Remote Access Methods Flashcards
Encapsulating a payload protocol within a delivery protocol to ensure secure transmission is known as what?
Tunnelling
List the 4 types of VPNs
1) Client-to-site (Remote-Access)
2) Host-to-Host VPN
3) Site-to-Site VPN
4) Extranet VPN (allows organizations suppliers/partners to connect to the network)
What’s the main benefit of using a site-to-site VPN for connecting remote offices than other WAN technologies?
It’s cheap!
List the 5 tunnelling protocols covered in CompTIA
1) DTLS
2) L2TP
3) GRE
4) IPsec
5) PPTP
When might you use DatagramTLS?
DTLS is a protocol based on TLS that is capable of securing the datagram (connectionless) transport so you might use it for securing delay-sensitive traffic.
Which tunnelling protocol would you choose if you had to connect networks that used non-TCP/IP traffic?
L2TP (PPTP using GRE can do this but considered obsolete)
Who created L2TP?
IETF
Which data-link layer tunnelling protocol allows access to a VPN using ports TCP 1723 and IP 47?
PPTP
Which technique encapsulates Point-to-Point Protocol (PPP) frames in Internet Protocol (IP) packets using the Generic Routing Encapsulation (GRE) protocol.
PPTP
List 4 characteristics of GRE
1) Uses protocol-type field to transport any Layer 3 protocol
2) It is STATELESS and has NO FLOW CONTROL
3) It has NO ENCRYPTION
4) Create addition OVERHEAD
Which tunneling protocol was designed by the IETF, works at the Network layer of the OSI model and supports both IPv4 and IPv6?
IPSec
Which two major protocols work inside IPSec?
1) AH - Authentication Header (responsible for providing integrity and authentication using Integrity Value Check i.e. IVC)
2) ESP - Encapsulating Security Payload (responsible for encryption)
What do you need to be aware of when tunnelling to NAT networks using IPSec?
The Authentication Header protocol isn’t compatible
What is the difference between IPSec transport and tunnelling modes?
1) Transport mode creates a secure tunnel between two devices (e.g. host to host/host to server)
2) Tunnelling mode creates a secure tunnel between two end points like routers.
What is the key advantage of ISAKMP? Which tunnelling protocol is it integrated into?
It allows for separating out of the method for safely transferring key and authentication independent of the key generation technique.
IPSec
Which layer 2 protocol is commonly used for remote access and provides authentication, encryption and compression services to clients logging in remotely?
Is it routable?
Point-to-Point Protocol
It is not routable. It can be made routable using PPTP
List what happens in the Discovery phase in PPPoE
1) MAC addresses of end-points are exchanged
2) Session ID is created to facilitate further data transmission
3) Point-to-point connection is created
Which remote desktop sharing system similar to RDP uses the remote frame buffer protocol?
VNC (Virtual Network Computing)
if you wanted to create a private network on an intranet what could you use?
an SSL VPN
What is the major difference between the RDP and VNC?
VNC sends raw pixel data while RDP uses graphic primitives (not as high quality basically)
SSL is based on what public key encryption algorithm?
RSA
Which remote access method uses a Terminal Services Client to connect and provides 128-bit encryption using the RC4 algorithm?
Remote Desktop Protocol
List the layers at which the following protocls work at: GRE IPSec L2TP PPTP
GRE - Layer 3
IPSec - Layer 3
L2TP - Layer 2
PPTP - Layer 2
Which web browser security method was deprecated in 2015 in favour of TLS?
SSL
What protocol number is 51 for?
The IPSec Authentication Header
What is the protocol number of the Encapsulating Security Payload (ESP) and the Authentication Header? (AH)
ESP = 50 AH = 51
What uses Internet Key Exchange, what port does it use and what does it do?
IPsec uses IKE over port 500 to authenticate clients in the IPSec conversation before data is transmitted.
