IP Security Flashcards

1
Q

What are the areas that IP security try to combat?

A

Eavesdropping, Modification of packets in transit, Identity spoofing, Denial of Service.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

Where is IPsec implemented? What is one consequence of this?

A

In the Operating System’s Kernel. This means that it is relatively transparent to the user.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

What are the three parts of IPSec?

A

Authentication Header, Encapsulating Security Protocol, Internet Key Exchange.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

What does the Authentication Header provide in IPSec?

A

Authenticity and Integrity

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

What does ESP provide in IPSec?

A

Encapsulating Security Protocol provides confidentiality.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

What is the consequence of IKE getting compromised?

A

AH and ESP provide no security.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

What is the difference between transport mode and tunnel mode in IPSec?

A

Transport mode delivers from host to host (end to end) and is usually used within the same network. It requires both hosts to use IPSec.
Tunnel mode delivers from gateway to gateway. Internal traffic behind the gateway is not protected, but only the gateways need to support IPSec. Used in VPNs.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

What is a Security Association?

A

In IPSec, the SA is a one-way sender recipient relationship, which determines how a packet from a particular source should be processed (e.g. what algorithms are used, what keys, which mode etc.)
So, when a new packet arrives, the system must check an IPSec database to decide which SA should be used to process this message.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

What is the process of sending an IPSec packet?

A

1) check if it needs to use IPSec on the SPD.
2) If it does, check the database to see which Security Association is needed for this recipient.
3) Use this SA to process the packet, and then send it. If no SA exists, then one needs to be established.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

What is the process of receiving an IPSec packet?

A

1) Check if the packet is IPSec. If it is, look up its SA.
2) If the SA exists, use this to process the packet. Then take away the IP header, and deliver it up the protocol stack.
3) If no SA exists, discard.
4) If the packet was not IPSec, then look it up in the SPD to see whether it should be discarded or allowed through.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

How do we set up a Security Association?

A

Through Internet Key Exchange.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

What is an SPI?

A

Security Parameter Index. It is used to identify which SA should be used in IPSec.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

What is an SPD in IPSec?

A

Security Policy Database. It is where we check whether a particular packet needs to be protected with IPSec or not.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

True or false, IPSec does not send the SPI with the packet?

A

False, we need to send the SPI so that the receiver can locate the Security Association in the Security Association Database.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

True or false, IPSec is not required in IPv6?

A

False, it is mandatory.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly