Remote-Access Security Flashcards
RRAS
Microsoft Routing and Remote Access Server
Server feature allowing clients to remotely access network
RDP
Remote Desktop Protocol
user can view / control desktop of remote computer
PPPoE
Point-to-Point Protocol over Ethernet
Between home DSL modem and service provider.
Encapsulates PPP frames within Ethernet frames
PPP
Point-to-Point Protocol
Includes multilink interface, looped link detection, error detection, authentication
Layer 2
ICA
Independent Computing Architecture
Citrix protocol
Application running in one OS can be remotely controlled by another client regardless of OS
SSH
Secure Shell
Securely connect to a remote host
usually uses terminal emulator
Kerberos
Client/server authentication protocol supporting mutual authentication
Uses trusted third party instead of username/password
AAA Server
Authentication, Authorization, Accounting
Single repository of credentials for a network. Allows same credentials for multiple devices
RADIUS
Remote Authentication Dial-In user Service
Protocol to communicate with AAA server.
Only encrypts password in authentication packet.
Robust accounting
TACACS+
Terminal Access Controller Access-Control System Plus
Cisco. Communicates with AAA server.
Three separate sessions for Authentication, Authorization, and Accounting
NAC
Network Admission Control
Performs posture assessment of device attempting to connect.
IEEE 802.1X
Type of NAC.
Supplicant - device seeking admission to network
Authenticator - device supplicant connecting to
Authentication Server - device that checks credentials to permit / deny access
CHAP
Challenge-Handshake Authentication Protocol
One-way authentication for a remote-access connection.
Three-way handshake (challenge, response, acceptance)
MS-CHAP
Microsoft Challenge-Handshake Authentication Protocol
Microsoft-enhanced version of CHAP
Has two-way authentication
EAP
Extensible Authentication Protocol
Performed by 802.1X
