Week 6 - Network Secuty Defence Flashcards
Learn about VPNs, TLS, Firewalls and other netowkr security protocols.
What is a VPN?
A security mechanism that assists in communications over a public or insecure network by making it more secure. It does so by temporarily extending a private network across a public one to send communications.
What are two common uses of VPN?
Remote access and site-to-site.
Explain remote access
Remote access let’s single users connect to the protected company network while not currently on that network. Commonly used when a user working remotely or from home.
Explain site-to-site
Site-to-site supports connections between two protected company networks. Commonly used when a company has two networks (e.g. A network for each company branch/location) and they need to access each others resources.
What are the three types of VPN?
1 Trusted
2 Secure
3 Hybrid
Explain how a Trusted VPN works.
A private dedicated line maintained by a provider, that can be leased to customers to create customisable secure private networks that can only be used by the customer.
Explain how a Secure VPN works.
Uses protocols and encryption to ensure safe and secure communication between the intented parties over aa untrusted public network.
Why do we use Secure VPNs over Trusted VPNs?
Because Trusted VPNs are very expensive to maintain, and the Internet has become more commonplace as the primary public network.
Explain what a Hybrid VPN is.
It is a combination of Trusted and Secure VPN techniques.
What security mechanisms are used in Secure VPNs?
1 Authentication
2 Tunneling
3 Encryption
What happens during the authentication protocol stage of Secure VPNs?
The client sends a request to the VPN server for a connection to be made.
The VPN server asks the client to identify themselves.
The client authenticates themselves.
If authentication is valid, then the VPN can move forward.
What happens during the Tunnelling stage of Secure VPNs?
The VPN creates a tunnel on the network.
The data packet is encapsulated in another packet which is addressed using the IP address of the target server.
The data packet is sent through the tunnel to the other network.
The other network removes the layer of encapsulation and extracts the local address in the packet and delivers it to the correct user on the network.
What happens during the encryption stage of Secure VPNs?
Packets sent through the tunnel created by the VPN are still encrypted with an encryption protocol. This is because although tunnel are secure, they can still be sniffed. The encryption happens in either transport mode or tunnel mode.
What is transport mode encryption?
Encryption is performed as the data packet is created.
What is tunnel mode encryption?
When encryption happens as the data packet is being transmitted through the tunnel.
What is a digital certificate?
A collection of data which associates a public key with a server.
What is a certificate authority?
A trusted third party who verifies a server belongs to the entity claiming it using a digital certificate and associates the public key with that server.
What is a certificate signing request?
A request made by an entity to a certificate authority when they want to create a new server. It is a block of text nornalinng in ASN 1. It contains a public key, the name for the server, the organisation name, the unit/department which is responsible for the server, as well as some other lesser data like details of the person responsible for the server.
What does ASN stand for?
Abstract syntax notation.
What data is contained in digital certificate?
A name, the time frame which it is valid for, who it was issued by, the owners public key, and the certificate authority who signs the certificate.
What does a certificate authority do when they receive a certificate signing request?
They first make authenticate the server and public key belongs to the entity who send the request. This can be done many ways, e.g. Domain validation. Once validated, the authority can take the public key provided in the request and associate it with that company and the certificate.
What is domain validation?
When an email is sent to an admin response for a specific domain, the email should include an authentication token or link. If the link is used then the admin has proved they have a level of access to that domain and thus are validated.
How does a client know that a certificate is valid and how to trust the certificate authority?
Because computers come pre-installed with a number of certificate on the OS, including VeriSign. This means that the computer already has the public key for VeriSign and thus can encrypt/decrypt valid data from VeriSign.
What is TLS?
A protocol that allows a client to communicate with a server safely to agree on a symmetric key for encryption and to allow the client to authenticate the server.
Where is TLS commonly used?
The Internet, to deliver secure https pages.
What is TLS the succesor to?
SSL.