Module 5 / Unit 5 Configuring Remote Access Flashcards
On completion of this unit, you will be able to: □ Describe the characteristics of WAN services and protocols. □ Configure a remote access VPN server. □ Use secure interfaces and file transfer protocols to manage hosts and network devices remotely.
What distinguishes ATM from Ethernet?
ATM uses fixed size cells compared to Ethernet’s variable size frames
What is the difference between IP and MPLS routing?
IP routing is “best effort” while MPLS allows for constraint-based routing, enabling traffic shaping.
How does PPP work to allow a computer with a dialup modem to connect to the Internet?
The Point-to-Point Protocol (PPP) is a layer 2 protocol. IP packets are encapsulated within PPP frames to be transported to the ISP’s router via the dialup link.
What are the three main topologies for implementing a VPN?
Many Virtual Private Networks (VPN) use a client-to-site topology, where one or more hosts connect to a site (a remote access VPN). Other options include site-to-site and host-to-host topologies
How does TLS improve the security of a VPN connection compared to PPTP?
Transport Layer Security (TLS) uses a digital certificate on the VPN gateway to authenticate the remote host and encrypt the setup of the VPN session, providing better protection for the exchange of user credentials.
What IPsec mode would you use for data confidentiality on a private network?
Transport mode with Encapsulation Security Payload (ESP). Tunnel mode encrypts the IP header information, but this is unnecessary on a private network. Authentication Header only provides authentication and integrity validation, not confidentiality.
What step can you take to prevent unauthorized use of a remote access server?
Define which user accounts have dial-in rights and ensure each user protects their authentication credentials.
What TCP/IP application protocol is associated with TCP port 23?
Telnet.
What are the main uses of SSH?
Typically to provide a secure terminal to a remote Linux or UNIX host (or any other host with an SSH server installed). SSH can also be used as a type of VPN.
What type of attack is RDP Remote Credential Guard designed to protect against?
Pass-the-Hash (PtH) attacks. In PtH, the attacker obtains credentials from an RDP session from the RDP server and tries to re-use them. Credential Guard is designed to prevent the RDP server from storing or processing the password hash.
What is a virtual terminal?
Configuring a management IP address on a switch to connect to its command line interface over the network (rather than via a serial port).
What distinguishes TFTP from FTP?
T(rivial)FTP only supports GET and PUT commands (not directory browsing, file deletion, and so on).
