Module G7: Network Tunneling (PE)

Question 1

What is a protocol suite that authenticates and encrypts packets of data to provide secure encrypted communication between two computers over an Internet Protocol Network?

IPsec

CPsec

IPv4Sec

None of the above

Answer 1

IPsec

Question 2

IPsec was originally developed to cover for IPv4 coming out, enhancing their end to end security via securing applications at which layer in the OSI model?

Layer 1
Layer 2
Layer 3
Layer 4

Answer 2

Layer 3

Question 3

What does IPsec allow for the capability to do?

Establish a mutual authentication between agents at the beginning of a session

Negotiation of cryptographic keys to use during the session

Protect data flows between a pair of hosts, a pair of networks, or between a gateway and a host

Use cryptographic security services to protect communications over IP networks

All of the Above.

Answer 3

All of the Above

Question 4

Which main protocol provides trusted identification and proof that data was not changed, but does not provide encryption or privacy?

Answer 4

Authentication header

Question 5

Which main protocol provides source integrity through source authentication, data integrity through hash functions, and confidentiality through encryption protection for IP packets?

Answer 5

ESP

Encapsulated Security Payload

Question 6

Which main protocol is used to negotiate the connection using configurations and preferences at each end of the connection to establish the security protocols to be used?

Answer 6

Internet Key Exchange

Question 7

Which version of IKE uses Diffie-Hellman public key exchange over the course of 3 or 6 messages?

Answer 7

IKEv1

Question 8

Which version of IKE uses four messages, with built-in NAT functionality and supports Asymmetric authentication?

Answer 8

IKEv2

Question 9

Generic Routing Encapsulation (GRE) is a tunneling protcol developed by who?

Answer 9

Cisco

Question 10

When encapsulation, GRE uses a process ID (PID) of ___ in the added header?

Answer 10

47

Question 11

GRE can encapsulate a wide variety of network layer protocols inside either virtual _________ links or Point-to-Multipoint links over the IP Network?

Answer 11

Point-to-Point

Question 12

What provides a secure channel over an unsecured network by using a client–server architecture?

Answer 12

ssh

Question 13

SSH is typically used in _____ systems, but can be used on Windows as well.

Answer 13

UNIX-like

Question 14

This type of SSH authentication, known as ____ generated, is where users/programs are allowed to log in without needing to specify a password.

Answer 14

manually

Question 15

This type of SSH authentication, known as ____ generated, is where each user will use a password to log on.

Answer 15

automatically

Question 16

SSH can be used for logging into a remote machine, tunneling, forwarding TCP ports, ___ connections, or transferring files.

Answer 16

X11

Question 17

SSL builds the tunnel, encrypts the information, AND ____ the data along the network.

Answer 17

routes

Question 18

A major weakness of SSL is that when you are capturing network packets, it shows the ____ of encryption/ciphers that the communication is using.

Answer 18

methods

Question 19

____ is the successor to Secure Sockets Layer (SSL) as a cryptographic protocol that provides secure communications over networks.

Answer 19

TLS

Question 20

TLS is widely used in email, Instant Messaging, VoIP, and most notably in ____.

Answer 20

https

Question 21

Encryption for TLS is performed at the ____ _____ _____.

Answer 21

TCP Socket Layer

Question 22

______ is the most basic version of TLS and has many vulnerabilities.

Answer 22

TLSv1.0

Question 23

______, like 1.0, holds more security issues than later versions, and while it is very common, should not be used.

Answer 23

TLSv1.1

Question 24

______ is the most secure version of TLS today, offering the least vulnerability surface compared to the rest.

Answer 24

TLSv1.2

Question 25

______ was released to make IoT devices compatible with secure communication, sacrificing some security for more speed.

Answer 25

TLSv1.3

Question 26

Prior to HTTP Tunneling, people used HTTP _____.

Answer 26

proxying

Question 27

HTTP Proxying, much like the protocol, is _____, which is rarely useful.

Answer 27

unencrypted

Question 28

Because of unencryption, for reliable securtity, _______ Encryption is needed to protect your data from the proxy.

Answer 28

end-to-end

Question 29

_____ _____is the more encrypted version of HTTP Proxying.

Answer 29

HTTP Tunneling

Question 30

_____ _____is the most common form of HTTP tunneling.

Answer 30

HTTP Connect

Question 31

A disadvantage of HTTP Connect is that it only supports ___ traffic, not UDP.

Answer 31

TCP