Security Architecture 4

Question 1

VPN Concentrator

Answer 1

• Device or software that functions as endpoint for everyone connecting to it
• Often integratd in Firewall

Question 2

Explain how Data forwarding works in an encrypted tunnel

Answer 2

1. Original Data packet consists of IP header and Data
2. Both get encrypted
3. IPsec header to identify where packet started
4. IPsec trailer to identify where it ended
5. Add new IP header to point to the right concentrator

Question 3

SSL/TLS VPN

Answer 3

• Authenticate users
• No big VPN clients (often single devices)
• Uses common SSL/TLS protocol (tcp/443)
• On-demand access from remote device
• Software connects to VPN concentrator

Question 4

Site-to-site IPsec VPN

Answer 4

• Connects larger sites
• Always on
• Firewalls often act as concentrators

Question 5

SD-WAN

Answer 5

• Software defined networking in Wide Area network
• Allows cloud based applications to communicate directly to the cloud instead of hopping through central point

Question 6

SASE

Answer 6

Secure Access Service Edge
* Next generation VPN
* Secures Access for cloud services

Question 7

Which Types of Data classifications are there?

Answer 7

Proprietary
* Property of organization

PII
* Personally Identifiable Information

PHI
* Health Information associated with individual

Question 8

What is Data Souvereignity

Answer 8

Data that resides in country is subject to laws of that country
* Exp. Storage of data

Question 9

Server Clustering

Answer 9

Combining two or more servers that appear and operate as a single large unit
* User sees only one device
* Easy to scale up
* Usually configured in OS