Term
| Data encryption technology that uses 3 56-bit keys with an effective security of 112 bits... |
|
Definition
| Triple DES (TDES) or 3DES |
|
|
Term
| 1 of the 3 vital functions of a VPN occurs at the senders end. What is it? |
|
Definition
|
|
Term
| Before Asymmetric Encryption begins, what must happen to the public key? |
|
Definition
| A Certificate Authority (CA) must issue a digital certificate certifying the entities identity |
|
|
Term
| VPN Anti-replay protection can use several different methods. Name 2. |
|
Definition
Use of one time tokens
Use of one time sequence of numbers |
|
|
Term
| VPN Terminology: Anti-replay protection (or "replay protection") |
|
Definition
| Protection against a malicious repeat and/or delay of a valid transmission |
|
|
Term
| What 3 protocols can be used to create a VPN tunnel? |
|
Definition
| Generic Routing Encapsulation (GRE), Layer 2 Tunneling Protocol (L2TP) IP Security (IPSEC) |
|
|
Term
| IPSec is the best choice as a VPN tunneling protocol for what 2 reasons? |
|
Definition
| Encryption and authentication are possible (but only unicast traffic is supported - GRE or L2TP support multicast traffic) |
|
|
Term
| Secure Shell (SSH) and Secure/Multipurpose Internet Mail Extensions (S/MIME) run at what OSI model layer? |
|
Definition
|
|
Term
| Which IPSec protocol protects data integrity but does not provide data confidentiality (data encryption)? |
|
Definition
Authentication Header (AH) provides:
Data origin authentication
Data integrity
Anti-replay protection (optional) |
|
|
Term
| Of the 3 vital functions offered by VPNs, which occur at the receiver end? |
|
Definition
| Data origin authentication, Integrity |
|
|
Term
|
Definition
| "Client-initiated" and "Network Access Server-initiated" |
|
|
Term
| VPN Terminology: Data Origin Authentication |
|
Definition
| Guarantees that the data originated from a specific endoint |
|
|
Term
| Web browser VPNs use what means of encryption? |
|
Definition
| Secure Socket Layer (SSL) |
|
|
Term
| Data encryption technology that is the most secure and rapidly becoming the world standard... |
|
Definition
| Advance Encryption Standard (AES) |
|
|
Term
| What is "Symmetric Encryption" |
|
Definition
| One key is used for both encryption and decryption. DES and TDES use this method. |
|
|
Term
| VPNs offer what 3 vital functions? |
|
Definition
| Data origin authentication, Encryption, Integrity |
|
|
Term
| Data encryption technology that uses a 56-bit key... |
|
Definition
| Data Encryption Standard (DES) |
|
|
Term
| Secure Socket Layer (SSL) runs at what OSI model layer? |
|
Definition
| Transport (L4) although some documentation lists it at Presentation (L6) |
|
|
Term
| VPN tunneling protocols GRE and L2TP share what one major drawback? |
|
Definition
| Neither offers an encryption scheme |
|
|
Term
| Which key encryption scheme uses "stream algorithms" and "block algorithms"? |
|
Definition
Symmetric encryption
Stream algorithms - encryption/decryption occurs a bit or byte at a time
Block algorithm - 64-bit blocks of data are encrypted/decrypted as a whole |
|
|
Term
| RSA uses what type of encryption scheme? |
|
Definition
| Asymmetric Encryption or a "public key encryption scheme" |
|
|
Term
| VPN Terminology: Data Integrity |
|
Definition
| Recipient is guaranteed that the received data is the same as the transmitted data |
|
|
Term
| The VPN tunneling protocols GRE and L2TP run at what OSI model layer? |
|
Definition
|
|
Term
| What algorithm allows the exchange of secret keys over a non-secure communications channel? |
|
Definition
The Diffie-Hellman algorithm
sometimes called "exponential key agreement" |
|
|
Term
| IPSec is the combination of these 3 protocols |
|
Definition
Authentication Header (AH)
Encapsulating Security Payload (ESP)
Internet Key Exchange (IKE) |
|
|
Term
| Which IPSec protocol encrypts the data in the packet? |
|
Definition
Encapsulating Security Payload (ESP)
It in more processor-intensive than AH and requires strong cryptograpy which isn't always available or allowed. |
|
|
Term
| What is the difference between ESP/AH "Tunnel Mode" and "Transport Mode"? |
|
Definition
Tunnel Mode - IPSec gateways handle the packet encryption transparent to end hosts
Transport Mode - End hosts (not gateways) perform the encapsulation |
|
|
Term
| VPN terminology: Data Confidentiality means... |
|
Definition
| Only devices that should see the data unencrypted will |
|
|
