IPsec Cheat Sheet Flashcards

1
Q

What is ISAKMP protocol for IPsec?

A

A framework for the negotiation and management of security associations between peers

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

What is IKE protocol for IPsec? (Internet Key Exchange)

A

A method for exchanging keys for encryption and authentication over an unsecured medium, such as the Internet. Using asymmetric cryptography

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

What is ESP for IPsec? (Encapsulation Security Payload)

A

Provides data encryption, data integrity, and peer authentication. IP protocol 50

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

What is AH for IPsec? (Authentication Header)

A

Provides data integrity and peer authentication ,but not data encryption. IP protocol 51

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

What are the two IPsec modes and the differences? Which is the default

A

Transport mode: The ESP and AH header is inserted behind the IP header; the IP header can be authenticated but not encrypted

Tunnel mode: A new IP header is created in place of the original; this allows for the encryption of the entire original packet (the default)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

What are the two IKE phases for IPsec? Also, what are the other ways you can name those phases

A

IKE phase 1 tunnel -or- ISAKMP tunnel:
A bidirectional ISAKMP SA (Security Association) is established between peers to provide a secure management channel (IKE in main or aggressive mode)

IKE phase 2 tunnel -or- IPsec tunnel:
Two unidirectional IPsec SAs are established for data transfer using separate keys (IKE quick mode)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly