VPN Concentrators 2.1 Flashcards

1
Q

Virtual Private Network

A

An encrypted tunnel. There are hardware and software based VPN options. Sometimes client software will have the VPN built into the OS.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

VPN Concentrator

A

An encryption/decryption device. Often integrated into a firewall. Designed to secure multiple, conversations into one channel.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

Remote Access VPN

A

Has on-demand access from a remote device. Software connects to a VPN concentrator. Some software can be configured as always on.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

TLS VPN (Transport Layer Security)

A

Uses TLS protocol (TCP/443) Very common use, most networks allow this to flow freely.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

Full VPN Tunnel

A

Full VPN tunnels route all traffic through the VPN.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

Site to Site VPN

A

Always, or almost always on. Firewalls act as VPN concentrators.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

IPSec (Internet Protocol Security)

A

Security for OSI Layer 3. Authentication and encryption for every packet. Confidentiality and integrity/anti-replay. Very standardized and common. Different firewall brands should have no problem communicating together. Two core IPSec protocols. Authentication Header (AH), Encapsulation Security Payload (ESP). Can do both AH and ESP simultaneously or individually.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

Modes of IPSec

A

Transport mode and Tunnel mode.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

Authentication Header (AH)

A

Hash of the packet and a shared key. MD5, SHA-1, or SHA-2 are common. Adds AH to the packet header.

(IPSec Datagram in Tunnel Mode)
New IP Header || AH Header || IP Header || Data

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

Encapsulation Security Payload (ESP)

A

Encrypts the packet. MD5, SHA-1, or SHA-2 for hash and 3DES or AES for encryption. Adds a header, a trailer, and an Integrity Check Value.

(IPSec Datagram with ESP in Tunnel Mode)
New IP Header || ESP Header || IP Header || Data || ESP Trailer || Integrity Check Value

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

TLS

A

Transport Sockets Layer - the successor to SSL

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

Split VPN Tunnel

A

Split VPN tunnel, remote user will connect to third party site w/o use of VPN tunnel, while still being able to route through the VPN to necessary locations.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly