Chapter_7 part 1 Flashcards
what is a GRE?
GRE= Generic Routing Encapsulation:
cisco tunneling protocol, encapsulates a wide variety of network protocols into an ip tunnel.
what is the point of GRE?
GRE= Generic Routing Encapsulation : creates a virtual point to point link to cisco routers at remote points over ip networks. encapsulates network layer protocol packets inside IP tunnels.
ASA?
ASA= Adaptive Security Appliance
what is an ASA used for?
ASA= Adaptive Security Appliance:
is a firewall that combines firewall, VPN concentration and intrusion prevention into one software image.
how does a site to site connection work? what is it?
a VPN connection between 2 or more sites over the internet. each site has a vpn terminating device (VPN gateway) on the edge of the network. the internal hosts do not know about the vpn connection and use regular TCP/IP communication.
what are: Remote Access VPN’s?
a VPN used by a telecommuter to connect to a corp. network. the user needs vpn software and the corp. network needs a VPN gateway at its edge of the network.
GRE header contains?
24 bytes additional- used for tunneling overhead, stateless= no flow control mechanisms, has flag field for optional header fields , protocol type indicator.
what are the GRE steps to configure a tunnel?
1- admin needs ip’s of endpoints
2- create a tunnel interface using correct command
3- specify the tunnel source ip address
4- specify the tunnel destination (physical ip address of destination router)
5- configure ip address for the tunnel interface (this is the network for the tunnel with subnet mask.)
what does IPsec provide? what 3 standards/services?
Data confidentiality, integrity and authentication.
what layer of the tcp/ip model does IPsec work on?
layer 3 (packets)
IKE?
IKE: internet Key exchange- used by ipsec to authenticate users/ devices.
PSK?
PSK: Preshared Key- used by internet key exchange authentication for ipsec for the authentication process.
CIA?
CIA: Confidentiality, Integrity and Authentication
anti-replay protection?
ipsec: detects and rejects replayed (duplicated packets) to protect against spoofing.
EFT
EFT: electronic Funds Transfer
what is AES used for?
AES: is encryption that is 256 bits long used in ipsec.
what are the 2 types of encryption standards used in ipsec today?
AES (256 bits) and RSA: 2048 bits.
Symmetric Encryption?
each user of encryption (sender and receiver) knows the key before-hand. pre-shared key.
encryption types that use symetric keys? (3 types)
DES, 3DES and AES
What is Asymmetric Encryption?
diff. keys for encryption and decryption. private key to decrypt and public to encrypt. (RSA)
what type of encryption uses Asynmetric Encryption?
RSA
DH?
DH= Diffie Hellman- method used to securely exchange keys for data encryption
what is DH used for?
DH: diffie Hellman- specifies public key excahnge method so that when private/ public keys are shared over a public line, only the intended recipients can see/ read the data.
HMAC?
hash based message authentication code
