Term
| ___ ___ and ___ ___ Protocol is a framework defining procedures for authentication, creation and management of security associations (SAs), key generation techniques, and threat mitigation. |
|
Definition
| Internet Security and Key Management Protocol (ISAKMP) |
|
|
Term
| ISAKMP is a framework, not a ___ or application. |
|
Definition
|
|
Term
| __-__-__ __ protocol creates a secure tunnel between two points on a network, over which other connectivity protocols such as PPP can be used. |
|
Definition
| Point-to-Point Tunneling Protocol (PPTP) |
|
|
Term
| Point-to-Point Tunneling Protocol (PPTP) is the basis for creating a ___ ___ network. |
|
Definition
| virtual private network (VPN) |
|
|
Term
| With PPTP, a TCP connection known as a PPTP ___ connection creates and maintains the communication tunnel. |
|
Definition
|
|
Term
| The PPTP control connection exists between the IP addresses of the PPTP ___ and ___. |
|
Definition
|
|
Term
| The PPTP control connection uses a ___ port on the server and a ___ port on the client. |
|
Definition
|
|
Term
| The PPTP control connection passes the PPTP ___ and ___ messages between the remote system and the server. |
|
Definition
|
|
Term
| PPTP can both ___ and ___ communications. |
|
Definition
|
|
Term
| PPTP does not use a ___ ___ but does use a user ID and password. |
|
Definition
|
|
Term
| PPTP uses the same authentication methods as ___, including MS-CHAP, CHAP, PAP, and EAP. |
|
Definition
|
|
Term
| ___ ___ ___ protocol is a combination of PPTP and Cisco L2F technology |
|
Definition
| Layer 2 Tunneling Protocol (L2TP) |
|
|
Term
| L2TP uses ___ to deliver data. |
|
Definition
|
|
Term
| L2TP authenticates the ___ and then the ___. |
|
Definition
|
|
Term
| By authenticating the computer, ___ Protocol prevents data from being intercepted, changed, and returned to the user in a man-in-the-middle attack. |
|
Definition
| Layer 2 Tunneling Protocol (L2TP) |
|
|
Term
| Unlike IPSec, which operates at the network layer of the OSI model, L2TP operates at the ___ layer, making it protocol-independent. |
|
Definition
|
|
Term
| An L2TP connection can support protocols other than ___, such as AppleTalk and Novell’s legacy IPX. |
|
Definition
|
|
Term
PPTP vs. L2TP
___ has been around longer, so it offers more interoperability |
|
Definition
|
|
Term
PPTP vs. L2TP
___ offers greater security |
|
Definition
|
|
Term
PPTP vs. L2TP
___ is an industry standard. |
|
Definition
|
|
Term
PPTP vs. L2TP
___ supports common public key infrastructure technology. |
|
Definition
|
|
Term
PPTP vs. L2TP
___ is easier to configure because it doesn't use digital certificates. |
|
Definition
|
|
Term
PPTP vs. L2TP
___ provides support for header compression. |
|
Definition
|
|
Term
PPTP vs. L2TP
___ has less overhead |
|
Definition
|
|
Term
| The ___ ___ protocol is designed to provide secure communications between systems. |
|
Definition
|
|
Term
| IPSec can both ___ and ___ network transmissions. |
|
Definition
|
|
Term
| ___ is composed of two separate protocols: Authentication Header (AH) and Encapsulating Security Payload (ESP). |
|
Definition
|
|
Term
| In IPSec, ___ ___ provides authentication and ___ ___ ___ provides encryption. |
|
Definition
Authentication Header (AH)
Encapsulating Security Payload (ESP) |
|
|
Term
| IPSec operates at the ___ layer of the OSI model and provides security for protocols that operate at the higher layers. |
|
Definition
|
|
Term
| IPSec can be used only on ___ networks. If a different network protocol is used, you need a different security protocol such as L2TP. |
|
Definition
|
|
Term
| The scope of a VPN tunnel can vary, with the two most common variations being ___-to-site and ___-to-site. |
|
Definition
|
|
Term
| In a site-to-site VPN, entire ____s are connected. |
|
Definition
|
|
Term
| In a site-to-site VPN, clients do not need to have VPN ___ software. |
|
Definition
|
|
Term
| In a ___-___-___ VPN, individual clients (such as telecommuters or travelers) connect to the network remotely. |
|
Definition
|
|
Term
| In a client-to-site implementation, each client must have ___ client software installed. |
|
Definition
|
|
Term
| ___ ___ describes the mechanisms used to filter network traffic to determine who is allowed to access the network and its resources. |
|
Definition
|
|
Term
| Firewalls, proxy servers, routers, and individual computers all maintain some degree of ___ control. |
|
Definition
|
|
Term
| ___ access control is the most secure form of access control. |
|
Definition
| Mandatory access control (MAC) |
|
|
Term
| In systems configured to use ___ access control, administrators dictate who can access and modify data, systems, and resources. |
|
Definition
|
|
Term
___ access control systems are
commonly used in military installations, financial institutions, and medical institutions. |
|
Definition
|
|
Term
| Mandatory Access Control secures information and resources by assigning ___ labels to objects and users. |
|
Definition
|
|
Term
| ___ access control is controlled by an object’s owner rather than an administrator. |
|
Definition
| discretionary access control (DAC) |
|
|
Term
| ___ access control is configured using permissions and an access control list. |
|
Definition
|
|
Term
| ___-___ access control allows or denies access to objects according to established rules. Routers and firewalls are good examples. |
|
Definition
|
|
Term
| In practical application, rule-based access control is a variation on ___ access control. |
|
Definition
|
|
Term
| In ___-___ access control, access decisions are determined by the roles individual users have within the organization. |
|
Definition
| role-based access control (RoBAC) |
|
|
Term
| ___-based access control requires the administrator to have a thorough understanding of how an organization operates, the number of users, and each user’s exact function. |
|
Definition
|
|
Term
| Granting roles no more than the privilege level required to do the job is known as the ___ ___ concept. |
|
Definition
|
|
Term
| All the major operating systems include built-in support for ___ access. |
|
Definition
|
|
Term
| ___ ____ ____ is a remote-access solution included with Windows Server products. |
|
Definition
| Remote Access Service (RAS) |
|
|
Term
| Any system that supports the appropriate dial-up protocols, such as PPP, can connect to a___ ___ server. |
|
Definition
| Remote Access Server (RAS) |
|
|
Term
| ___ supports remote connectivity from all the major client operating systems available today, including all newer Windows OSs |
|
Definition
|
|
Term
| The standard remote-access protocol in use today, ___-___-___ Protocol is actually a family of protocols that work together to provide connection services. |
|
Definition
| Point-to-Point Protocol (PPP) |
|
|
Term
| ___-___-___ protocol provides security unavailable in SLIP, including authentication and encryption. |
|
Definition
| Point-to-Point Protocol (PPP) |
|
|
Term
| PPP lets administrators choose which ___ protocol to use over a remote link. |
|
Definition
|
|
Term
| PPP accommodates a number of ___ protocols, and it’s possible on many systems to configure more than one |
|
Definition
|
|
Term
| PPP ___ protocols include CHAP, MS-CHAP, MS-CHAP v2, EAP, and PAP. |
|
Definition
|
|
Term
| An upgrade to ___ from Serial Line Internet Protocol (SLIP) can solve connectivity problems on a network. |
|
Definition
|
|
Term
| __-__-__ __ __ __ is a protocol used to connect multiple users on an Ethernet LAN to a remote site through a common device. |
|
Definition
| Point-to-Point Protocol over Ethernet (PPPoE) |
|
|
Term
| PPPoE is a combination of ___ and the Ethernet protocol |
|
Definition
|
|
Term
| Using ___ allows all users on a network to share the same DSL, cable modem, or wireless connection to the Internet. |
|
Definition
|
|
Term
| PPPoE enables ISPs or administrators to bill or track access on a per-___ basis rather than a per-___ basis. |
|
Definition
|
|
Term
| PPPoE connections require the same ___ information as standard dialup phone accounts. |
|
Definition
|
|
Term
| The PPPoE communication process has two stages: ___ and the ___ ___. |
|
Definition
|
|
Term
The PPPoE ___ stage uses four steps to establish the connection:
initiation
offer
request
session confirmation |
|
Definition
|
|
Term
| ___ access control restricts access to the network based on identity or posture. |
|
Definition
| Network Access Control (NAC) |
|
|
Term
| A ___ assessment is an evaluation of a system’s security based on settings and applications discovered on the system. |
|
Definition
|
|
Term
| ___ ___ Protocol lets a Windows client system connect to a server and operate on the server as if it were a local client. |
|
Definition
| Remote Desktop Protocol (RDP) |
|
|
Term
| With ___ client computing, client systems use the resources of the server instead of their local processing power. |
|
Definition
|
|
Term
| Remote Desktop Protocol (RDP) does not actually send ___ over the connection — only screenshots and client keystrokes. |
|
Definition
|
|
Term
| Originally created for UNIX systems, ___ ___ is a tunneling protocol that uses encryption to establish a secure connection between two systems for Telnet, FTP,and other communications oriented applications. |
|
Definition
|
|
Term
| Although it is available in Windows and other operating systems, ___ ___ is the preferred method of security for Telnet and other cleartext-oriented programs in the UNIX environment. |
|
Definition
|
|
Term
| SSH uses port __ and the ___ _Protocol. |
|
Definition
22
Transport Control Protocol (TCP) |
|
|
Term
| ___ ___ ___ and,Citrix ___ ____ ____ are examples of thin client computing. |
|
Definition
Remote Desktop Protocol (RDP)
Independent Computing Architecture (ICA) |
|
|
Term
| When configuring security for wireless networks, filtering by ___ address is a common practice. |
|
Definition
|
|
Term
| In MAC filtering security, MAC addresses can be added to an “allow” or “deny” __ __ __. |
|
Definition
| Access Control List (ACL) |
|
|
Term
| ___ filtering can be used with an ACL. |
|
Definition
|
|
