected directly to the network.

Answer 24

remote access

Question 25

A system where clients are able to remotely connect to a server to run applications and access data. Applications and fi les are accessed at the server and only screen drawing commands are sent back to the client.

Answer 25

remote control

Question 26

A protocol used to carry remote control data between the remote control client and the remotely controlled computer.

Answer 26

Remote Desktop Protocol (RDP)

Question 27

Terminal Services has been rebranded as Remote Desktop Services in Windows Server 2008 R2

Answer 27

Remote Desktop (RD)

Question 28

A service installed and confi gured on Windows Server 2003 to allow remote clients and networks to connect to network services local to the server. The Routing and Remote Access service must be confi gured to support VPN connections, dialup connections, and routed IP traffi c from routers.

Answer 28

Routing and Remote Access (RRAS)

Question 29

A protocol that allows secure communication between a VPN client and server using the SSL based encryption methods of HTTPS. The connection between client and server is not likely to be stopped by a fi rewall because the HTTPS protocol is not commonly blocked.

Answer 29

Secure Socket Tunneling Protocol (SSTP)

Question 30

A connection established between two computers for the purpose of securely exchanging data. The connection is only allowed if both sides of the connection know how to fi nd each other on the network, agree on how to authenticate their identities, and agree on how to encrypt and decrypt the data sent between them. Any aspect of the SA connection may be renegotiated periodically to ensure that the other side of the connection is still a valid communication partner.

Answer 30

Security Association (SA)

Question 31

An implementation of the IP protocol over serial lines. SLIP has been made obsolete by PPP.

Answer 31

Serial Line IP (SLIP)

Question 32

A small physical card that contains a processor and memory. The processor is capable of interacting with a computer in which the card is plugged. The most common use of a smart card is to store and validate personal security credentials for a computer or user. The smart card can be physically removed and stored in a small space, such as a wallet.

Answer 32

smart card

Question 33

A service that can be installed on a computer running a server-based operating system. Depending on licensing limits, multiple users can connect to the Terminal Server and run applications on the Terminal Server using only a remote control client. Each remote user is unaware that other users are also remote controlling applications on the Terminal Server.

Answer 33

Terminal Services (TS)

Question 34

A remote access technology that creates an encrypted tunnel for communication between the VPN client and a remote access server. VPN connections are commonly used over the Internet to secure communication when accessing offi ce data from home.

Answer 34

virtual private network (VPN)

Question 35

A geographically dispersed network connected by routers and communication links. The Internet is the largest WAN.

Answer 35

Wide Area Network (WAN)

Question 36

A networking technology standard that defi nes packet switching networks used for WAN connectivity.

Answer 36

X.25