Module G7: Network Tunneling (PE) Flashcards

1
Q

What is a protocol suite that authenticates and encrypts packets of data to provide secure encrypted communication between two computers over an Internet Protocol Network?

IPsec

CPsec

IPv4Sec

None of the above

A

IPsec

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

IPsec was originally developed to cover for IPv4 coming out, enhancing their end to end security via securing applications at which layer in the OSI model?

Layer 1
Layer 2
Layer 3
Layer 4

A

Layer 3

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

What does IPsec allow for the capability to do?

Establish a mutual authentication between agents at the beginning of a session

Negotiation of cryptographic keys to use during the session

Protect data flows between a pair of hosts, a pair of networks, or between a gateway and a host

Use cryptographic security services to protect communications over IP networks

All of the Above.

A

All of the Above

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

Which main protocol provides trusted identification and proof that data was not changed, but does not provide encryption or privacy?

A

Authentication header

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

Which main protocol provides source integrity through source authentication, data integrity through hash functions, and confidentiality through encryption protection for IP packets?

A

ESP

Encapsulated Security Payload

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

Which main protocol is used to negotiate the connection using configurations and preferences at each end of the connection to establish the security protocols to be used?

A

Internet Key Exchange

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

Which version of IKE uses Diffie-Hellman public key exchange over the course of 3 or 6 messages?

A

IKEv1

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

Which version of IKE uses four messages, with built-in NAT functionality and supports Asymmetric authentication?

A

IKEv2

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

Generic Routing Encapsulation (GRE) is a tunneling protcol developed by who?

A

Cisco

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

When encapsulation, GRE uses a process ID (PID) of ___ in the added header?

A

47

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

GRE can encapsulate a wide variety of network layer protocols inside either virtual _________ links or Point-to-Multipoint links over the IP Network?

A

Point-to-Point

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

What provides a secure channel over an unsecured network by using a client–server architecture?

A

ssh

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

SSH is typically used in _____ systems, but can be used on Windows as well.

A

UNIX-like

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

This type of SSH authentication, known as ____ generated, is where users/programs are allowed to log in without needing to specify a password.

A

manually

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

This type of SSH authentication, known as ____ generated, is where each user will use a password to log on.

A

automatically

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

SSH can be used for logging into a remote machine, tunneling, forwarding TCP ports, ___ connections, or transferring files.

A

X11

17
Q

SSL builds the tunnel, encrypts the information, AND ____ the data along the network.

A

routes

18
Q

A major weakness of SSL is that when you are capturing network packets, it shows the ____ of encryption/ciphers that the communication is using.

A

methods

19
Q

____ is the successor to Secure Sockets Layer (SSL) as a cryptographic protocol that provides secure communications over networks.

A

TLS

20
Q

TLS is widely used in email, Instant Messaging, VoIP, and most notably in ____.

A

https

21
Q

Encryption for TLS is performed at the ____ _____ _____.

A

TCP Socket Layer

22
Q

______ is the most basic version of TLS and has many vulnerabilities.

A

TLSv1.0

23
Q

______, like 1.0, holds more security issues than later versions, and while it is very common, should not be used.

A

TLSv1.1

24
Q

______ is the most secure version of TLS today, offering the least vulnerability surface compared to the rest.

A

TLSv1.2

25
Q

______ was released to make IoT devices compatible with secure communication, sacrificing some security for more speed.

A

TLSv1.3

26
Q

Prior to HTTP Tunneling, people used HTTP _____.

A

proxying

27
Q

HTTP Proxying, much like the protocol, is _____, which is rarely useful.

A

unencrypted

28
Q

Because of unencryption, for reliable securtity, _______ Encryption is needed to protect your data from the proxy.

A

end-to-end

29
Q

_____ _____is the more encrypted version of HTTP Proxying.

A

HTTP Tunneling

30
Q

_____ _____is the most common form of HTTP tunneling.

A

HTTP Connect

31
Q

A disadvantage of HTTP Connect is that it only supports ___ traffic, not UDP.

A

TCP