Brainscape's Knowledge GenomeTM

Browse over 1 million classes created by top students, professors, publishers, and experts.


See full index

CS457 > Network & Internet Security > Flashcards

Network & Internet Security Flashcards

1
Q

IPSec Modes of Operation

A

Transport Mode-IPSec header protects rest of packet and maybe IP header
Tunnel Mode-IPSec header and new IP header protect original payload

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

Security Associations

A 
Contract between sender and receiver
Determines IP protocols, keys, etc.
One for inbound and outbound traffic
Hosts store their SAs in a SA database
Identified by SPI, IP of dest, AH or ESP
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

Anti-Replay Mechanism

A

SN starts at 0 when new SA is negotiated
++SN when new packet sent
N is largest sequence number seen so far
Packets with SN between N-W+1 and N are accepted only once
Packets with SN <= N-W aren’t accepted at all

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

Authentication Header

A

Transport Mode-Authenticated except for mutable fields
Tunnel Mode-Authenticated except for mutable fields in the new IP header
MAC computed over entire packet

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

Encapsulation Security Protocol

A

Transport Mode-Orig IP hdr || ESP hdr || TCP || Data || ESP trlr || ESP auth (opt); auth ESP hdr-ESP trlr; encr TCP-ESP trlr
Tunnel Mode-New IP hdr || ESP hdr || Orig IP hdr || TCP || Data || ESP trlr || ESP auth (opt); auth ESP hdr-ESP trlr; encr Orig IP hdr-ESP trlr

How well did you know this?
1
Not at all
2
3
4
5
Perfectly

CS457 (7 decks)

Brainscape helps you reach your goals faster, through stronger study habits.
© 2024 Bold Learning Solutions. Terms and Conditions